……….fight of threat sole responsibility of banks–BoG
The Bank of Ghana has charged universal banks to undertake cyber security-related due diligence and assessments, identify proper detective controls, and enforce third party and insider risk programmes, to fight global sophisticated cyber threats.
According to the Bank of Ghana, cyber-attacks that target customer transactions and online banking services have increased in tandem with financial technology.
The bank has also warned that the growth of technology-driven electronic payments in recent banking transactions, are associated with cyber related risks such as insecure card data systems and identity theft.
This comes in the wake of a revelation by global IT Company, SAP Africa that 99 percent of Ghanaian banks are vulnerable to hacking because they are not using cloud software which is an advanced and more secure system for data storage.
Among the over 36 universal banks operating in the country, only Ecobank Ghana Limited is currently using the software which has the latest security systems to fight recent growth of complex cyber threats.
But speaking at a summit on digital banking and cyber security, organised by Standard Chartered Bank, Governor of the Bank of Ghana, Dr. Ernest Addison, said the banks are solely responsible for the protection of their data. .
“We have witnessed global cyber-attacks which resulted in disruptions to some critical financial services and destroyed financial assets and savings. It is important therefore, to ensure that the security of electronic banking products and services are not compromised,” Dr. Addison said.
He added that “globally, cyber-attacks on digitized payment products are increasingly becoming sophisticated, especially on financial institutions with insecure IT systems. The onus lies on banks to examine the state of their security systems, identify gaps and design appropriate mechanisms to counter possible cyber threat.”
The Central Bank has, however, assured that it will continue to exercise firm oversight of the payment system, monitor risks associated with digital innovation and develop appropriate regulatory responses without stifling innovation.
The Bank has therefore prepared a banking sector Cyber and Information Security guidelines to protect consumers and create a safer environment for online and e-payments products.
The guidelines will, among other things, create a secure environment for transactions within the cyberspace and guarantee trust and confidence in ICT systems.
It will also provide an assurance framework for the design of security policies in compliance to global security standards and best practices by way of cyber and information security assessments, as well as protect banks, customers and clients against the potentially devastating consequences of cyber-attacks.
By Nana Oye Ankrah