THE Ghana Cybersecurity Authority (GCA) has identified 38 digital lending mobile applications involved in cyberbullying, marking a significant concern in the digital financial landscape. Throughout 2024, the GCA has received 130 reports from users who have experienced cyberbullying and harassment through these platforms.
According to the GCA, these apps violate several key legislative frameworks, including the Banks and Specialised Deposit-Taking Institution Act, 2016 (Act 930), which mandates regulatory compliance for financial entities. Moreover, the operators of these apps have failed to meet the compliance requirements set by the Data Protection Commission (DPC), resulting in unauthorised access to users’ personal and sensitive information. This non-compliance with the Data Protection Act, 2012 (Act 843) has allowed these apps to exploit users’ data without legal oversight.
In response to these violations, the GCA has taken steps to curb the influence of these applications. However, many of these apps continue to operate via APK (Android Package Kit) files, enabling them to bypass regulatory scrutiny and persist in their operations outside the regulated app distribution channels.
Victims of these digital lending apps often unknowingly provide access to their data, including contacts, photos, and personal identifiable information (PII), such as the Ghana identity card, during the installation process. The GCA’s investigation revealed that users are frequently credited with funds automatically deposited into their mobile money wallets without requesting a loan.
A week later, the apps’ operators deploy aggressive extortion tactics. They demand high-interest loan repayments, even from individuals who may not have actively borrowed money. Threats include sharing actual or fabricated nude photos on social media or blackmailing victims by falsely labelling them as criminals. Some victims reported being coerced into making additional payments even after settling their dues.
The GCA has warned the public about the risks associated with using these unregulated digital lending platforms. Despite the authority’s efforts, the persistence of these apps highlights the challenges in enforcing compliance and protecting consumer rights in the digital financial space.
The Bank of Ghana has also been vigilant about these practices. In August 2022, the bank noted the proliferation of unlicensed loan providers and identified their actions as a breach of consumer protection requirements and privacy laws. It pledged to take legal action against such entities to safeguard consumer interests.
In January 2023, the GCA publicly listed several digital lenders engaging in cyberbullying, further emphasizing the need for regulatory measures and consumer caution in the face of these predatory practices.
