Regional regulatory cooperation remains a cornerstone of Africa’s digital transformation agenda. The 15th Annual General Meeting (AGM) of the Communications Regulators’ Association of Southern Africa (CRASA), held in Lilongwe, Malawi, from 16 to 17 April 2026, brought together national regulatory authorities (NRAs), regional bodies, and partners to reflect on progress, address governance challenges, and explore the future of digital regulation across Southern Africa.

A platform for regional alignment and strategic dialogue

The AGM was preceded by a forward-looking summit focused on “G5 regulation”, a framework aimed at advancing next-generation, digitally responsive regulatory systems. Discussions emphasised the need for regulators to transition towards more adaptive, future-oriented models capable of supporting evolving digital ecosystems.

However, a key insight emerging from the discussions was the gap between current regulatory maturity and future ambitions. While the G5 framework points towards advanced digital regulation, many participating countries are still operating at earlier stages of regulatory development. This highlights a critical need for bridging strategies to ensure that regulatory evolution is both realistic and inclusive.

Driving collaboration across regional bodies

The AGM also provided a platform to strengthen collaboration between CRASA and other regional initiatives, including iPRIS. Engagements during the meeting highlighted growing interest in better coordination of capacity-building efforts and regulatory development programmes across regions.

Notably, participation from iPRIS stakeholders and alumni demonstrated the programme’s increasing relevance within regional regulatory spaces. Alumni are beginning to take on more prominent roles within their institutions, contributing to discussions and shaping regulatory priorities at both national and regional levels.

Tangible outcomes at the forefront

Across multiple sessions, a recurring theme emerged: the need to translate dialogue into actionable outcomes. While the AGM facilitated rich discussions on policy, strategy, and cooperation, participants emphasised the importance of moving beyond conversations towards implementation.

This includes:

• Advancing harmonised regulatory frameworks across countries
• Strengthening cross-border coordination on spectrum and digital services
• Delivering measurable improvements in consumer protection and market efficiency

Building a more cohesive regulatory future

The CRASA 15th AGM reaffirmed the importance of regional platforms in shaping Africa’s digital future. It highlighted both progress and persistent challenges, from advancing regulatory frameworks to strengthening institutional governance.

For iPRIS and its partners, the AGM reinforces a clear direction:

• Continue supporting regulators with practical, context-driven capacity building
• Strengthen alignment with regional organisations like CRASA
• Focus on implementation, impact, and measurable change

iPRIS is coordinated and implemented by SPIDER in strategic and technical partnership with the Swedish Post and Telecom Authority (PTS) and Institut luxembourgeois de régulation (ILR), as well as ARTAC, CRASA, EACO, and WATRA.

iPRIS is funded by the European Union, Sweden, and Luxembourg as part of the Team Europe Initiative “D4D for Digital Economy and Society in Sub-Saharan Africa” (Code: 001).

Namibia has taken a decisive step towards strengthening its national cybersecurity posture with the launch of its National Cybersecurity Incident Management Guidelines (2026), a milestone that reflects both national urgency and the tangible impact of African regulatory collaboration under iPRIS.

This achievement traces back to the fourth iPRIS cohort, where Namibia’s delegation identified critical cybersecurity gaps and committed to addressing them through a Change Initiative that has now moved from concept to implementation. This fourth cohort was an all-female delegation, consisting of Ella-Betty Chapoto, Mirjam Mungungu, Magano Katoole, and Charley Cloete. 

Read more about the fourth cohort’s discussions after their full iPRIS cycle here

A clear problem, a targeted response

During their first engagement in Sweden, the Namibia team, now iPRIS alumni, highlighted a rapidly evolving threat landscape.

The scale of these incidents pointed to a structural gap: while digital adoption was accelerating, coordinated national mechanisms for managing cyber incidents remained underdeveloped. In response, the team advanced a Change Initiative focused on strengthening incident response frameworks, laying the foundation for what would become the national guidelines.

