Authored By: Victoria Sejanamane
University of Botswana
Abstract
Botswana has made significant strides in modernising its legal frameworks, particularly in public procurement and cybersecurity. The Public Procurement Act 2021 was designed to enhance accountability and effectiveness in government contracting, ensuring equitable and efficient use of public resources. Similarly, the Cybercrime and Computer Related Crimes Act establishes legal safeguards to protect digital systems and personal information. However, the practical impact of these laws has been constrained by operational hurdles, including slow procedural processes, insufficient institutional resources, and gaps in technical expertise, which collectively limit their ability to achieve intended outcomes.This article examines these enforcement gaps, highlighting common weaknesses such as bureaucratic bottlenecks, underfunded agencies, and low public awareness. It further proposes targeted reforms, including capacity building, and enhanced accountability mechanisms, to transform Botswana’s legal frameworks from well-intentioned statutes into operationally effective tools that ensure transparency, protect rights, and strengthen governance in both physical and digital domains.
Introduction
Botswana is widely recognised as one of Africa’s more stable democracies, with an commendable record in governance compared to many of its neighbours.[1] Over the last two decades, the country has sought to modernise its legal frameworks to match global best practices. Two notable examples are the Public Procurement Act 2021, designed to promote transparency and efficiency in public spending, and the Cybercrime and Computer Related Crimes Act, which aims to combat online threats in an increasingly digital economy.[2]
On paper, these laws are robust. They reflect an understanding that modern governance requires both economic infrastructure and digital security. Yet in practice, their impact has been uneven. Major infrastructure projects have stalled due to tender disputes and bureaucratic delays.[3] Meanwhile, cybercrime is on the rise, and enforcement agencies are struggling to keep up.[4]
This article explores the paradox of modern laws producing delayed or inadequate results. It examines the enforcement challenges in Botswana’s procurement and cybercrime frameworks, identifies common weaknesses in their implementation, and proposes reforms to bridge the gap between legislative ambition and real-world effectiveness.
Research Methodology
This article adopts a doctrinal and analytical approach to examine Botswana’s public procurement and cybersecurity frameworks. Information was gathered through a comprehensive review of primary legal sources, including the Public Procurement Act 2021, the Cybercrime and Computer Related Crimes Act, and relevant statutory instruments. Supplementary insights were drawn from case law, scholarly articles, government reports, and credible news sources to contextualise the practical application of these laws. The research method involved critically analysing the legislation and enforcement mechanisms, identifying challenges, and evaluating how they impact transparency, efficiency, and accountability. By combining doctrinal analysis with practical examples, the study aims to bridge the gap between statutory provisions and real-world implementation.
Legal Frameworks in Focus
Public Procurement Act 2021
The Public Procurement Act 2021[5] replaced earlier fragmented procurement rules, consolidating the process under the Public Procurement Regulatory Authority (PPRA).⁵ Its objectives include:
- Ensuring value for money in public contracts.
- Promoting fairness and transparency.
- Encouraging participation by local businesses.[6]
The Act mandates competitive bidding, sets clear evaluation criteria, and provides for appeals to the Independent Complaints Review Committee.[7] However, while the law seeks to safeguard public funds, its procedural demands can slow project delivery.[8]
Cybercrime and Related Digital Laws
Botswana has taken a proactive stance in the digital realm. The Cybercrime and Computer Related Crimes Act criminalises hacking, fraud, identity theft, and the spread of malicious software.[9] Complementary laws like the Data Protection Act 2018 safeguard personal information.[10] Botswana’s ratification of the Budapest Convention on Cybercrime signals a commitment to global cooperation.[11] Despite this progress, practical enforcement remains limited. Digital investigations require advanced forensic tools and specialised expertise, which local agencies are still developing.[12]
Enforcement Challenges
Procurement Delays and Inefficiencies
Weak enforcement manifests most visibly in stalled infrastructure projects. In 2024, several road and hospital tenders were delayed for months due to:
- Protracted appeals from losing bidders.
- Overburdened regulatory processes at PPRA.
