The CEO of the Ghana Interbank Payments and Settlements Systems (GhIPSS), Clara B. Arthur has hinted that her outfit will lead a collaborative and multi-layered approach to boosting cybersecurity within the financial and digital finance ecosystem to ensure better results in the fight against cyber fraud.Â
She made the remark at the Payments Industry Cybersecurity Summit 2025, jointly organized by global payment cards giant VISA and the Bank of Ghana to find a way of balancing innovation, regulation and public-private sector partnership to navigate the current cybersecurity landscape.
The summit was also intended to evolve strategies on how to build future-proof cyber-defense systems across the entire financial sector ecosystem in Ghana, particularly in the face of more sophisticated emerging threats driven by Generative AI.
There was a panel discussion which delved into the significance of establishing robust frameworks, ensuring continuous training to stay updated on the latest threats and defenses, and integrating cybersecurity into the broader business strategy.
During that panel discussion, Clara Arthur noted that one of the challenges facing the financial ecosystem in Ghana in the fight against cyber fraud is the fact that there is little or no collaboration between the players and regulators when it comes to cybersecurity.
According to her, the players do not have a good appreciation of the regulations, so when cyber fraud incidents occur, very often the players do not report it to the regulator because they tend to think reporting such incidents means they are exposing themselves to regulatory sanctions.
The GhIPSS CEO also noted the regulator has also not done too well with participating in investigating cyber fraud cases so the players are often left alone to investigate the issues and handle issues at their own level.
“But all that is about to change because we have just completed our strategy session at GhIPSS and we are coming up with strategies to drive real collaboration between the Bank of Ghana and GhIPSS on one hand, and the about 100 participants on GhIPSS’s platforms and even partners like VISA and the Cybersecurity Authority (CSA) on the other hand, to build a unified system to fight cyber fraud in a more concerted manner,” she said.
Clara Arthur said it is also important to leverage the experience and expertise of organizations like VISA to provide advanced level training on how to identify and deal with new threats through innovation, driven by AI and other relevant technologies.
She said as part of the strategy to bring every stakeholder up to speed, particularly the financial institutions, fintechs and telcos on the GhIPSS platforms, GhIPSS will consider adopting the VISA cybersecurity preparedness classification system to determine the level at which every player is, so that everyone will be encouraged to aspire to a higher level.
“We also believe there can never be too much monitoring so we will keep monitoring each player on a regular basis to ensure that everyone in the ecosystem is always ready to pick up early warning signs and nib it in the bud before it results in a fully fledge fraud,” she said.
According to her, GhIPSS has already started conversations with VISA on how to invest in the right tools and the right skill sets to ensure that providing cybersecurity across the financial sector value chain is as instant as the real-time payment services that digital finance promises.
Indeed, this is in line with Clara Arthur’s recently declaration at the launch of the State of Inclusive Instant Payment Systems (SIIPS) in Africa Report in Eswatini, that she is leading GhIPSS to ensure that Ghana’s payment system reaches the mature inclusivity stage by ensuring that customers are fully protected end-to-end.
On that occasion, she also announced that Ghana’s payments system is being moved from the ISO 8583 standards to the ISO 20022 standards to ensure improved messaging and better customer recourse solutions that automatically provides instant dispute resolution for customers.
The drive to build a unified cybersecurity system for the ecosystem, according to her, also ensures a multi-layered protection for all stakeholders from cyber attacks, which often terminates in huge financial losses to individuals, institutions and the state.
Bank of Ghana
On his part, the Acting of Information Security at the Bank of Ghana, Daniel Klu also noted that because financial institutions did not really participate in the formulation of the cybersecurity regulations for the industry, the regulator seem far away from the industry, and the industry does not seem to have a clear direction on what to do so they try to create their own resilience.Â
He said the focus going forward is to bridge the gap between the technology and innovations deployed by the industry, and the regulatory framework by ensuring flexibility on the part of the regulators to drive collaboration between stakeholders.
“One of the major things coming up in the new regulations to being flexible on the industry, providing a clear direction and also using third parties,” he said. “We acknowledge that the industry will always be ahead of regulation so if we do not encourage industry to contribute to the way forward we are going to have problems.”
Mr. Klu therefore urged industry not to be obsessed with resilience and under reporting, but rather to open up to the regulator to foster collaboration even at the level of technology role out to ensure that the gap is closed between industry and regulation and the entire ecosystem is better protected.
He believes that through collaboration, the ecosystem will always be ahead of cyber fraudsters by “a 100 fold”, which is “the only way we will be able to win the fight against cyber fraud given the sophistication of the emerging cyber threats.”
VISA
Adam Clark is the Vice President, Applied Cryptography at Visa, and he spelt out five key ways by which Visa can assist financial institutions in Ghana to build effective cybersecurity systems.
He stated that investment in cyber resilience is critical, adding that building talents in the fight against cyber threats is also key to the winning the fight, and that is one other area Visa can assist through their three-tiered cybersecurity training institute.
Adam Clark also emphasised the need for financial institutions to build future-proof cybersecurity system particularly in the era of Generative AI and Quantum, where fraudsters can easily outwit weak systems.
According to him, it is also critical for institutions to partner with key stakeholders to leverage intelligence and industry expertise, particularly in ensuring that advanced threats are prevented and or detected and auto-contained in real-time.