Building a cyber-resilient ecosystem

The launch of the guidelines marks a shift from reactive responses to a coordinated, risk-based national cybersecurity approach. Developed by the Communications Regulatory Authority of Namibia (CRAN) in collaboration with the Namibia Cybersecurity Incident Response Team (NAM-CSIRT), the guidelines provide:

• A national framework for detecting, reporting, and responding to cyber incidents
• Clear protocols for coordination across government, private sector, and critical infrastructure operators
• Standardised processes for incident management, communication, and recovery
• A foundation for continuous improvement and adaptive response in a rapidly evolving threat landscape

Importantly, the guidelines emphasise that cybersecurity is not a standalone technical function, but a shared responsibility across institutions and individuals. As highlighted during the launch:

Cyber threats are not hypothetical; they are real, evolving, and require continuous preparedness, coordination, and learning.

From policy gaps to practical tools

In the absence of a fully enacted cybersecurity law, the guidelines serve as a critical operational bridge, enabling institutions to act now rather than wait for legislation. They introduce practical mechanisms such as:

• Defined incident response lifecycles (from detection to recovery and post-incident learning)
• Mandatory and recommended incident reporting timelines
• Structured roles and responsibilities across organisations
• Emphasis on cyber hygiene, staff training, and awareness

Data-driven urgency and real-world scenarios

The launch also reinforced the urgency of action with concrete national data and examples:

• Namibia experienced multiple ransomware attacks within the first months of the year, averaging nearly one per month
• Common vulnerabilities include misconfigured systems, outdated software, and weak access controls
• Cyber risks increasingly extend through third-party and supply chain dependencies

To translate policy into practice, the event included live simulations demonstrating real-world threats such as:

• Phishing and social engineering attacks
• Fraud through remote access tools
• Risks associated with public Wi-Fi and digital behaviour

These examples underscored a central message: cybersecurity resilience depends on preparedness, awareness, and rapid response, not prevention alone.

Strengthening regional and global cooperation

The guidelines also position Namibia within a broader ecosystem of regional and international collaboration.

They align with and leverage cooperation through platforms such as:

• SADC cybersecurity frameworks
• AFRICA CERT and international incident response networks
• Global standards including ISO and NIST frameworks

This reflects a core iPRIS principle: cross-border collaboration is essential, as cyber threats do not respect national boundaries.

iPRIS in action: From discussions to national impact

The Namibia case demonstrates how iPRIS moves beyond knowledge exchange to institutional transformation.

What began as a cohort discussion in Stockholm and Swakopmund has resulted in:

• A nationally adopted cybersecurity framework
• Strengthened institutional coordination through NAM-CSIRT
• Increased national awareness and stakeholder engagement
• A scalable model for other regulators facing similar challenges

The initiative highlights the value of peer learning and structured change processes in enabling regulators to respond to complex, fast-evolving challenges. While the guidelines mark significant progress, they are designed as a living framework, continuously evolving alongside emerging threats, technologies, and national priorities.

With ongoing efforts to advance cybersecurity legislation, expand capacity building, and strengthen coordination, Namibia is positioning itself for a more secure and resilient digital future. As the iPRIS journey continues, this milestone stands as a clear example of what is possible when insight, collaboration, and implementation come together.

Watch highlights from the fourth iPRIS cohort below

iPRIS is coordinated and implemented by SPIDER in strategic and technical partnership with the Swedish Post and Telecom Authority (PTS) and Institut luxembourgeois de régulation (ILR), as well as ARTAC, CRASA, EACO, and WATRA.

iPRIS is funded by the European Union, Sweden, and Luxembourg as part of the Team Europe Initiative “D4D for Digital Economy and Society in Sub-Saharan Africa” (Code: 001).

Regional cooperation on roaming is moving from ambition to implementation, with West African regulators actively shaping practical, context-driven frameworks for more affordable and transparent cross-border connectivity.

Today, the majority of citizens rely on mobile connectivity not only for communication but also for banking, media consumption, commerce, and access to public services. Yet the cost of using a phone outside one’s home country remains prohibitively high. International Telecommunication Union (ITU) reports indicate that roaming charges in Sub‑Saharan Africa can reach $3 per megabyte of data, a price that places everyday digital activities beyond the reach of many households. Affordable roaming is therefore more than a convenience; it is a foundation for regional integration, enabling people and businesses to stay connected, lowering trade barriers, and supporting the growth of a unified digital economy across the West African region. As of August 2025, 13 bilateral MOUs had been signed across 8 West Africa Telecommunications Regulators Assembly (WATRA) member states, with 9 already active (WATRA, 2025).

