FIRST DEPUTY Governor of the Bank of Ghana (BoG), Dr Maxwell Opoku-Afari, has reiterated calls on commercial banks operating in Ghana to examine the state of their security systems, identify gaps and design appropriate mechanisms to counter possible cyber threats.

Dr Opoku-Afari re-echoed the policy directive at the official launch of the national Cyber Security Awareness Month (NCSAM) 2021 recently in Accra.

According to him, this directive has become necessary because “the COVID-19 pandemic, and issues emanating from it, has accelerated the adoption of digitalisation in Ghana and this is progressing at top speed. Embracing the new norm of working remotely, transferring resources across financial platforms, purchasing goods and services online, etc, are gradually changing the face of our economy and we need to position ourselves in readiness for the threats that come along with this changing lifestyles and doing business… Addressing cyber security risks has become more important than ever and policy makers need to internalise this fact in their discourse.”

He continued that in addition to BoG’s cyber security regulations, financial institutions would also be required to implement an integrated approach by adopting enterprise-wide frameworks of cyber risk management in line with business objectives.

“It is important for institutions to undertake cyber security-related due diligence and assessments, identify proper detective controls, and enforce third party and insider risk programmes to protect and safeguard their working environments from cyber related activities that are not conducive for growth.

“We at the Central bank will continue to draw strength from Act 1038, which is intended to further promote and improve collaborative efforts between the Cyber Security Authority and the Bank of Ghana. The Central Bank will work closely with the Cyber Security Authority to monitor trends of cybersecurity issues in the financial sector and ensure collaborative response to cybersecurity incidents. The Bank of Ghana will also play an active role in the implementation of the Cybersecurity Act, 2020 through our representation on the Joint Cybersecurity Committee (JCC) pursuant to Section 13 of Act 1038. We will endeavour to provide all support available to ensure smooth formulation of policies in this area.”

He added that Government had swiftly introduced regulatory measures such as the Data Protection Act, 2012 (Act 843) and the Cybersecurity Act, 2020 (Act 1038), as well as supporting directives and other related legislation to enforce provisions of the law across all sectors of the economy adding that the Bank of Ghana, as far back as October 2018 took actionable steps to issue the Cyber and Information Security Directive in a bid to enhance and protect the security of the banking sector.