PCIDSS; Deadline issued to banks and others by CBN

The Central Bank of Nigeria has given banks until November 30, 2014 to abide by the Payment Card Industry Data Security Standards in other to combat the electronic card-related frauds.

Switches and Processors companies were also given the injunction to be PCIDSS-certified on or before the date by the CBN.

According to the Central Bank, Banks and companies which fail to comply with the directive will be severely sanctioned.

The results of the pre-certification assessment carried out by three qualified system assessors appointed by the CBN brought about the deadline.

The Director of the Banking and Payment System department, Mr. Dipo Fatokun sent a circular on the issue which read, ‘Consequent upon our circular on the need to combat card fraud, referenced BPS/DIR/GEN/CIRN/01/08, dated May 25, 2012, mandating all banks to comply with Payment Card Industry Data Security Standards before 31 December, 2012, many requested for an extension of deadline to enable the certification process’.

The Central Bank involved the services of three qualified security assessors to conduct pre-certification assessment of the bank. This was done to determine the readiness of the various operators.

The result of the pre-certification assessment disclosed that while many banks and processors have complied with the standard, some are in various stages of compliance.
Appropriate sanctions would be sited for non-compliance with the provision of the circular, warned the CBN.