Read more insights concerning roaming in Sub-Saharan Africa from SPIDER Director Prof Caroline Wamala-Larsson here

At the 2026 Annual General Meeting of the West Africa Telecommunications Regulators Assembly (WATRA) in Lomé, Togo, regulators from across West Africa convened to address one of the region’s most persistent challenges: the high cost and complexity of mobile roaming. Held from April 20 to 24, 2026, the AGM convened national regulatory authorities (NRAs), field stakeholders, and development partners to advance the telecom landscape in the region.

The capacity-building workshop on roaming brought together NRAs to examine viable regulatory models, informed by international experience but grounded in regional realities. This workshop follows a recent online roaming workshop convened by WATRA, in partnership with the iPRIS project, organised by EY Baltic, and coordinated by SPIDER, on 19th February.

From principles to practical models

The workshop focused on translating global roaming frameworks into actionable pathways for West Africa. Experts from EY Baltic, including Paulius Žostautas, Olga Nodarou, Ioanna Choudalaki, and Andrejs Dombrovskis, presented regulatory approaches shaped by European and other international experiences. A central insight emerged clearly: there is no single model for roaming regulation. Instead, regulators must balance three critical dimensions:

• Consumer protection and affordability
• Operator cost recovery and sustainability
• Regional harmonisation and simplicity

Discussions explored different regulatory approaches, including benchmarking, cost-based models, and phased harmonisation strategies. Importantly, regulators examined how these models could evolve progressively, starting with simpler price caps and moving towards more advanced, cost-informed frameworks.

Addressing complexity with context

Across the sessions, West African regulators emphasised a key concern: global models must be adapted to regional and local market realities.

For example, discussions highlighted the limitations of “roam-like-at-local” approaches, which can introduce pricing complexity and reduce transparency for consumers. In contrast, more harmonised models, such as simplified price caps, were recognised as more user-friendly and predictable.

At the same time, regulators raised valid implementation challenges:

• High technical and financial requirements for cost modelling
• Diverse market structures across ECOWAS countries
• The need for phased, realistic transition pathways

In response, the experts outlined practical alternatives, including benchmarking against comparable markets to reduce implementation burden while still moving towards harmonisation.

Strengthening transparency and trust in the market

A recurring theme was the role of transparency in enabling effective regulation. Cost modelling, while complex, was presented as a tool to:

• Provide regulators with visibility into actual operator costs
• Strengthen regulatory decision-making
• Build trust when implementing stricter pricing rules

Equally, transparency for consumers, through clear pricing and communication, was identified as essential to improving user experience and adoption of roaming services.

Building the foundations for regional integration

Beyond pricing, the workshop addressed the broader technical and regulatory ecosystem required for a functional regional roaming framework. This included:

• Quality of service standards and monitoring
• Interoperability between operators
• Fraud mitigation and risk management
• Reference offers to standardise inter-operator agreements

A key takeaway was that regional roaming is not only a pricing issue, but a system-wide coordination challenge, requiring alignment between regulators, operators, and policymakers.

Peer learning and regional progress

The workshop demonstrated the value of iPRIS as a platform for peer exchange, where African regulators are not passive recipients of global models but active contributors shaping solutions for their context. As noted by Bengt G. Mölleryd, the strength of the session lay in its interactivity and relevance, connecting international expertise with the lived realities of West African markets.

Hosted with the support of ARCEP Togo, the convening also underscored the importance of national leadership in advancing regional agendas. The Lomé discussions signal a growing momentum towards a more integrated West African roaming space. The path forward is iterative, requiring:

• Phased implementation
• Continuous stakeholder engagement
• Strong regional coordination through platforms such as WATRA

For iPRIS, this engagement reinforces a core objective: supporting African regulators to lead, design, and implement reforms that improve connectivity outcomes across the continent.

iPRIS is coordinated and implemented by SPIDER in strategic and technical partnership with the Swedish Post and Telecom Authority (PTS) and Institut luxembourgeois de régulation (ILR), as well as ARTAC, CRASA, EACO, and WATRA.

iPRIS is funded by the European Union, Sweden, and Luxembourg as part of the Team Europe Initiative “D4D for Digital Economy and Society in Sub-Saharan Africa” (Code: 001).