It is reported that electronic funds transfers are limited to USD 10,000 per transaction for transfers to local bank accounts, while for external bank accounts the limit is USD 50 million.

Lesotho has established several limits on transactions that can be carried out with mobile money. Yet, in September 2020, the Central Bank of Lesotho informed that it had given authorisation to mobile money issuers to increase transaction limits for duly identified and verified mobile money customers. The Bank increased transaction limits to be LSL17,500 (approx. USD 1,100) daily limit and LSL 30,000 (approx. USD 1,900) monthly limit for full KYC clients. For partial KYC clients, the transaction limits are LSL 10,000 (approx. USD 600) daily limit and LSL 20,000 (approx. USD 1,300) monthly limit. Customers are categorized in partial KYC and full KYC depending on the amount of information availed to mobile money service providers.

n/f

According to Regulation 7 of the Communications (Subscriber Identity Module Registration) Regulations of 2021, a licensee (an entity licensed by the Lesotho Communications Authority to provide and facilitate provision of communications services) shall register subscriber information. A licensee shall capture, register and retain the personal information of subscribers who request for registration and the activation of a SIM, in accordance with registration specifications and at no cost to the subscriber.

A basic legal framework on intermediary liability beyond copyright infringement is absent in Lesotho's law and jurisprudence.

A basic legal framework on intermediary liability for copyright infringement is absent in Lesotho's law and jurisprudence.

Section 58 of the Data Protection Act obligates every data controller to appoint one or more Data Protection Officers. Moreover, Section 20 sets out a reciprocal security obligation on both data controllers and their data processors to secure data in their possession or control, 'by adopting appropriate, reasonable, technical and organisational measures to prevent loss, damage, or unauthorised destruction, and unlawful access to, or unauthorised processing of data'.

Personal data in Lesotho is regulated under the Data Protection Act of 2012. The Act sets out comprehensive requirements for data protection in Lesotho, including data subject rights, data processing notifications, legal bases for processing, and restrictions on data transfers. The Act sets out breach notification obligations and explicitly defines the right to object to direct marketing.

Lesotho's data protection law allows cross-border data transfers, which are regulated as transfer of personal information outside Lesotho under Section 52 of the Data Protection Act of 2012.
The transfer of personal information abroad is permitted when the laws of the destination country are substantially similar to the information protection principles under Data Protection Act of Lesotho, or one of the other conditions are met (e.g., the data subject consents to the transfer or the transfer is necessary for the performance of contract between the data subject and data controller). Private sector safeguards, such as binding corporate rules, may also be put in place.

Lesotho has not joined any free trade agreement committing to open transfers of cross-border data flows.

According to the Lesotho Telecommunications Act, the Lesotho Communications Authority (LCA)., the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Lesotho has not appended the World Trade Organization (WTO) Telecom Reference Paper to its schedule of commitments.

It is reported that Lesotho does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, there is an obligation of accounting separation.

It is reported that is no obligation for passive infrastructure sharing in Lesotho to deliver telecom services to end users. However, it is practiced in the mobile sector and in the fixed sector based on commercial agreements.

Lesotho has no rules applicable to the protection of trade secrets.