Sharp retreat in verified SIM cards raises red flags
A discreet yet pivotal indicator of confidence in Congo-Brazzaville’s digital ecosystem has deteriorated markedly this year. Fresh data unveiled in Brazzaville by the Agence de régulation des postes et des communications électroniques (ARPCE) reveal that only 9.13 percent of subscriber identity module cards activated between January and August were supported by complete and accurate identification, compared with 13.20 percent in 2024. The contraction, though it may appear arithmetically modest, translates into hundreds of thousands of untraceable mobile lines circulating across national territory.
For a country where nearly three quarters of the population access the internet principally via mobile devices, the figure sets off institutional alarm bells. “The identification requirement is indispensable for both public security and the credibility of our market,” stressed Benjamin Mouandza, Director of Electronic Communications Networks and Services, during the presentation of the survey’s findings. While he characterised the exercise as routine, the tone of his remarks mirrored the regulator’s growing impatience.
A robust legal framework under renewed scrutiny
Since the promulgation of Decree No. 554 of 26 July 2010, the obligation to register every SIM purchaser with a recognised identity document has been unambiguous. The text, adopted well before many peer jurisdictions in Central Africa, was hailed at the time as a forward-looking response to the emerging risks of cyber-fraud and transnational crime.
Fourteen years on, the statutory edifice remains intact, but enforcement appears to have loosened under the weight of rapid network expansion and increasingly sophisticated distribution chains. ARPCE’s latest notice is therefore less a policy shift than a re-assertion of an existing compliance culture that the government has repeatedly described as non-negotiable. State authorities insist that the decree aligns with international best practice and, crucially, with Congo’s wider aspiration to position itself as a trustworthy regional digital hub.
Inside the July–August nationwide field audit
The audit, conducted between 23 July and 28 August, extended across eighteen localities in the departments of Bouenza, Pool, Kouilou, Cuvette and Niari, as well as the economic powerhouse of Pointe-Noire and the capital Brazzaville. Teams deployed by ARPCE visited formal retail agencies, informal kiosks and roadside vendors, compiling a granular snapshot of front-line practices. Only Kinkala and Djambala emerged with full compliance, confirming anecdotal perceptions of a geographical divide between secondary towns and the two main urban centres.
Investigators documented recurrent scenarios in which SIM cards were sold without any documentary checks, or were pre-activated prior to sale, effectively masking the identity of the end-user. Such procedures not only infringe national law but also undermine the traceability demanded by global payment platforms and over-the-top service providers that increasingly rely on phone authentication.
Urban cyber-risk hotspots intensify regulatory pressure
Brazzaville and Pointe-Noire, which together concentrate the majority of banking, oil-related and logistics data flows, were singled out in the report as areas where lapses could quickly morph into large-scale vulnerability. The two cities already attract a disproportionate share of regional cyber-fraud attempts owing to the density of corporate networks and expatriate activity.
Industry specialists interviewed by our newsroom note that the simplest phishing attack often exploits unregistered numbers to evade detection. In that light, the regulator’s sharpened focus on the urban corridor linking the capital to the coast is less a punitive exercise than a preventive shield designed to preserve economic momentum. As one senior risk analyst put it, “without verified end-points, the digital economy becomes an open invitation to malicious actors.”
Operators handed a strict two-month compliance deadline
Louis-Marc Sakala, Director-General of ARPCE, has issued an unequivocal two-month ultimatum to mobile network operators to clean up distribution channels, reinforce staff training and deploy real-time registration platforms. The call is backed by the prospect of significant penalties ranging from financial sanctions to temporary suspension of new SIM activations, measures the regulator has seldom hesitated to apply in the past.
Operators contacted for comment recognise the urgency yet underline logistical constraints, particularly in remote rural districts where civil registries are sparse. Nonetheless, they concede that the reputational cost of non-compliance may outweigh the operational outlay. Several are already considering partnerships with fintech firms capable of biometric verification, a solution that could simultaneously expand financial inclusion, one of the government’s declared policy priorities.
Securing networks while fostering a future-ready economy
Telecommunications have long been identified by policy makers as a pillar of Congo’s strategy to diversify beyond hydrocarbons. Robust identification protocols are a silent but indispensable component of that strategy, anchoring confidence among investors, development partners and consumers alike. By reasserting the centrality of Decree 554, authorities signal that growth need not be achieved at the expense of regulatory probity.
The present standoff, therefore, should be read less as a crisis than as a course-correction. It invites the sector to recalibrate distribution practices, harness emerging technologies and contribute to a digitally secure Congo. As the countdown to the regulator’s November deadline proceeds, industry watchers will look for tangible shifts: more rigorous point-of-sale checks, cleaner databases and, ultimately, a higher percentage in next year’s compliance audit—proof that regulatory guidance and private-sector agility can indeed converge in the national interest.