September 11: Nepal Rastra Bank has directed banks and financial institutions to develop “effective strategy” for protecting their information technology system. The central bank has also instructed BFIs to audit their information technology system.

Earlier, BFIs had to audit only the core banking system but now it has become mandatory for them to audit their IT system as well.

The central bank issued such circular to BFIs on Tuesday (September 10) to minimize the risk of cyber attacks.

The central bank has demanded security audit of IT system and immediate rectification if any anomalies are suggested by the audit report.

NRB has also instructed BFIs to make necessary arrangement for capacity building of staff and customers.

The information technology used in Nepal has come under scrutiny after the recent cyber attack on August 31 in which Chinese nationals stole millions from banks by hacking the ATMs.

Following the heist, the central bank has stepped up efforts to secure the information technology system used by BFIs.