In light of a recent analysis highlighting a surge in cybersecurity threats during long weekend public holidays, the Sacco Societies Regulatory Authority (SASRA) has urged regulated Savings and Credit Cooperatives (SACCOs)t o enhance their cybersecurity monitoring and surveillance.
This warning comes ahead of the upcoming Easter Holidays Weekend, which will take place from Friday, April 18, 2025, to Monday, April 21, 2025.
According to the Authority, periodic monitoring of cyber threats within the regulated SACCO subsector indicates that the majority of security breaches occur in the last twelve hours leading up to these long weekends, as well as during late evening and early night hours throughout the holidays.
In response, the organization has called on all regulated SACCOs, including both Deposit-Taking (DT) SACCOs and regulated Non-Deposit-Taking (Non-WDT) SACCOs, to reinforce their cybersecurity protocols. This includes increased vigilance over Management Information Systems (MIS), digital financial delivery channels, and other ICT infrastructures that facilitate member financial services.
Key areas of focus include:
- Electronic Access Risks: As ATMs, mobile money, and internet banking channels remain susceptible to cyber threats, SACCOs must ensure heightened security, particularly during these holiday periods.
- Third-Party Vulnerabilities: SACCOs offering services through third-party vendors, especially those managing “Pay Bill float accounts” or digital credit products, are warned to communicate this alert to their partners to implement robust security measures.
- Internal Controls: It is essential for SACCOs and their third-party vendors to establish stringent internal controls to prevent insider threats, particularly in relation to members’ FOSA savings accounts and electronic fund transfers.
SASRA emphasizes that immediate actions are necessary to detect and prevent potential cyber-attacks, ensuring the safety of members’ funds during the Easter holidays.
“Periodic analysis and intelligence monitoring the trends of the cyber-threats and security breaches in the Regulated SACCO subsector shows that a majority of the cyber-security breaches and attacks mostly occur during the long-weekend public holidays. The trends equally show that these breaches and attacks are predominantly perpetrated during the last twelve (12) hours prior to the commencement of the long-weekend public holidays; and during the late evening and early night hours over the long-weekend public holidays.”
~ SASRA statement signed by Peter Njuguna, CEO.
Additionally, Regulated SACCOs and their third-party system vendors and integrators (where applicable), must institute round-the-clock internal control measures to detect and prevent insiders (employees) from colluding with third parties committing such cyber-attacks and breaches. Special attention should be given to activities related to –
- a) The electronic and/or digital accessibility of members’ FOSA savings accounts;
- b) The linking or requests for linking of such FOSA savings accounts to mobile phone numbers;
- c) The electronic and/or digital linkages of mobile phone numbers to funds held in mobile money wallets and/or mobile money float accounts and/or mobile money pay-bills and/or any other settlement accounts (wherever held); and
- d) Unusual funds transfers originating from third-party financial institutions into SACCO Societies’ Paybills or Mobile Walllets or such other digital aggregation accounts.
