The Sacco Societies Regulatory Authority (SASRA) has issued a warning to SACCOs across the country, urging heightened vigilance against cyber threats during the upcoming Easter and Labour Day long weekends.
In a circular shared on Wednesday, April 1, the regulator highlighted a growing pattern of cyber-attacks targeting SACCO systems during public holidays.
SASRA explained that its findings are based on ongoing surveillance and threat monitoring within the SACCO subsector.
"Periodic analysis and intelligence monitoring the trends of the cyber-threats and security breaches in the Regulated SACCO subsector shows that a majority of the cyber-security breaches and attacks mostly occur during the long-weekend public holidays," the circular read.
SASRA further noted that attackers tend to exploit specific time windows when institutions may be less alert or understaffed.
Read More
"The trends equally show that these breaches and attacks are predominantly perpetrated during the last twelve (12) hours prior to the commencement of the long-weekend public holidays; and during the late evening and early night hours of any of the long-weekends and/or the public holidays," the circular added.
According to SASRA, the upcoming high-risk periods include the Easter holiday and Labour Day weekend, which SACCOs must prepare for in advance.
"In this regard, Regulated SACCOs are reminded that such long weekends and public holidays are scheduled to occur from Friday 3rd April 2026 to Monday 6th April 2026 (Good Friday and Easter Monday; and Friday 1st May 2026 to Sunday, 3rd May 2026 (Labour Day)," the circular further read.
SASRA noted that SACCOs offering digital financial services are particularly exposed.
Institutions using ATMs, mobile money channels, internet banking, and web-based applications face increased vulnerability to cyber-attacks.
Additionally, SACCOs operating pay bill systems or relying on third-party vendors for digital services were flagged as high-risk, especially where integrations create potential entry points for attackers.
To mitigate these risks, SASRA has directed all regulated SACCOs to take immediate precautionary measures, including securing critical data and strengthening system surveillance.
"Consequently, all Regulated SACCOs (both DT-SACCOs and Regulated Non-WDT-SACCOs) are hereby called upon to undertake a mandatory offline back-up of all the SACCO Society's critical data, information and records in compliance with the provisions of the Sacco Societies Act and the Regulations made thereunder; and heighten, intensify and strengthen the cyber-security monitoring and surveillance over their Management Information Systems (MIS), Digital Financial delivery channels, and other ICT infrastructures used to provide financial services to members in order to detect and prevent any potential cyber-attacks or breaches during these periods," the circular noted.
Further, SACCOs and their technology partners have been instructed to ensure continuous monitoring of systems to quickly detect and respond to any threats.
"In particular, Regulated SACCOs and/or their respective third-party vendors and integrators must deploy appropriate 24/7 cyber-security monitoring solutions including appropriate human resource response mechanisms to detect, disrupt and immediately report any intrusions or attempted intrusions on a real-time basis," the circular directed.
SASRA also raised concerns about insider threats, warning that employees could potentially collude with external actors to exploit system vulnerabilities.
"Additionally, Regulated SACCOs and their third-party system vendors and integrators (where applicable), must institute round-the-clock internal control measures to detect and prevent insiders (employees) from colluding with third parties committing such cyber-attacks and breaches," the circular warned.
SASRA advised SACCOs to pay special attention to sensitive areas such as digital access to FOSA savings accounts, linking of accounts to mobile numbers and ATM cards, and integrations with mobile money platforms.
Additionally, the authority noted that unusual transactions, particularly those involving third-party financial systems or mobile wallet aggregations, should be closely monitored and flagged immediately.
This comes months after Co-operatives and MSMEs Development Cabinet Secretary Wycliffe Oparanya announced new measures aimed at tightening accountability in the auditing of SACCO financial statements.
Speaking on Thursday, September 25, 2025, Oparanya directed the SASRA and the Commissioner of Co-operatives to enforce stricter oversight in the preparation and auditing of SACCO accounts.
First, Oparanya instructed that internal auditors must render their opinions on financial statements before the documents are submitted for external auditing.
This, he said, will ensure a stronger internal control mechanism and safeguard against errors or misstatements at an early stage.
"Ensure that internal auditors of SACCOs render their opinions on the financial statements and reports, prior to such financial statements being subjected to external auditing," he said.
Oparanya also ordered SASRA and the Commissioner to take firm action against external auditors who fail to provide services in line with the SACCO Societies Act and its regulations.
"Institute appropriate actions against external auditors who internally fail to render external auditing services in accordance with the SACCO Societies Act and Regulations, including referral of such external auditors to ICPAK for additional sanctions," he added.
In addition, Oparanya directed that all financial reports and statements be countersigned by the Chief Executive Officers and Finance Officers who prepare them, alongside the Board of Directors.
This, he said, is intended to hold both management and directors equally accountable for the disclosures in SACCO financial reports.
"Ensure that all financial reports and statements are countersigned by the Chief Executive Officers and Finance Officers who prepared them, in addition to the Board of Directors. This will hold both management and the Board of Directors responsible for the disclosures in the statements," he further said.
