Bangladesh Bank has introduced a new policy titled “Cybersecurity Framework, Version 1.0 (2026)” to address growing cyber risks in the country’s financial sector. The framework, issued on Sunday, requires all scheduled banks, financial institutions, mobile financial service providers, payment service providers, and payment system operators to fully implement the guidelines by December 31, 2026. The central bank stated that the expansion of online services, digital platforms, and interconnected networks has increased both efficiency and cyber threats.

According to the circular, cyberattacks such as hacking, phishing, malware, ransomware, and data theft pose significant risks of financial loss, reputational damage, and service disruption. The framework emphasizes safeguarding customer data, ensuring system integrity, and maintaining technological resilience. It includes provisions on governance, risk management, data protection, network security, access control, incident management, third-party risk, compliance, and staff training.

The framework sets minimum cybersecurity standards for financial institutions, aiming to strengthen resilience and protect sensitive information. Institutions are instructed to adopt effective risk management strategies, conduct regular monitoring, and promote awareness through training programs.