Cybersecurity · Benin
Cybersecurity regulation in Benin (2026)
Benin shaded by its cybersecurity status
Benin's cybersecurity obligations are anchored in its comprehensive Digital Code (Code du Numérique), whose Book VI establishes cybercrime offences, cybersecurity duties, and cryptology rules applicable across all digital actors. The framework is not a standalone NIS2-style cybersecurity statute but rather an integrated digital law; ANSSI-Bénin and its bjCSIRT provide the operational and regulatory backbone, supported by a National Cybersecurity Strategy and, since October 2024, the Budapest Convention on Cybercrime entering into force for Benin.
Key points
Law No. 2017-20 (in force April 2018, amended 2021) consolidates rules on e-communications, e-commerce, data protection, cybercrime, and cybersecurity in a single act. Book VI specifically addresses cybercrime offences (modelled on the Budapest Convention) and imposes security obligations on network operators and trust-service providers.
The Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI-Bénin), mandated by Article 606 of the Digital Code, oversees information-systems security, drafts regulations, and operates the national CSIRT (bjCSIRT). The Office Central de Répression de la Cybercriminalité (OCRC) handles law-enforcement investigations, while the CRIET court prosecutes cybercrime with an economic dimension.
Article 427 of the Digital Code requires data controllers to notify the personal data protection authority (APDP) of any security breach affecting personal data 'without delay'. Fines for non-compliance reach XOF 50 million (first breach) and XOF 100 million or 5% of annual turnover for repeat breaches within five years.
Benin acceded to the Council of Europe Convention on Cybercrime (Budapest Convention, ETS 185) and its First Additional Protocol on 20 June 2024; the Convention entered into force for Benin on 1 October 2024. Benin also ratified the African Union Malabo Convention on Cybersecurity and Personal Data in early 2024.
Benin adopted a National Digital Security Strategy (Stratégie Nationale de Sécurité Numérique) drafted by ANSSI-Bénin, comprising 47 projects over a 3-year implementation horizon. Pillars include protection of public and private information systems, critical-infrastructure security, cybercrime suppression, legal-framework strengthening, and international cooperation. An update process was under way as of 2025.
In July 2025, the Beninese government adopted eight implementing decrees under the Digital Code, covering: conditions for e-archiving service providers, technical specifications for electronic-identification guarantee levels, e-waste management, and cryptology means/services declaration and licensing — further operationalising cybersecurity-related trust-service obligations.
Benin - other topics
Last verified 5/24/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →