On October 12, 2023, the Egyptian Financial Regulatory Authority (“FRA”) issued Circular No. 4 of 2023 to enhance the protection of the confidentiality of customers’ data in non-banking financial activities from risks of fraud (the “Circular”).

The Circular stipulates that all companies and entities that are licensed to engage in non-banking financial activities by the FRA are obliged to inform their customers upon contracting, verbally or in writing, the importance of non-disclosure of their personal or financial data to any natural or legal person, including usernames and passwords used to access non-banking financial data through traditional or technological means. In addition, such entities are also obliged to send monthly alerts to their customers via the customers’ mobile phones or other communication channels to warn customers against disclosing personal or financial data that may expose them to fraud risks.

The same entities are also required to warn their employees not to request, trade, or disclose any data related to customers, whether through phone calls, text messages, social media applications, or any unreliable electronic links, and this shall be clarified to all customers upon contracting or by way of periodic warnings.

All customers must be alerted of the need to report any attempt to disclose such personal data, and the relevant company or entity must follow up on any such attempts or complaints received in this regard, take the necessary measures to protect its customers’ database and ensure a duty of care to enhance the necessary levels of awareness of fraud risks.