- Corruption allegations requiring lengthy investigations.[13]
For example, the Ministry of Transport’s 2023 review cited procurement bottlenecks as the main cause of missed completion deadlines.[14] The intention of the law—to ensure fairness—was being undermined by drawn-out disputes and inadequate resolution capacity.
A key challenge identified in Botswana’s public procurement framework is the lack of capacity and competency within procuring entities. As highlighted in the IOSR study (O’Reilly-Konji & Kamoni, 2023)[15], procurement units are often understaffed, with officers lacking formal training in modern procurement practices. In some years, fewer than 30 officers received formal procurement training through recognized institutions, despite the national need running into the thousands (PPADB, 2015)[16]. This gap means officers are less equipped to manage complex tenders or resolve disputes quickly, thereby extending project timelines and reducing efficiency.
E-procurement, while offering potential to speed up processes, remains underutilized. The study found very few public institutions make use of tools like e-bidding, e-evaluation, or e-catalogues (O’Reilly-Konji & Kamoni, 2023)[17]. This is partly due to inadequate ICT infrastructure, resistance to change among officers accustomed to manual systems, and insufficient training. Without robust digital systems, procurement continues to rely heavily on paper-based methods that slow down decision-making, increase administrative burden, and create opportunities for document manipulation (Vaiya, 2012; Mutua & Moronge, 2018).[18]
Risk management practices are similarly underdeveloped. While most entities acknowledge the importance of risk identification and mitigation, the IOSR findings revealed low incorporation of procurement risk management into daily operations (O’Reilly-Konji & Kamoni, 2023)[19]. This omission leaves projects vulnerable to cost overruns, delays, and supplier defaults. Often, risk policies are either outdated or not enforced consistently, reflecting a wider culture of compliance in form rather than in practice (Khan, 2018; Sarawa & Mas’ud, 2020)[20]. As a result, potential threats are not addressed until they escalate into disputes, further delaying project delivery.
Evaluation practices, although present, are inconsistently applied. Some institutions maintain detailed audit trails and use structured evaluation matrices, but others deviate from approved procurement plans, fail to adhere to tender timelines, or neglect to prepare completion reports (PPADB, 2019)[21]. This unevenness stems from weak internal controls and a lack of standardized monitoring tools across ministries, parastatals, and autonomous bodies. Moreover, limited oversight allows non-compliance to go unpunished, perpetuating a cycle where delays and inefficiencies are tolerated rather than corrected (Amila, 2022)[22].
Supplier management also presents a critical weakness. While certain organizations maintain supplier databases and apply Carter’s 10Cs evaluation model, many do not engage in proactive supplier relationship management (Cordell & Thompson, 2019)[23]. The IOSR study noted that some institutions still procure from suppliers with poor performance histories due to political influence, lack of alternative vendors, or incomplete performance records (O’Reilly-Konji & Kamoni, 2023)[24]. This undermines competition and quality, leading to repeated contract failures. These systemic weaknesses suggest that delays and inefficiencies are not simply the result of isolated disputes but reflect a broader institutional challenge—one rooted in inadequate capacity, inconsistent application of rules, and limited adoption of modern procurement tools.
Cybercrime Enforcement Gaps
In the cybercrime sphere, enforcement in Botswana is hindered by acute capacity constraints. Key pain points include:
- A scarcity of skilled digital forensic experts.
- Outdated or insufficient equipment to track and analyze online activity.
- Weak or non-existent cross-border cooperation mechanisms.[25]
A high-profile phishing scam in late 2023 targeted government email accounts and compromised sensitive data; nonetheless, no public prosecution updates have emerged to date.[26] This underscores the difficulty of tracing cybercriminals—many of whom operate beyond Botswana’s jurisdiction and evade domestic legal reach.
Botswana has enacted foundational cybercrime legislation, including the Cybercrime and Computer-Related Crimes Act (2018), the Electronic (Evidence) Records Act of 2014, and the Data Protection Act—assented in 2018 and now in force. These laws provide frameworks for criminalizing cyber offenses, managing electronic evidence, and safeguarding personal data. However, enforcement remains weak due to limited technical expertise and awareness among legal officers and enforcement personnel.
