Last week, regulators at the National Bank Of Ethiopia (NBE) introduced a new directive that obliges commercial banks to build a recovery data centre. The directive dictates the data centre needs to be disengaged from the banks' primary IT centres, at least 120Km away from the main site. In the event that banks experience an incident that could have significant implications for their services or financial standing, their executives are required to inform the NBE's banking supervision directorate within two working days. Commercial banks are also required to automate their core business processes and make them interoperable with one another to ensure automated data sharing. All commercial banks are operating with a core banking system. Several banks are using systems supplied by Oracle, a software company based in the US. Core banking systems supplied by Temenos, a software company based in Switzerland, are also widely used. The NBE stipulates that banks must revise their IT risk management policies intermittently.