Banks in Kyrgyzstan are now required to introduce anti-fraud systems to strengthen customer protection. The corresponding resolution was adopted by the Board of the National Bank. The document was published on the bank’s website.
The new rules apply to operational risk management. Commercial banks must implement comprehensive mechanisms to counter both internal and external fraud, aimed at enhancing the stability of the banking system and protecting clients from financial crimes.
Under the regulation, banks are required to:
- Develop and annually update an anti-fraud policy for remote banking services;
- Conduct continuous monitoring of all outgoing transactions — including international transfers, loans, cash withdrawals, and QR code payments;
- Assign each transaction a risk level (low, medium, or high);
- Verify suspicious transactions and store related data for at least five years;
- Maintain a registry of phone numbers, identifiers, and other attributes linked to fraudulent activity.
Banks are also granted the right to suspend transactions suspected of fraud for up to 30 days. Clients must be notified, and all actions must be documented and reported to the National Bank.
In addition, the bank updated its instructions on managing bank accounts and deposits. Banks may now temporarily block outgoing transactions if deemed suspicious under anti-fraud system requirements.
The resolution will take effect in 15 days after official publication. Some provisions related to anti-fraud systems will come into force on March 1, 2026.