Moreover, while legal structures exist, gaps persist: the absence of operational mechanisms to ensure compliance with data protection, limited prosecutorial readiness, and lack of alignment with rapidly evolving cyber threats have created enforcement blind spots.
Botswana’s international cooperation in cybercrime remains fragile. While the Maitlamo National ICT Policy envisions cooperative agreements to address cross-border cybercrime, actual implementation lags. Established tools such as mutual assistance protocols exist on paper, but Botswana does not appear to have a designated 24/7 international contact point for cybercrime. This hinders timely sharing of information, requests for digital evidence, and coordinated responses to transnational threats. NCSI assessments further reveal that, although Botswana has a specialized digital forensics function, its rating for international 24/7 contact capability is rated “0” highlighting a critical operational void.[27]
The infrastructure supporting cybercrime enforcement is also underdeveloped. Despite having a Cyber Forensics Branch within the Botswana Police Service, broader institutional capacity remains limited. This includes shortages of modern forensic labs, digital evidence processing systems, and training programs in emerging cyber-attack methods. Without robust technological infrastructure, investigations progress slowly and often fail to yield prosecutable outcomes.
Finally, public awareness and interagency coordination are insufficient. Many citizens remain unaware of evolving cyber risks such as social media scams exploiting personal data, while internal coordination between agencies—including the police, FIA, and communications regulatory bodies—lacks consistency and synergy.[28] This results in fragmented responses to cyber threats and inconsistent enforcement.
Shared Weaknesses in Implementation
Though in different sectors, procurement and cybercrime enforcement share structural weaknesses: Implementation Lag – Laws enacted before adequate institutional readiness.¹⁷ Underfunded Agencies – Both PPRA and cybercrime units operate under financial constraints.¹⁸ Slow Accountability Mechanisms – Appeals in procurement drag on; cybercrime cases face court backlogs.¹⁹ Low Public Awareness – Many citizens and businesses misunderstand compliance obligations.²⁰
Though in different sectors, procurement and cybercrime enforcement share structural weaknesses. One of the most prominent is implementation lag—where laws are enacted before adequate institutional readiness exists to enforce them effectively. In procurement, this is seen in the roll-out of e-procurement systems and procurement risk frameworks before officers received sufficient training or infrastructure upgrades (O’Reilly-Konji & Kamoni, 2023).[29] In cybercrime, Botswana’s Cybercrime and Computer-Related Crimes Act (2018) and Data Protection Act came into force without a fully resourced digital forensics capacity or clear operational guidelines for evidence handling, leaving enforcement patchy. This premature implementation leads to a gap between legislative intent and real-world impact.
A second shared challenge is chronic underfunding of key agencies. For procurement, the Public Procurement Regulatory Authority (PPRA) operates under tight budget allocations that limit its ability to conduct frequent compliance monitoring, develop procurement systems, or scale training programs to all procuring entities. In cybercrime enforcement, the specialized units—such as the Cyber Forensics Branch—face similar financial constraints, limiting investment in forensic tools, staff expansion, and cross-border liaison functions (Motlaleng, 2025). Without sustained funding, both sectors remain in a perpetual state of “catching up” to evolving challenges.
Both sectors also suffer from slow accountability mechanisms.[30]In procurement, lengthy appeals from losing bidders can halt infrastructure projects for months, eroding public trust and inflating costs (Ministry of Transport, 2023). Similarly, cybercrime prosecutions often stall due to court backlogs, delayed expert testimony, and procedural hurdles in securing admissible digital evidence (Sunday Standard, 2025). These delays weaken deterrence—sending a signal that violations, whether of tender rules or cyber laws, may not result in swift consequences.
Another shared weakness is low public awareness of legal obligations and compliance standards. In procurement, small and medium-sized enterprises bidding for public contracts often lack understanding of tender requirements, evaluation criteria, and documentation standards, leading to disqualifications and disputes (PPADB, 2019). In cybercrime, businesses and individuals frequently underestimate the importance of data protection, strong authentication measures, and timely reporting of incidents (BW-CIRT, 2023).[31] This lack of awareness increases vulnerability to both bid irregularities and online scams.
