BoG To Introduce Cyber Security Guidelines In Weeks

In a couple of weeks the central bank will unveil its much-awaited Cyber Security Guidelines and Regulations to guide banks in their fight against cybercrime and electronic money fraud.

Dr. Maxwell Opoku-Afari, First Deputy Governor of the Bank of Ghana (BoG), noted that as Ghana moves further into the e-payment and digital finance ecosystem, financial crime prevention is very key and the Bank of Ghana has worked with stakeholders to put together cyber security regulations.

“We have received your [banks and other financial institutions] comments and we are working to reflect them. In the next couple of weeks, a new cyber security regulation will be introduced by the Bank of Ghana,” he said.

Speaking at two separate events in Accra yesterday, Dr. Opoku-Afari noted that this regulatory reform, in addition to others, seeks to promote availability and acceptance of electronic money and hybrid payment services.

At the same time, he noted, the reforms will create the needed enabling environment for convenient, efficient and safe retail payments and funds transfer in Ghana. “We are creating an enabling regulatory environment for banks to partner with other payment service providers to deploy innovative financial products and services which promote financial inclusion.

“Similarly, other service areas such as insurance, investments and freight are also leveraging on technology and innovation in partnership with banks to extend financial services to the large unbanked segment of the population,” he said at a workshop on financial crime and prevention organised by the Ghana International Bank.

With over 71 FinTechs providing front and back-end services to banks in the digital space of Ghana, the central bank has also reviewed the existing Electronic Money Issuers Guidelines which were issued in 2015, and the Payment Systems Act that was passed in 2003.

The review has resulted in the drafting of a new legal document, The Payment Systems and Services bill, which is to promote the role of FinTechs and deepen usage of digital channels. The bill is currently with in Cabinet and will go to Parliament soon.

“The objective of reviewing the bill is to make the regulatory framework adaptive to the emerging digital landscape and also address issues of cyber security, data privacy and security, consumer protection and recourse to mechanisms that may arise,” Dr. Opoku-Afrani added at the launch of a new remittance product between Moneygram and the Agricultural Development Bank (ADB).

The United Nations Office of Drugs and Crime reports that between US$800billion and US$2trillion are transacted fraudulently across the world per annum, and only 1 percent of this value is being detected.

Meanwhile, electronic fraud constitutes more than 80 percent of all complaints and fraud cases the central bank receives, data from the Consumer Reporting Unit of the Central Bank’s Financial Stability Department have shown.

A report released by Kenyan-based IT firm Serianu Limited revealed that Ghana’s economy lost a total of US$50million to cybercrime in 2016.

The Bank of Ghana in the third quarter of 2016 introduced cyber security guidelines for all banks to attain ISO27001 and PCIDSS certification – two of the basic forms of protection in the banks and payments system.

The central bank later withdrew the guidelines – due to lobbying from the banks about their inability to meet the deadline – and announced later that year it was in the process of issuing guidelines for the establishment of cyber security protocols and procedures for routine and physical security measures for IT centres and control rooms to ensure data security at the highest level.

“Businesses in Ghana stand to lose nearly US$100million dollars to cyber-crime. That’s why everyone needs to sit up and implement effective measures to counter cyber-crime,” Managing Partner at cyber security firm Delta 3 International, Del Aden, has warned.

Dr. Opoku-Afari however assured that the Bank of Ghana has directed all banks to ensure that their systems are safe and resilient enough to combat cyber-crime, especially at a time when mobile money interoperability is now operational.

“Here in Ghana, prevention of Financial Crime is firmly on the Bank of Ghana’s radar. We have encouraged banks to ensure adequate systems and controls are in place to curtail the use of our financial system for fraudulent and criminal activities.

“In addition to collaboration with commercial banks, there is cooperation with the Economic and Organised Crime Office (EOCO) and other related bodies to achieve this objective,” he added.