The central bank has warned that cyber threats are now a constant risk to the financial system, calling for stronger preparedness and collective action across the industry as digitalisation accelerates.
First Deputy Governor of the Bank of Ghana, Dr. Zakari Mumuni, said the newly launched Cyber and Information Security Directive (CISD)2026 is designed to strengthen resilience in an increasingly interconnected financial ecosystem.
“Indeed today marks a significant milestone, the launch of the new cyber and information security directive for the financial industry,” Dr. Mumuni said, describing the framework as a strategic response to evolving risks.
He warned that cyber incidents are no longer hypothetical but “constant realities,” noting that resilience will depend on the level of preparedness across institutions.
The directive builds on a 2018 framework, which Dr.Mumuni said provided the foundation for managing cyber risks but is no longer sufficient given rapid technological change. He pointed to the growing use of cloud services, third-party platforms and artificial intelligence as key factors reshaping the threat landscape.
“We now operate in an era defined by rapid digital transformation, increased reliance on cloud and third-party technologies, growing sophistication of cyber threats and indeed the emergence of new risks driven by AI and data ecosystems,” he said.
Dr. Mumuni stressed that cybersecurity has moved beyond a technical concern to a broader economic and national security issue, requiring coordination across regulators, financial institutions and technology providers. “The strength of any financial system rests not only on sound policy but on collective responsibility,” he said, adding that the security of the industry “does not rest solely with the central bank.”
The updated directive was developed through consultations with industry players, international partners and technical experts, an approach the deputy governor said ensures the framework is both practical and forward-looking.The central bank has in recent years expanded digital financial infrastructure, including payment systems and financial services, while seeking to manage the risks associated with increased connectivity and innovation.
According to him, the new rules aim to provide a clear regulatory guide for cyber defence as Ghana’s financial sector continues to digitize, underscoring the need for sustained collaboration to protect system integrity and maintain public confidence.
