Bank of Ghana sets out cyber resilience priorities for digital financial services and reports 40% critical vulnerabilities in 2024 assessments

In a speech at the 14th AFI Leaders’ Roundtable in Accra, the Bank of Ghana’s First Deputy Governor outlined the central bank’s approach to strengthening cyber resilience in digital financial services, positioning cybersecurity as a core financial governance and inclusion issue and pointing to supervisory tools already in place. The remarks cited over 21,000 cyber fraud attempts recorded in Ghana’s financial sector in 2022 and Interpol’s estimate that cybercrime costs Africa more than USD 4 billion annually. The Bank of Ghana’s 2018 Cyber and Information Security Directives require risk-based frameworks, incident response protocols and regulatory reporting, while more than 40 financial institutions are connected to its Financial Industry Security Operations Centre for real-time threat detection and response. Annual cybersecurity maturity assessments using frameworks such as NIST and COBIT-5 have informed supervisory action, with over 40% of assessed entities in 2024 showing critical vulnerabilities, particularly in access control and incident response, prompting targeted interventions. The speech also highlighted consumer protection measures as mobile money accounts exceed 70 million, including stronger complaint resolution protocols and disclosure standards and expanded financial literacy, and noted Ghana’s participation in the African Development Bank’s AFAWA initiative and plans to establish a Women’s Development Bank with GHS 51.3 million seed capital allocated in the 2025 budget. The address called for deeper regional coordination through AFI and AfPI, including common approaches to early warning and incident reporting, preparedness exercises, proportionate regulation for fintechs and e-money providers, and cross-border response mechanisms, alongside engagement in global standard-setting discussions.