The Bank of Ghana is intensifying its efforts to combat the escalating threat of digital and cyber fraud within the nation’s financial ecosystem. This heightened focus comes in response to a significant rise in cyber-related financial losses, which reached nearly GH¢10 million in 2024, marking a substantial increase from GH¢8.9 million in 2023. First Deputy Governor Dr. Zakari Mumuni articulated the Bank’s concerns at a stakeholder forum held in Accra, emphasizing the urgency of addressing these threats to maintain financial stability. The forum brought together key players from across the financial sector, including banks, mobile money operators, and regulatory bodies, to collaborate on solutions and strategies to mitigate the risks posed by increasingly sophisticated cyberattacks. Dr. Mumuni highlighted the findings of the Bank’s 2024 fraud report, which revealed a concerning trend of both the frequency and severity of cyber incidents. These attacks often exploit intricate technology vulnerabilities that are difficult to trace and often originate from outside Ghana’s borders, adding another layer of complexity to the challenge of combating them.
The Bank of Ghana is adopting a multi-pronged approach to bolster its cybersecurity defenses. A key component of this strategy is the revision of the Cyber and Information Security Directive, originally implemented in 2018. The updated directive will address emerging challenges related to rapidly evolving technologies like artificial intelligence and cloud-based systems. It also encompasses considerations for data privacy and digital infrastructure governance, reflecting the increasingly complex landscape of digital finance. Recognizing the diverse capabilities of financial institutions, the Bank is designing the revised directive with flexibility in mind to ensure its applicability and effectiveness across the sector. This adaptability aims to provide tailored guidance and support for institutions of varying sizes and technological maturity.
In addition to the updated directive, the Bank of Ghana is expanding the scope and functionality of its Financial Industry Command Security Operations Centre (FICSOC). This crucial platform plays a vital role in tracking cyber threats and facilitating intelligence sharing across the banking sector. Currently limited to commercial banks, FICSOC will soon encompass the entire spectrum of licensed financial institutions. This expansion will include microfinance entities, savings and loans companies, insurers, pension managers, and capital market players, creating a more comprehensive and interconnected network for cybersecurity threat detection and response. By extending FICSOC’s coverage, the Bank aims to enhance the overall security posture of the financial sector.
Furthermore, the Bank of Ghana’s role in national cybersecurity has been strengthened through its designation as the lead Sectoral Computer Emergency Response Team (CERT) for the financial sector by the Cyber Security Authority. This pivotal role positions the Bank as the central hub for coordinating real-time responses to cyber threats and ensuring secure information exchange across the industry. This centralized approach to threat management will streamline communication and facilitate more efficient and effective responses to security incidents. The Bank’s leadership in this capacity underscores its commitment to safeguarding the financial sector from the evolving cyber threat landscape.
Central to the Bank of Ghana’s cybersecurity strategy is the emphasis on collaboration and information sharing. Dr. Mumuni stressed the critical importance of a collective approach, emphasizing the need for financial institutions to share intelligence, align security standards, and build robust systems to protect the integrity of the financial sector and maintain public trust. Recognizing the interconnected nature of financial platforms, he warned that vulnerabilities in one institution could have cascading effects, potentially destabilizing the entire system. This interconnectedness necessitates a unified front against cyber threats, with all stakeholders working in concert to strengthen the overall resilience of the financial ecosystem.
To further bolster the cybersecurity capabilities of individual institutions, the Bank of Ghana is working to equip all licensed institutions, including rural banks and mobile money providers, with basic cyber-monitoring tools and early warning systems. This initiative aims to provide even the smallest and most remote financial entities with the essential tools to detect and respond to cyber threats promptly. Dr. Mumuni emphasized that this proactive measure is crucial not only for protecting individual institutions but also for maintaining customer trust and confidence in Ghana’s formal financial system. By empowering all players in the financial sector with enhanced cybersecurity capabilities, the Bank of Ghana aims to create a more secure and resilient financial environment for all stakeholders.
