MACRA Intensifies Data Protection Compliance Efforts in Malawi’s Financial Sector

The Malawi Communications Regulatory Authority (MACRA) , through its Data Protection Authority (DPA), has intensified efforts to ensure stronger protection of sensitive personal and financial data across the country’s financial institutions.

During a recent Data Protection workshop for Malawi’s Financial Sector held in Blantyre, MACRA’s Head of Data Protection, Daniel Chiwoni, emphasized the importance of industry compliance with the newly enacted Data Protection Act of 2024. The Authority is conducting targeted training sessions to help financial institutions better understand their obligations under the law and to promote a culture of accountability in handling citizens’ personal data.

The workshops highlight the need for banks, insurance firms, and fintech organizations to implement robust cybersecurity and technical safeguards, including the use of strong authentication mechanisms and the mandatory appointment of Data Protection Officers (DPOs) to oversee compliance efforts.

Representatives from Malawi’s financial sector welcomed the initiative, noting the critical role of data protection in maintaining public trust. They also requested a phased grace period to allow institutions adequate time to fully align their systems and processes with the provisions of the Data Protection Act.

MACRA’s ongoing engagement reflects its broader commitment to strengthening data privacy governance, fostering digital trust, and supporting Malawi’s transition toward a secure and inclusive digital economy.