The directive, developed by the Bank of Ghana, establishes a comprehensive framework to improve threat detection, preparedness, and response capabilities.
Ghana has taken a significant step to strengthen cybersecurity in its financial sector with the launch of a new regulatory framework aimed at enhancing resilience against growing digital threats. The initiative was unveiled in Accra during the introduction of the Bank of Ghana Cyber and Information Security Directive (CISD) 2026.
Chief of Staff Julius Debrah emphasized that cybersecurity is now a critical pillar of economic stability, warning that increasing reliance on digital systems exposes financial institutions to evolving cyber risks. He stressed that safeguarding public trust and national development requires embedding cyber resilience at the core of financial sector operations.
The directive, developed by the Bank of Ghana, establishes a comprehensive framework to improve threat detection, preparedness, and response capabilities. Debrah commended the central bank for creating a robust system designed to strengthen Ghana’s digital financial ecosystem and ensure secure, technology-driven growth.
Minister for Communication, Digital Technology and Innovations, Samuel Nartey George, highlighted the government’s broader ambition to position technology as a key driver of economic transformation. He noted that financial institutions are increasingly built around digital technologies, making cybersecurity a strategic priority rather than a purely technical concern.
The minister also announced plans to bring all licensed financial institutions and fintech firms under a unified cybersecurity framework, with many to be designated as Critical Information Infrastructure. He reiterated Ghana’s stance on data sovereignty, stressing that sensitive financial data must be stored within the country to enhance national security and ensure business continuity.
Governor of the Bank of Ghana, Johnson Asiama, described the CISD 2026 as a transformative policy that goes beyond compliance to promote active and collective cyber resilience. He noted that while digital innovations such as mobile money, cloud computing, and artificial intelligence have expanded financial inclusion, they have also introduced complex risks, including ransomware attacks and data breaches.
The updated directive introduces new measures such as governance frameworks for artificial intelligence, stricter cloud security requirements, risk-based regulation, and mandatory board-level accountability for cybersecurity. It also expands the Financial Industry Security Operations Centre (FICSOC) to include all financial institutions, creating a coordinated national defence system against cyber threats.
Overall, the launch of CISD 2026 signals Ghana’s commitment to building a secure, resilient, and trusted digital financial ecosystem, supported by strong regulation, collaboration, and continuous investment in cybersecurity capabilities.
