The Ghana Association of Banks (GAB) is pushing both commercial banks and non-commercial financial institutions in the country to make cybersecurity a “core business infrastructure” and not treat it only as a compliance requirement.

John Awuah, the Chief Executive Officer (CEO) of the Association, made the call on industry leaders, noting that banks must now view technology as their business, recognising its potential as an enabler and backbone of financial operations.

This comes as banks embrace the Bank of Ghana’s revised Cyber and Information Security Directive (2026), aimed at strengthening efforts towards building a more resilient digital financial ecosystem and protecting the sector against increasing threats.

Speaking at the launch of the new directive in Accra on Wednesday, Awuah explained that while digital technology had revolutionised the banking system, it had brought about threats, which banks must pay attention to.

“This cultural shift within the banking community reflects a broader recognition that resilience against cyber threats is not optional but integral to sustaining customer trust and financial stability,” he stated.

Awuah welcomed government’s efforts to extend cybersecurity measures to fintechs, payment service providers (PSPs), and other financial players, warning that a single weak link could expose the entire ecosystem to cybercriminals.

“In cybersecurity, a single weak link can become the entry route for miscreants to access the larger financial architecture, which is why every player must strengthen defences collectively,” he said.

He pointed to the link between cybersecurity and confidence in the financial system, urging collaboration among banks, regulators and financial technology (fintech) institutions to ensure “deposits are properly protected because customer trust depends on strong investment in secure systems.”

Awuah argued that cybersecurity was becoming part of the DNA of banking operations, emphasising strong, proactive and unified defensive mechanisms among the Central Bank and other stakeholders.

He explained that embedding cybersecurity into infrastructure meant banks were signalling their preparation to confront threats head-on, ensuring that Ghana’s financial system remained secure in an increasingly digital world.

Dr Zakari Mumuni, the First Deputy Governor of the Bank of Ghana, said reframing cybersecurity to meet current trends was a matter of national and economic security and moving beyond its traditional perception as a technical issue.

The Central Bank, he noted, had taken deliberate steps over the years to strengthen financial stability, from currency evolution to digitalisation of services, while remaining mindful of emerging risks.

That was because the financial landscape had evolved dramatically since the earlier directive of 2018, with the new directive covering vulnerabilities from cloud technologies, third-party platforms, artificial intelligence, and digital data ecosystems.

“Cyber incidents are no longer distant threats but daily realities. Preparedness is the key to resilience,” Dr Mumuni said, underscoring the urgency of proactive measures through shared responsibility.

“The security of the financial industry does not rest solely with the Central Bank,” he said, urging all stakeholders to play their part.

He lauded their extensive collaboration that shaped the directive.