Nairobi: There is a need for the Savings and Credit Co-operatives (SACCOs) across the nation to deliberate on the dynamic need for implementing cybersecurity measures in their businesses. As of October 2024, 174 SACCOs had been registered in the country, playing a crucial role in promoting a saving culture and socio-economic development of many citizens.
According to Kenya News Agency, all efforts to realize the targeted socio-economic development in this digital era have faced a major cybersecurity threat both for the SACCOs and their members. In recent years, discussions have intensified around the growing threats posed by cybercrime and the digitalization of SACCO’s products in a bid to enhance service delivery. This move has seen the country register some positive results in the fight against cybercrime.
Evans Oteko, the Sales and Relationship Officer for the Stima SACCO-Kisii branch, shares the SACCO’s watertight security measures as part of the successful approaches in its strong growth and innovation. The ability of Stima SACCO to highlight its security measures during the exhibition in the recently concluded Migori Agricultural Show not only attracted new members but also earned high praise from the show organizers and secured the entity a prestigious award – The Best SACCO Stand in the Cooperative movement category.
Founded 51 years ago for the employees of the then East Africa Power and Lighting Company, the SACCO opened its common bond to the public in 2010, making it the largest SACCO in Kenya and the second largest in Africa, boasting an asset base exceeding Sh69 billion and a massive membership of more than a million. Addressing a crucial concern about the safety of their members’ deposits, Mr. Oteko says that Stima SACCO has invested heavily to combat fraud and cyber threats.
He emphasized the need for SACCOs to concentrate on cybersecurity and data protection by developing comprehensive cybersecurity strategies to protect their systems and members’ data. For example, implementing data protection policies that comply with local and international standards can make SACCOs more secure in their digital platforms. By monitoring, identifying, and responding to potential cybersecurity threats, SACCOs can improve overall resilience to the rising cybercrime.
Awareness campaigns like those SACCOs conducted during the July 12 Ushirika Day ensure members are informed about the importance of cybersecurity and how they can protect themselves from potential scams and data breaches, apart from their vital contribution to the country’s economic and social development.
Gusii Mwalimu SACCO, another visible cooperative entity, also made a compelling statement at the Migori Agricultural Show 2025, highlighting a not-so-smooth journey it had made so far to stand on stable ground today. Originally known as the Teachers SACCO, the institution successfully opened its door to the public back in 2018, serving a diversified membership, including bodaboda riders, police, and county government staff.
The SACCO’s staff management, led by Ms. Cynthia Boke, emphasized rapid growth and a shift from an exclusive teachers’ body to a financial institution for all through an uncompromising focus on securing members’ deposits. The SACCO’s most distinguishing feature is its innovative and uncompromising defense against the rampant threat of Subscriber Identity Module (SIM) swap and account theft.
Ms. Boke explained that they have a mechanism that automatically locks a member’s account the moment the system detects that the SIM card has been tampered with, specifically if it is moved from one phone to another. Furthermore, the SACCO mandates that the account will only be reactivated once the member physically comes to the office to report the cellphone or SIM card breach.
According to Boke, this critical, high-friction step ensures that the person accessing the funds is the legitimate owner. Complementing this, the SACCO has 24-hour dedicated ICT technicians operating a system with anti-hacking trackers. The introduction of the Confidentiality, Integrity, and Availability (CIA) framework of cybersecurity used by banks can help SACCOs protect data from unauthorized access, modification of information, and accessibility.
The government initiative to put in place the SACCO Societies Regulatory Authority (SASRA) to ensure SACCOs operate within a safe and secure structure has enhanced regulatory frameworks, promoted financial literacy, and offered targeted funding initiatives to expand SACCOs’ reach and impact. Cyber threat is not the only risk facing SACCOs; financial risks, for example, are one of the greatest challenges, with about 80 percent of Kenyans being listed on the Credit Reference Bureau (CRB).
SACCOs must take a proactive role in helping members repair their credit and rebuild their financial stability, an initiative that the SACCOs can take beyond just offering credit but also educating their members on financial literacy, concludes Ms. Boke.
