Ghana is tightening coordination between government and financial regulators to strengthen its digital security framework, as new rules reshape cyber risk management in the financial sector.
Speaking at the launch of the Bank of Ghana’s Cyber & Information Security Directive 2026 in Accra, Ghana’s Minister for Communications, Digital Technology and Innovation, Samuel Nartey George said the central bank’s embrace of technology marked an important shift for an industry once seen as “change averse,” reflecting broader government policy to treat digital technology not as a side function but as a core business enabler.
The minister highlighted the alignment of the revised directive with existing legislative frameworks outside the financial sector, notably the Data Protection Act, 2012, and the Cybersecurity Act, 2020 (Act 1038), noting that these laws provide the backbone for compliance measures across sectors, including financial services regulated by the Bank of Ghana.
Sam George welcomed the inclusion of non‑bank players under the new directive, stressing the importance of bringing fintechs and payment service providers into the cyber resilience fold to mitigate systemic vulnerabilities. He said the ministry is reviewing the list of Critical Information Infrastructure (CII) and intends to designate all payment service providers as CIIs to “strengthen enforcement”, reinforcing industry obligations under existing cyber law.
In a reminder to industry participants, the minister referenced the statutory responsibility on regulated entities to submit reports monthly to the Cyber Security Authority, and warned that default in reporting would invoke statutory penalties.
Sam George underscored the collective nature of the cyber threat environment, saying no single institution can withstand the “myriad of attacks” alone, and praised the Bank of Ghana’s Financial Industry Command Security Operations Centre (FICSOC) as a shared shield that leverages collective strengths for industry protection.
He also spoke to broader policy on cross‑border data flows, signalling that while Ghana supports the free movement of data essential for digital commerce, critical national data, especially financial data, must be retained locally and managed under strict governance to ensure continuity and resilience against global geopolitical risks.
The minister further commended the Bank of Ghana for its leadership and continental example in cyber regulatory infrastructure, noting that Ghana’s best practices have informed fintech regulation beyond its borders.
Sam George pledged continued collaboration between the ministry and the Bank of Ghana to ensure effective compliance, saying the government stands ready to issue directives that strengthen the Bank of Ghana should industry challenges arise.
