Ghana Economic Forum 2021: Do we need to institute a compulsory minimum Cyber Risk Insurance Policy Coverage looking at the digitisation drive?

Justice Peprah AGYEI.

Dr. Arkebe Oqubay, Minister and Special Assistant to the Prime Minister of Ethiopia, said instead of prescriptions from outside, which in most cases do not work, African countries are better off looking for solutions within to solve their challenges. (GNA, 2019)

The Ghana Economic Forum was incepted in 2012 to bring together captains of industry and thought-leaders to discuss and debate key issues affecting the Ghanaian economy, and hopefully offer useful solutions and recommendations in favour of accelerated economic growth for the economy. The event is tailored and structured to offer in-depth analysis, discussions and debates on key issues affecting the Ghanaian economy, and to suggest solutions which help overcome the challenges to enhance achievement of the country’s economic development agenda. Furthermore, the event offers a platform for participants to make recommendations aimed at consolidating gains and driving attention to under-served economic imperatives. (Ghana Economic Forum)

This year’s theme is Strengthening Homegrown Policies to underpin the National Digitisation drive and shared financial prosperity’. I was invited as a special guest for this forum which was held on the 20th of October 2021 – but because of another equally important assignment, I was not able to attend.

I would love to look at this year’s theme from the insurance perspective. I could ask a lot of questions, but the only question I want to ask today is about cyber risk and insurance. My question is: Do we need to institute a compulsory minimum Cyber Risk Insurance Policy Coverage looking at the digitisation drive?

The digital transformation of economic activities is creating significant opportunities for innovation, convenience and efficiency. However, as recent major incidents have highlighted, a growing reliance on digital technologies comes with digital security and privacy protection risks. This presents policymakers with the challenge of finding an appropriate balance between addressing these risks while allowing sufficient space for achieving the economic and societal benefits of digitalisation (OECD 2017).

The Cyber Security Authority (CSA) has been established by the Cybersecurity Act, 2020 (Act 1038) to regulate cybersecurity activities in Ghana; to promote the development of cybersecurity, and to provide for related matters. Having transitioned from the then National Cyber Security Centre NCSC, the CSA was officially launched on 1st October 2021 as an Agency under the Ministry of Communications and Digitalisation. The vision is to ensure a secure and resilient digital Ghana. Their mission is to build a resilient digital ecosystem; secure digital infrastructure; develop national capacity; deter cybercrime and strengthen cybersecurity cooperation.

Cyber risk was identified as the risk of highest (or second-highest) concern to doing business in more than one-third of Organisation of Economic Cooperation and Development (OECD) countries in the World Economic Forum’s 2017 Global Risk Report (and among the five risks of greatest concern in more than half of OECD countries, a higher share than either terrorist attacks or natural disasters). Similarly, the business respondents to the 2017 Allianz Risk Barometer survey ranked cyber incidents (cybercrime, IT failure, data breaches, etc.) third among top global business risks (up from 15th in 2013) and consistently among the top-five risks across all regions (Allianz Global Corporate & Specialty, 2017).

While not a substitute for investing in cyber security (and therefore reducing the risk of being affected by an incident), insurance coverage for cyber risk provides a means for companies and individuals to transfer a portion of their financial exposure to insurance markets. Where providing significant levels of insurance coverage, insurance companies can also make an important contribution to the management of cyber risk by promoting risk-awareness and encouraging measurement, supporting incident management, and providing incentives for risk reduction.

Ghana is pushing and driving the digitisation agenda. Previously, it used to be only the private sector and especially the financial industry that was taking data from the public. Now, most public institutions collect data from the public – and these are being linked to social security and pensions, Ghana Revenue Authority and others. Are we considering the economic impact when there is a data breach? Are we considering the implications for third parties who could be affected by this breach?

The threats and impacts of cyberattacks on the financial sector are increasing. Customers of financial services suffered 65% more cyberattacks in 2016 than customers of any other industry, which represented a 29% increase from the previous year, according to Bank Group estimates. (World Bank report, 2018).

Today, I just asked a simple question. We will have a thorough discussion on cyber risk and cyber insurance as we look forward to strengthening homegrown policies to underpin the national digitisation drive and shared financial prosperity.

The writer is the Leading Managing Partner of Jusbel Risk Consult Limited. He is a Chartered Insurance Practitioner and an Associate of the Chartered Insurance Institute of United Kingdom and also Ghana (ACII-UK, ACIIG).

0549705031 || [email protected] ||  ||


OECD (2017), Enhancing the Role of Insurance in Cyber Risk Management, OECD Publishing, Paris.

Home-grown policies key to transformation of African economies

Leave a Reply