NCBA Bank Kenya and Uganda has become the first bank in East and Central Africa to attain ISO/IEC 27701 certification for privacy information management, alongside ISO/IEC 27001 certification for information security, the bank announced Thursday. The dual accreditation was awarded by the British Standards Institution (BSI), a leading global certification body.
The certifications highlight NCBA’s systematic approach to safeguarding sensitive data of customers, employees, and third parties, while reinforcing compliance with the Kenya Data Protection Act and the Uganda Data Protection and Privacy Act.
ISO/IEC 27001 provides a structured, risk-based framework to protect the confidentiality, integrity, and availability of information assets, while ISO/IEC 27701 strengthens governance and privacy controls around personally identifiable information (PII).
Isaac Owilla, NCBA Group Director of Technology & Operations, said, “Attaining these dual ISO certifications is a significant milestone in our journey to strengthen information security. Our customers can be assured of the highest standards in security, service management, and regulatory compliance. Compliance is not a destination, and we remain committed to providing services that are secure, efficient, and high-quality.”
The certification initiative was driven by NCBA’s growing digital footprint, cross-border operations, and increasing reliance on technology and third-party providers. Phase one covered Kenya and Uganda, with Kenya prioritized due to its role in delivering approximately 80% of the Group’s technology and information security functions. Phase two will extend the certifications to Loop DFS, Tanzania, and Rwanda, leveraging lessons learned from the initial phase.
Owilla added, “NCBA invests in staff training, fosters a culture of continuous improvement, and encourages active participation in system enhancements. This strengthens our ability to deliver top-tier service, maintain information security, and achieve operational excellence.”
With its dual ISO certifications, NCBA reinforces its position as a regional leader in banking innovation, providing secure, reliable, and globally compliant financial services.