NCBA Bank has become the first bank in East and Central Africa to achieve dual ISO/IEC 27001 and ISO/IEC 27701 certifications, awarded by the British Standards Institution (BSI). This significant milestone reinforces the bank's commitment to robust information security and privacy management.

• The certifications enhance NCBA's ability to protect customer, employee, and partner data, with ISO/IEC 27701 specifically supporting compliance with the Kenya Data Protection Act and Uganda Data Protection and Privacy Act.
• Group Director for Technology & Operations at NCBA, Isaac Owilla, stated this accomplishment is part of the bank’s journey to strengthen security and regulatory assurance across its operations.
• Phase One of the certification focused on Kenya and Uganda, with Kenya handling nearly 80% of the Group’s information security and technology functions; Phase Two will extend to Loop DFS, Tanzania, and Rwanda.