RESOLUTION OF BOARD OF NATIONAL BANK OF THE KYRGYZ REPUBLIC

of October 31, 2025 No. 2025-P-14/59-1-(PS)

About approval of the Provision "About the Minimum Requirements to System of Counteraction to Internal and External Fraud (Antifrod) in the Payment Organizations / Operators of Payment Systems of the Kyrgyz Republic"

According to Articles 5, "About National Bank of the Kyrgyz Republic" and article 26 of the Law of the Kyrgyz Republic "About payment system of the Kyrgyz Republic" the Board of National Bank of the Kyrgyz Republic decides 9 and 64 constitutional Laws of the Kyrgyz Republic:

1. Approve the Provision "About the Minimum Requirements to System of Counteraction to Internal and External Fraud (Antifrod) in the Payment Organizations / Operators of Payment Systems of the Kyrgyz Republic" it (is applied):

2. To legal management:

- from the date of receipt of the relevant documents within 3 (three) working days to publish this resolution on the official website of National Bank of the Kyrgyz Republic;

- after official publication to send this resolution to the Ministry of Justice of the Kyrgyz Republic for inclusion in the State register of regulatory legal acts of the Kyrgyz Republic.

3. This resolution becomes effective after 15 (fifteen) days from the date of official publication, except for Items 6-9 and 23-24 of the Provision "About the Minimum Requirements to System of Counteraction to Internal and External Fraud (Antifrod) in the Payment Organizations / Operators of Payment Systems of the Kyrgyz Republic" (appendix to this resolution) which become effective since March 1, 2026.

4. To management of methodology of supervision from the date of receipt of the relevant documents within 3 (three) working days to bring this resolution to the attention of operators of payment systems and payment institutes of the Kyrgyz Republic, Consolidation of legal entities "Association of operators of KG (KEY-DZHI) payment service providers".

5. To department "Secretariat of Board" within 3 (three) working days to bring this resolution to the attention of the relevant structural divisions, regional managements and Representative office of National Bank of the Kyrgyz Republic in Batken Province.

6. To impose control of execution of this resolution on the board member of the National Bank of the Kyrgyz Republic supervising management of methodology of supervision.

Appendix

to the Resolution of Board of National Bank of the Kyrgyz Republic of October 31, 2025 No. 2025-P-14/59-1-(PS)

Provision "About the Minimum Requirements to System of Counteraction to Internal and External Fraud (Antifrod) in the Payment Organizations / Operators of Payment Systems of the Kyrgyz Republic"

Chapter 1. General provisions

1. This Provision "About the Minimum Requirements to System of Counteraction to Internal and External Frauds (Antifrod) in the Payment Organizations / Operators of Payment Systems of the Kyrgyz Republic" (further – the Provision) is applied as the main mechanism of counteraction to internal and external fraud in information systems of payment institutes and operators of the payment systems, including in case of discrepancy which are available in information systems of payment institutes and operators of payment systems of algorithms of counteraction to internal and external frauds to requirements of this head of this provision.

2. Requirements of this provision extend to payment institutes and operators of the payment systems performing activities based on the license of National Bank of the Kyrgyz Republic.

3. The payment organization / operator of payment system shall provide availability and effective functioning of system of counteraction to internal and external frauds (antifrod-system) corresponding to scales, nature and types of their activities according to requirements of this head of this provision.

4. The system of counteraction to internal and external frauds (antifrod-system) shall be directed to protection of interests of users of services of payment institute and the operator of payment system.

Chapter 2. Policy and organizational measures

5. The payment institute and the operator of payment system shall develop, approve by executive body and/or the board of directors (in the presence) and to implement Policy of counteraction to fraud in systems of remote/remote servicing (further – Policy). The policy can be drawn up in the form of the separate document or be component of risk management policy of the payment organization / operator of payment system.

The main requirements of Policy at least shall reflect:

- the aspiration of management confirming commitment to protection of clients/users of services against internal and external fraud in systems of remote/remote servicing;

- the principles of early identification, the prevention and prevention of fraud in systems of remote/remote servicing;

- procedure for application adequate and the timely automated or semi-automated responses to the revealed cases or the attempts of fraud proportional to the estimated risk level;

- measures of the otvetstvennost according to the legislation of the Kyrgyz Republic applied to the staff of the payment organization / operator of payment system for failure to act or inadequate actions in the sphere of counteraction to fraud including monitoring of threats, development and deployment of measures of counteraction, and also response to incidents.

The policy is subject to revision and updating at least once a year.

The internal procedures and documents of the payment organization / operator of payment system regulating counteraction to fraud in systems of remote/remote servicing are subject to revision as required, but at least 1 (one) time in two years, taking into account efficiency of the applied measures, the best international experience and urgent threats.

The payment organization / operator of payment system shall/N integrate the above-stated procedures and documents into risk management system and to provide acquaintance with them of all necessary staff of the payment organization / operator of payment system.

Chapter 3. Technical implementation of antifrod-control

6. The payment organization / operator of payment system shall/N implement system of counteraction to fraud in information systems of remote/remote servicing for prevention of both internal, and external frauds. These systems shall perform monitoring and risk assessment of fraud for each operation performed through systems of remote/remote servicing. Realization of these systems is allowed by two methods:

- in the form of separate, independent program and/or the hardware and software system interacting with the used automated systems of remote/remote servicing;

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info