Main

The site is operated with the financial support of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.

The information resource uses recommendation technologies. More detailed

Registered by the Federal Service for Supervision of Communications, Information Technology and Mass Communications. Certificates of registration Certificate of registration: EL № FS 77 - 76208 dated July 8, 2019, Certificate of registration: EL № FS 77 - 72003 dated December 26, 2017.

All rights reserved © «MIC «Izvestia» LLC, 2026.

Advertisement
Live broadcast

Everything IS ACCORDING TO the law: banks have increased purchases of equipment for inclusion in the white lists

How credit institutions prepare for work in the absence of the Internet
Photo: IZVESTIA/Eduard Kornienko
Main slide
Beginning of the article
Озвучить текст
Select important
On
Off

Banks have massively increased the purchase of special equipment for inclusion in the so-called white lists of the Ministry of Finance, so that their applications can work with limited mobile Internet. Alfa, VTB and PSB have already entered it, the Ministry of Finance told Izvestia. Credit institutions are required to comply with a number of FSB requirements, including the connection to the system of operational investigative measures and the introduction of correspondence storage services. In the second half of 2025, banks' demand for services and products for secure data transmission increased by 30%, and the trend continues in 2026. What this means for clients is in the Izvestia article.

Banks are already operating without Internet

Applications of several large Russian banks have already been included in the white lists, they will be available to citizens during periods of mobile Internet outages, the press service of the Ministry of Finance told Izvestia. We are talking about Alfa-Bank, VTB and PSB. Izvestia asked these players for comments, and also asked other market participants about their plans.

White lists in the Russian Federation are lists of Internet resources and services that can be accessed even with communication restrictions for security reasons. There is no general and updated complete white list of services and resources on the website of the Ministry of Finance, but there are the first, second, third, fourth and fifth lists, which are published separately.

банк офис
Photo: IZVESTIA/Eduard Kornienko

To connect to them, the FSB requires to fulfill a number of requirements, including installing a system of operational investigative measures (SORM) - it provides law enforcement agencies with access to information transfer data. First of all, to correspondence. Izvestia sent a request to the FSB.

The addition of white lists is formed, among other things, in coordination with the departments responsible for security, while the placement of all computing resources inside the country remains a prerequisite, the Ministry of Finance explained.

Debt and path: more than 60% of bankruptcies in 2025 could have been avoided
How "loan sharks" make money from citizens, driving people to ruin

What is required for inclusion in the white lists

Banks have noticeably increased their demand for services and products for building a secure data transmission infrastructure. It has been actively increasing throughout 2025, by an average of 15% per quarter, and in January 2026 it turned out to be 35-40% higher than a year earlier, according to Cross Technologies. This trend was also confirmed to Izvestia by representatives of the companies Informzashita and RuBekap.

—We see a significant increase in the share of banks in requests for such equipment, from about 5% in 2024 to 20% in 2025,— explained Cross Technologies.

процент
Photo: RIA Novosti/Natalia Seliverstova

We are talking not only about the SORM complexes themselves, but also about the accompanying infrastructure — data storage systems, channel encryption and integration with existing IT systems of banks, explained Pavel Kovalenko, Director of anti-fraud at Informzashita.

There is indeed an increased interest from financial organizations in purchasing solutions to meet the requirements of the FSB, but it is difficult to assess the pace of implementation, as the process remains expensive and technologically challenging, said Andrey Kuznetsov, CEO of RuBecap. Nevertheless, the full implementation of SORM for banks is mandatory by 2027, he stressed.

When will banks implement a correspondence storage system

"Banks don't really want to implement SORM, because for some of them it is expensive, difficult and not very necessary from the point of view of doing business," a source in the secure communications market told Izvestia.

SORM is actively being implemented in telecommunications, often through outsourcing service models, when services are provided by a third-party company, the source said. For banks, the process is more complicated and more expensive: in this case, the equipment must be installed inside their infrastructure, staff training, resources and support are required. Therefore, many market players asked the authorities not to rush them with SORM.

Банк офис
Photo: IZVESTIA/Dmitry Korotaev

There is no formal responsibility for non-compliance with the requirements yet, and if the bank can delay the process, it uses it, said Grigory Osipov, an independent expert on cryptocurrency investigations. An additional factor remains reputation: credit institutions may not want to be openly associated with the security unit and publicly announce the transfer of data on user correspondence. After all, in their mobile applications, customers can exchange messages.

In the future, banks may face liability for non-compliance with these requirements. The law provides for sanctions for the Organizers of the dissemination of information (ORI), which include credit institutions, said Dina Fomicheva, director of the Corporate Sales Department at Telecom Exchange. Possible measures include fines of up to 10 million rubles or revolving sanctions.

Digital shield: almost 3 million Russians have connected the "second hand" service since September
What you need to know to protect your finances from fraudsters

What does cooperation between banks and the FSB mean for Russians?

Banks' concerns about customer outflow are more related to trust and reputation than to the actual departure of users due to a single technical measure, said Vladimir Chernov, analyst at Freedom Finance Global. The topic of surveillance and storage of correspondence easily turns into a simple conclusion that the bank allegedly "reads chats", although in practice this is not felt by customers in any way.

деньги
Photo: IZVESTIA/Sergey Lantyukhov

A much more serious problem remains the temporary limitations of the Internet, which deprive people of access to banking services, the expert added. Since May 2025, they have become quite regular in some regions - according to the estimates of the monitoring project "In Touch", about 12 thousand such episodes were recorded last year. In these circumstances, the white lists of the Ministry of Finance are becoming a way for Russians to maintain access to critical operations.

— If a customer cannot pay for a connection, transfer money, or contact support, they will leave precisely because of the unavailability of the service, and not because of imaginary threats to privacy. For large banks, being whitelisted means protecting their customer base," concluded Vladimir Chernov.

In terms of the amount of information provided, nothing will change — banks have not "quarreled with the FSB" before and provided information on its requests, although this was not openly advertised, Grigory Osipov emphasized. In fact, people will lose the illusion of complete privacy, which in fact did not exist before.

Банк
Photo: TASS/Oleg Yakovlev

The risk of customer outflow during the mass implementation of SORM is minimal if the system becomes mandatory for all banks, said a source from Izvestia in the secure communications market.

The main risk is not related to the access of departments to data, but to the emergence of single points of concentration, concluded lawyer for IT expert on personal data protection Georgy Trelsky. Such vaults will inevitably become a priority target for cyber attacks, so banks will be forced to provide them with an unprecedented level of protection to avoid leaks.

Переведено сервисом «Яндекс Переводчик»

Subscribe and get the news first
Menu
Advertisement
RSS

Copyright for the iz.ru portal content visualisation system, as well as for the source data, including texts, photos, audio and video materials, graphic images, other works and trademarks, belongs to "MIC Izvestia" LLC

Partial quotation is possible only with a hyperlink to en.iz.ru

The site is operated with the financial support of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.

The advertiser is responsible for the content of any advertising materials posted on the portal.

The information resource uses recommendation technologies. More detailed

The news, analytics, forecasts and other materials presented on this website do not constitute an offer or recommendation to buy or sell any assets.

Registered by the Federal Service for Supervision of Communications, Information Technology and Mass Communications. Certificates of registration Certificate of registration: EL № FS 77 - 76208 dated July 8, 2019. , Certificate of registration: EL № FS 77 - 72003 dated December 26, 2017.

All rights reserved © «MIC «Izvestia» LLC, 2026

Live broadcast