Cybercrime in Oman’s Banking Sector: The Cybersecurity Law and Banks’ Efforts to Protect Against Digital Threats

In the modern world of interconnected technologies, cybercrime has become a significant threat, especially in the finance sector. Oman’s Cyber Crime Law, issued by Royal Decree No. 12 of 2011 (“Cybersecurity Law”), aims to tackle this issue by addressing various forms of illegal activities committed through computer systems and networks. In this article, we explore the importance of cybersecurity in the banking sector, the legal penalties and regulations, protective measures, public awareness, and future developments.

The Prominence of Cybersecurity in Banking

With the growing digital transformation, banking has become a sector of immense importance and a favorite target for cybercriminals. Given the sensitive nature of banking information, Article 6 of the Cybersecurity Law deems it as part of the government’s confidential data. cybercrime often occurs through offenders posing as legitimate bank branches, requesting customers to provide account information under the pretext of a fraud alert. Once obtained, the offenders use this information to hack into bank accounts and steal funds through large transfers or several online transactions.

Legal Penalties and Regulations

Article 28 of the Cybersecurity Law prohibits using a credit card for unauthorized access to individual bank information, with penalties including imprisonment between one to six months and a fine between USD 1,300 to USD 2,600. However, it’s essential to note that these penalties are more severe if the offender intended to access someone’s bank information with awareness, carrying a prison sentence between six months to one year in addition to a fine ranging from USD 2,600 to USD 13,000.

Banking Regulations and Protective Measures

To comply with international standards set by ISO 27001, all banks in Oman are required to adopt this system to safeguard their information security management. This framework focuses on managing and protecting information through risk management, emphasizing confidentiality and integrity. Additionally, banks install preventative measures, including anti-spam software and employee training, to minimize potential data breaches.

Public Awareness and Compensation

Banks use various communication methods, such as emails and text messages, to inform their customers about potential cybersecurity threats. They also collaborate with law enforcement agencies to launch awareness campaigns, ensuring their clients are vigilant against cybercrimes. Although customers are accountable for protecting their information, banks reimburse any losses incurred due to cybercrimes.

Future Developments

Oman is ranked 21st globally and third among Arab countries in the Cybersecurity Index Report of 2020. In response to the increasing cyber threats, a Cyber Defence Centre (CDC) was established under Royal Decree No.64 of 2020 to provide further protection against cybercrimes. Additionally, a new Draft Law on Cybersecurity and Data Protection is anticipated, which will further regulate cybersecurity and play a crucial role in preventing and combating cybercrimes in Oman.

Conclusion

Cybercrime is a pervasive issue in today’s advanced digital world. However, through the implementation of the Cybersecurity Law, ISO 27001 regulations, and the proactive measures taken by Oman’s banks, the banking sector in Oman is making significant strides in protecting its customers from cyber threats, ensuring the secure management of sensitive financial information, and creating a safer digital future.

Contact: Aida Al Jahdhami