Fragmented inter-agency coordination further undermines performance in both areas. In procurement, oversight bodies, ministries, and project implementation units often operate in silos, resulting in inconsistent application of procurement rules. In cybercrime enforcement, the absence of an operational 24/7 national contact point for cross-border investigations slows down cooperation with international partners (Council of Europe, 2024). The result is a system where even well-intentioned agencies cannot leverage each other’s resources or expertise effectively, leaving enforcement gaps unaddressed.
Finally, both sectors face a resistance to modernization that slows adaptation to evolving threats and demands. In procurement, reluctance to fully adopt e-procurement stems from comfort with paper-based systems and fear of technological disruption among long-serving officers (O’Reilly-Konji & Kamoni, 2023). In cybercrime enforcement, similar hesitance appears in the slow uptake of advanced forensic tools, AI-based threat detection, and automated case-management systems. Without cultural and operational buy-in, legal reforms in both spheres risk becoming static frameworks that fail to deliver the intended public value.
Proposed Reforms for Botswana’s Public Procurement Framework
To enhance the effectiveness of Botswana’s procurement system, organisations and oversight bodies should first critically assess the applicability and scope of the Public Procurement Act. This involves determining whether specific projects, especially those involving complex or high-value contracts, fall under the Act’s provisions and identifying new compliance obligations. Establishing clear internal guidelines and documenting procurement processes will help organisations maintain accountability, reduce disputes, and ensure that decision-making aligns with legal requirements.
Second, procedural safeguards should be strengthened to address inefficiencies and delays. This includes implementing structured mechanisms for handling tender appeals, ensuring transparency in evaluation criteria, and embedding checks that allow for human oversight in automated or delegated decision-making processes.21By operationalising these safeguards, authorities can prevent protracted disputes, improve fairness, and allow affected parties to contest decisions that may significantly impact their participation or rights.
Finally, capacity-building measures are essential to improve enforcement and compliance. Procuring organisations should invest in staff training, establish clear records of procurement activities, and adopt robust monitoring systems that track project progress and risk. Additionally, creating specialised dispute resolution tribunals, streamlining high-risk project approvals, and leveraging technology to maintain secure and auditable records will strengthen both procedural efficiency and accountability. By embedding these reforms, Botswana can transform its procurement framework from a system hindered by delays into a model of transparency, efficiency, and responsive governance.
Proposed Reforms for Botswana’s Cybersecurity Framework
To strengthen cybersecurity enforcement in Botswana, authorities should prioritise building specialised investigative capacity. This includes training dedicated digital forensic teams, equipping them with modern tools for tracking cyber threats, and creating a continuous professional development programme to keep pace with rapidly evolving technology. By investing in expertise and technical resources, law enforcement can more effectively identify, investigate, and prosecute cybercriminals operating both domestically and internationally.[32]
Second, legislative and procedural clarity must be reinforced. Cybercrime laws should include detailed guidelines for evidence collection, cross-border cooperation, and timely reporting mechanisms. Establishing clear protocols for inter-agency coordination, including between police, regulatory bodies, and private sector stakeholders, will reduce delays, minimise jurisdictional gaps, and ensure that high-risk incidents are addressed swiftly. Public-private partnerships can also be leveraged to share threat intelligence and best practices, creating a more resilient national cyber ecosystem.
Finally, awareness, accountability, and preventive measures must form the cornerstone of reform. Organisations and government agencies should adopt proactive cybersecurity policies, implement regular risk assessments, and establish mandatory incident response plans. Public education campaigns can raise awareness of common cyber threats, while mandatory reporting obligations will enhance transparency and compliance. Collectively, these reforms will move Botswana’s cybersecurity framework from reactive enforcement to a proactive, preventative system capable of safeguarding both public and private sector digital assets.
