The regulatory environment in Uzbekistan is changing fast. 2024–2025 brought several significant shifts that directly affect banks' IT systems.
Key Changes
Open Banking and PSD2-Style Regulation
The Central Bank of Uzbekistan has set a course for open banking. This means mandatory APIs for sharing data with third parties. Banks need an API gateway with OAuth 2.0 and customer consent management.
Data Localisation Requirements
Tightened rules on storing personal data of Uzbek citizens within the country. This affects cloud solution choices and hybrid system architecture.
AML/KYC — Automation
The regulator is increasing requirements for automated transaction monitoring. Manual processes no longer meet FATF standards.
Digital Identification
Integration with ESIA (unified identification system) is becoming mandatory. Banks must support electronic identity verification.
Practical Advice for IT Teams
Build compliance-ready architecture from the start
Adding compliance post-factum is expensive. Build flexibility into your data schema and logs from day one.
Automate regulatory reporting
Manual report generation means error risk and people dependency. The ROI from automation pays off within 6–12 months.
Keep a regulatory radar in-house
Assign someone to monitor changes in the regulatory framework. This should be a person at the intersection of IT and compliance.
If you need help adapting systems to regulatory requirements — get in touch.
Pavel Popov
IT & FinTech Advisor · AI Expert
Have a challenge? Let's discuss in 30 minutes
Free initial consultation — we'll analyse your situation and define how I can help