NAIROBI, Kenya, Nov – Kenya and Ghana have introduced new regulatory frameworks for cryptocurrency service providers as African governments move to tighten oversight in a rapidly expanding digital asset market that has become increasingly vulnerable to fraud and illicit financial flows.
The two countries have enacted Virtual Asset Service Provider (VASP) laws, requiring crypto platforms to meet stricter compliance, reporting, and cybersecurity standards. Regulators say the measures are aimed at improving transaction traceability and closing gaps that have been exploited by cybercriminals.
Africa recorded USD 205 billion in on-chain crypto transactions between July 2024 and June 2025, according to sector data, making it the third-fastest-growing market globally. The rapid uptake has coincided with rising cases of hacking, fraud, and unregulated transfers, prompting calls for stronger oversight.
Africa is estimated to lose USD 88.6 billion annually through illicit financial flows, with crypto-linked schemes accounting for an increasing share.
Analysts say existing anti-money-laundering controls have been insufficient without corresponding investments in security systems such as identity verification, transaction monitoring, and platform integrity.
Under the new VASP frameworks, operators in Kenya and Ghana will be required to implement enhanced cybersecurity safeguards alongside compliance obligations, including user verification, reporting of suspicious transactions, and operational licensing.
Cybersecurity specialists say the combined approach — integrating financial regulation with mandatory cyber safeguards — is expected to become a model for other African markets facing similar risks as digital transactions grow.
Policymakers across the region continue to face a balancing act: expanding access to digital financial services while ensuring sufficient protection against fraud that threatens market stability and user confidence.
