Tashkent, Uzbekistan (UzDaily.com) — The Ministry of Justice has registered regulations on minimum cybersecurity requirements for banks in Uzbekistan, according to the ministry’s official legal information channel.

The document, prepared by the Central Bank, sets out key standards for protecting the information systems of credit institutions. In particular, banks are required to establish dedicated information and cybersecurity departments responsible for safeguarding information assets and preventing cases of unauthorized modification of payment data, as well as potential damage to banks and their clients.

Credit institutions must also develop internal information security policies and implement measures to reduce risks of errors in database configuration. Special emphasis is placed on preventing malicious activities, including unauthorized access to databases, disclosure of administrator and user passwords, interference with system files, installation of malware, and remote attacks on servers and databases.

Cybersecurity departments are required to monitor electronic protocols of firewalls and proxy servers. Upon detecting signs of external attacks, they must immediately notify the Central Bank.

In April this year, President Shavkat Mirziyoyev approved measures to strengthen the fight against cybercrime, stressing the priority of financial security for clients in the daily operations of banks, payment systems, and services.

In cases of non-compliance with information and cybersecurity rules, institutions will be obliged to compensate clients for damages at their own expense.

Furthermore, the president expanded the Central Bank’s authority in combating cybercrime and instructed the implementation of anti-fraud systems in the banking sector by 1 September.