Imposing restrictions on the use of IT-products in the government and financial sectors 

July, 2023 - Maria Ostashenko

Please be informed of the adoption of a number of legislative and regulatory acts that impose restrictions on the use of foreign programs and products in the government and financial sectors.

Ban on the use of foreign messengers


As of March 1, 2023 restrictions on the use of a number of foreign messengers1 for specific operations related to the transfer of payment documents and personal data are imposed on certain organizations in Russian government and financial sectors:

--table--

--table-border--

To whom the ban applies? State-owned and municipally owned companiesCompany with predominant state participationCredit institutions and non-credit financial institutions engaged in activities of non-credit financial institutionsSubjects of the National Payment System
Prohibited Operations Transfer of personal data of Russian citizensTransfer of payment documentsSubmission of data on non-cash funds transfersSubmission of information for making paymentsTransmission of data on bank accounts and deposits of Russian citizensConnection to any informational systems enabling transfer of funds of the Russian citizens
Banned foreign messengers (as of March 1, 2023)2 DiscordMicrosoft TeamsSkype for BusinessSnapchatTelegramThreemaViberWhatsAppWeChat
What is allowed? Companies may still use the messengers listed above as long as their use does not fall within the Prohibited Operations.

As an extension of this ban, liability in the form of fines for the use of foreign messengers was imposed as of June 24, 20233:

  • For officials – from RUB 30 000 to 50 000,

  • For legal entities – from RUB 100 000 to 700 000.

Control of the Bank of Russia over the Russian financial sector organizations’ transition to domestic software


As of March 1, 2025, a ban on the use of foreign software at significant critical information infrastructure facilities (“SCIIF”) owned by state authorities and customers under the Law No. 223-FZ (except for entities with municipal participation) is imposed4.

This ban will affect large Russian banks and non-credit financial institutions that are subject to legislation regulating security of critical information infrastructure.

Furthermore, as of September 2023 the Bank of Russia will be authorized to coordinate and control the transition of credit institutions and non-credit financial institutions5 to domestic software, domestic radio electronic products, and telecommunication equipment.

The Regulator will control purchases of foreign software and services falling within its competence.

The Bank of Russia will also manage and monitor credit institutions and non-credit financial institutions in order to implement measures ensuring security of critical information infrastructure.

Federal Law No. 584-FZ dated December 29, 2022 “On Amending the Federal Law “On Information, Information Technologies, and Information Protection” The list of banned foreign messengers is adopted by Roskomnadzor: https://rkn.gov.ru/news/rsoc/news74672.htm Federal Law No. 277-FZ dated June 24, 2022 “On Amending the Code of Administrative Offenses of the Russian Federation” Decree of the President of the Russian Federation dated March 30, 2022 No. 166 “On measures to ensure technological independence and security of the critical information infrastructure of the Russian Federation” Federal Law No. 243-FZ dated June 13, 2023 “On Amending the Federal Law “On the Central Bank of the Russian Federation (Bank of Russia)”

 



Link to article

MEMBER COMMENTS

WSG Member: Please login to add your comment.

dots