The Sacco Societies Regulatory Authority (SASRA) has issued a stern directive to all regulated SACCOs in Kenya to strengthen their cyber-security measures and back up critical data ahead of the long weekends of Good Friday, Easter Monday, and Labour Day.
In a circular dated March 30, 2026, SASRA warned that cyber-attacks and breaches are most likely to occur during public holidays, particularly in the 12 hours before the weekend begins and during late evening and early night hours.
The authority directed all SACCOs, including DT-SACCOs and non-WDT regulated SACCOs, to undertake mandatory offline backups of critical information and enhance monitoring across Management Information Systems (MIS), digital financial channels, and other ICT infrastructure.
SASRA emphasized that institutions using ATMs, mobile money, internet banking, and web-based applications are particularly vulnerable to cyber threats.
“Regulated SACCOs and their third-party vendors must deploy 24/7 cyber-security monitoring solutions, including human response mechanisms, to detect, disrupt, and immediately report any intrusions or attempted intrusions on a real-time basis,” the circular read.
SASRA also highlighted that SACCOs operating “Pay Bill float accounts” through third-party bridges and offering digital credit products are equally at risk and must prioritize constant surveillance.
The notice further cautioned SACCOs against insider collusion, urging them to institute internal controls to prevent employees from cooperating with external parties in committing cyber-attacks.
Special attention must be given to activities including linking of members’ POSA and FOSA savings accounts to mobile numbers or ATM cards, digital fund transfers, and unusual inflows from third-party institutions into SACCO accounts.
SASRA also reminded SACCOs to ensure that all contractual engagements with third-party vendors comply with Circular No. SASRA/GG/1/2023, issued on June 6, 2023.
“Any loss of funds or risk to which a SACCO Society is exposed due to third-party engagements contrary to the Circular shall be visited upon the officers responsible for engaging such vendors and integrators,” The authority warned.
The directive aims to safeguard SACCO funds and ensure uninterrupted and secure service delivery during periods of heightened cyber-risk.
SASRA urged all SACCOs to notify their third-party vendors and integrators of this security alert and to implement the necessary measures without delay.
The authority’s move comes after intelligence and trend analysis showed a pattern of cyber-attacks targeting SACCOs during long weekends, underlining the need for heightened vigilance, robust monitoring, and compliance by all regulated entities to protect members’ funds.
