Business Continuity and Disaster Recovery Protocol for Sudanese Banks

Opinion

Walid Dalil
The Governor of the Central Bank of Sudan, Amina Mirghani, has announced the approval of the Banking Regulation Act for 2026 by the recent joint meeting held in Khartoum between the Sovereignty Council and the Council of Ministers.
Speaking at a meeting with the chief executives of Sudanese banks, Governor Amina Mirghani stated that the new law places strong emphasis on strengthening governance systems, complying with anti–money laundering and counter-terrorism financing standards, supporting financial inclusion, and accelerating digital transformation in the banking sector. She also praised banks for responding to the call to return and resume operations from within Khartoum, in line with the Central Bank’s directives.
Last Friday afternoon in Khartoum, Amina Mirghani chaired her first meeting with managing directors of banks operating in the country, following the Central Bank of Sudan’s return to conducting its business from the national capital. During the meeting, she commended the banking system’s resilience throughout the previous phase and confirmed its transition into a recovery phase.
There is a broad consensus that one of the most important early lessons of the 15 April 2023 war was the disastrous consequence of concentrating everything in the capital, Khartoum. Another key lesson is the necessity for all state institutions to have business continuity plans capable of operating under exceptional circumstances, including wars and natural disasters. It goes without saying that such plans are a basic requirement for all institutions, including the Central Bank itself. Although the Central Bank had taken an advanced step years earlier—relative to other state institutions—by establishing an integrated Disaster Recovery Centre (DRC) in one of the states, anticipating that it would be unable to operate from its headquarters in Khartoum, the centre was not fully ready when it was most needed.
The Central Bank of Sudan requires banks to implement a Business Continuity Management System (BCMS) in accordance with the international standard ISO 22301:2019, to ensure the continuity of vital banking services during disasters. The protocol is based on proactive risk anticipation, the preparation of alternative premises and disaster recovery centres, staff training, and periodic testing of plans to ensure resilience and stability.
Key Features of the Business Continuity Protocol for Sudanese Banks:
Compliance with ISO 22301: Aimed at minimising operational disruption and ensuring rapid recovery from crises.
Identification of Critical Operations: Defining essential services that cannot be interrupted (such as transfers, digital services, and ATMs).
Alternative Sites: Preparing alternative working sites equipped with all necessary technological infrastructure to ensure staff can continue working if the main headquarters becomes inoperable.
Disaster Recovery Centres: Facilities for storing data and systems to ensure rapid restoration.
Periodic Testing: Conducting live simulations (“actual working days”) of emergency plans to verify readiness and response speed.
Protection of Staff and Customers: Establishing procedures to ensure the safety of employees and customers within premises.
Risk Management and Updating: Regular review of policies to keep pace with technological and security developments.
These protocols are mandatory to maintain confidence in the Sudanese banking sector and to fulfil domestic and international obligations. The Central Bank of Sudan must apply the latest international standards and best practices in business continuity management, in line with ISO 22301, by establishing a comprehensive BCMS. This includes developing proactive and reactive plans to enhance the Bank’s ability to resume all critical activities and operations during crises and emergencies, and to mitigate the risks of unforeseen incidents and operational disruptions.
The system aims to identify the critical activities and operations provided by the Central Bank to banks, government, and economic institutions, ensuring their continuity. It also involves identifying and analysing potential events, taking the necessary measures to confront and manage them, and enabling an immediate and effective response that preserves the operations and activities of the Central Bank and the banking sector in order to meet their local and international obligations, thereby protecting the Central Bank’s reputation.
Business continuity plans are reviewed and tested periodically in accordance with approved scenarios to ensure their effectiveness, efficiency, and alignment with technological, regulatory, and operational changes.
Banking Expert

Shortlink: https://sudanhorizon.com/?p=10706

Leave a comment