National Bank of Ethiopia (NBE) puts in place a directive that will see core banking services receiving mandatory IT support.
The directive that is set to take full effect in 2-years’ time as of April 1, sees the regulator setting the standard so as to strengthen the core operations of banks.
Similarly, bankers have openly welcomed the new directive citing that it will boost the banking industry as it preps for stiff competition when it opens its doors to other international banks.
Experts explained that thus far, the banking industry was in part through its due diligence pushing for excellence to modernize its operations and business, though it was not a requirement by NBE.
Bank presidents like Asfaw Alemu, President of Dashen Bank, which is one of the strongest when it comes to technology investment in the financial sector activity, said that the new directive of the regulatory body is beyond core banking implementations that the financial sectors conducted in the past.
He said that it is pivotal for banks to invest in IT, “banks have different investments on information technology to which the new directive will give the required framework for their investments and brings them to the standard on the sector.”
Asfaw reminded that at its core the directive requires banks to have policies and strategies for the implementation and administration of modern technology.
The ‘requirements for information technologies (IT) management of banks directive no. SBB/83/2022’ in its preamble said that the business process supported by IT improves the efficiency, effectiveness and competitiveness of a bank and added that some banks are running their operations manually or their operations are inadequately supported with IT.
The directive argued that it has become important to require banks to automate at least their core business processes and their management information system.
“Risk related to the usage of IT should be adequately and periodically identified and managed to ensure the safety and soundness of individual banks and the banking sector as a whole,” it further adds explaining why the directive was issued.
The directive said that banks are supposed to allocate finance and human resource for the effective implementation of IT strategy and IT risk management programs.
Article four sub-article, one and two of the directive stated the requirement that a bank shall describe and include the role of IT in its business strategy, and develop and implement an IT strategy.
Sub article three of article four stated that an IT strategy shall be aligned with the bank’s business strategy and shall cover likes of assessment of IT opportunities, threats and internal strengths and weaknesses to manage information technologies, assessment of stock of existing IT and planned ones to be introduced in the future, strategies to ensure security in the usage of IT, and identification of IT initiatives to achieve indicated objectives.
The directive included that the bank shall develop and implement IT governance, including duties and responsibilities of the board, senior management IT department, risk management and internal audit functions and other relevant organs of the bank.
Formation of IT department, policies and procedures, and annual IT plan with an allocation of duties and responsibilities among all responsible organs of the bank are also expected to be developed and implemented.
Article five stated that a bank shall fully automate at a minimum its core business processes, “so as to improve the efficiency and effectiveness of its operation, customer service delivery and risk management, among others.”
It imposed that the automated core business of a bank shall be interoperable with one another to ensure automated data sharing and communication among the IT systems.
The automated system is required to support the generation of periodic operational and financial performance reports of the various businesses of the bank, proper exercise of shareholders’ rights including getting the necessary and relevant information, and generation of periodic supervisory returns or reports as required by NBE.