The Bank of Ghana (BoG) has rolled out an outsourcing directive to tighten governance and risk management in Ghana’s financial sector.
This move targets banks, Specialized Deposit-Taking Institutions (SDIs), financial holding companies, and development finance institutions.
Key details
- Deadline: Financial institutions have until July 1, 2025, to align with these rules or face a GHC 12,000 penalty.
- Core functions: Critical functions, including Board-level decisions, internal audit, and risk management, cannot be outsourced. This safeguard aims to retain control over essential roles within the institution.
- Permissible outsourcing: Institutions can outsource non-core activities, like working with payment card schemes (e.g., Visa, MasterCard) or clearing and settlement arrangements, without BoG’s prior approval, but must notify BoG within ten days before engaging a service provider.
The big picture
BoG’s directive reflects its commitment to bolstering the resilience of Ghana’s financial sector. With banks increasingly outsourcing to cut costs and enhance efficiency, BoG seeks to mitigate strategic, reputational, and operational risks by defining strict guidelines for high-stakes roles.
Transition requirements
- Institutions are instructed to review current contracts and make necessary adjustments ahead of the July 2025 deadline.
- BoG requires a materiality assessment framework by June 2, 2025, to evaluate core vs. non-core functions in each institution’s outsourcing plan.
Between the lines
Any new outsourcing arrangement or contract renewal for core functions must secure BoG’s written approval. The directive also stipulates strict data privacy measures, barring disclosure of customer data without consent.
Source: Citinews