Conclusion
Botswana’s Public Procurement Act and Cybercrime Act illustrate a broader governance challenge: laws can be technically sound yet operationally weak. Without enforcement capacity, procedural efficiency, and institutional funding, even the best-drafted laws risk becoming paper tigers. So let us seek to Establish specialised dispute tribunals to resolve appeals swiftly and expand digital forensic training and forge international partnerships.
A shift is needed from legislative focus to implementation focus investing in people, systems, and processes that turn statutes into tangible results. Only then can Botswana’s legal frameworks fulfil their promise of efficiency, transparency, and protection in both physical and digital spheres.
BIBLIOGRAPHY
ACTS
Public Procurement Act 2021 (Botswana).
Cybercrime and Computer Related Crimes Act (Botswana).
Data Protection Act 2018 (Botswana).
Council of Europe, Convention on Cybercrime (Budapest, 23 November 2001).
Articles
K Nleya, ‘Public Procurement Reforms in Botswana: Challenges and Opportunities’ (2022) 5 Botswana Law Journal 112.
L Keorapetse, ‘Cybersecurity and the Law in Botswana: Bridging the Gap Between Policy and Practice’ (2023) 9 African Journal of Law and Technology 45.
Mmegi Online, ‘Botswana Faces Rising Cybercrime Threats’ (12 November 2023) https://www.mmegi.bw accessed 13 August 2025.
Directorate on Corruption and Economic Crime, Annual Report 2024.
O’Reilly-Konji, S., & Kamoni, P. (2023). The effect of procurement practices on public procurement performance in Botswana. IOSR Journal of Research & Method in Education (IOSR-JRME), 13(2), 01–08.
Ministry of Transport. (2023). Annual Procurement Review Report. Gaborone: Government of Botswana.
Amila, N. K. K. G. (2022). Importance of effective communication to minimize disputes in construction projects. Sch J. Eng Tech, 10(7), 128–140.
Cordell, A., & Thompson, I. (2019). Carter’s 10Cs of supplier appraisal. London: Routledge.
Khan, N. (2018). Public procurement fundamentals: Lessons from and for the field. Bingley: Emerald Publishing Limited.
Mutua, S., & Moronge, M. (2018). Effects of e-procurement on organizational performance: A case of Nairobi City County Government. International Academic Journal of Procurement and Supply Chain Management, 3(1), 18–45.
PPADB. (2015). Annual report 2014/15. Public Procurement and Asset Disposal Board, Gaborone.
PPADB. (2019). Compliance monitoring and performance report. Public Procurement and Asset Disposal Board, Gaborone.
Sarawa, D. I., & Mas’ud, A. (2020). Strategic public procurement regulatory compliance model with mediating effect of ethical behaviour. Heliyon, 6(1), e03232.
Vaiya, F. (2012). E-procurement implementation in developing countries: The case of Tanzania Public Procurement Regulatory Authority. International Journal of Academic Research in Business and Social Sciences, 2(5), 1–15.
Aone Motlaleng. (2025, July 21). Are Botswana’s Cybercrime Laws Keeping Up? The Legal Editorial Daily News. Highlights include weak enforcement due to lack of technical expertise and limited international cooperation. thelegaleditorial.com
Botswana’s cyber policies—including the Cybercrime Act (2018), Electronic (Evidence) Records Act 2014, Data Protection Act 2018—and the Maitlamo ICT policy are outlined, with noted gaps in cross-border cooperation and forensic capacity. Portalncsi.ega.ee
Sunday Standard. (2025, Jan 9). Botswana witnesses surge in digital scams. Reports detail sophisticated phishing and social-media scams exploiting personal data and targeting citizens. Sunday Standard
BW-CIRT. (2023, Dec 19). Clickbait cash grab: Fake online deals haunt Batswana as online scam claims victims. Highlights the prevalence of online scams through social platforms.
Public Procurement Regulatory Authority (PPRA). (2022). Annual Report 2021/22. Gaborone: Government of Botswana.
Motlaleng, A. (2025, July 21). Are Botswana’s Cybercrime Laws Keeping Up? The Legal Editorial Daily News. Retrieved from https://thelegaleditorial.com/2025/07/21/are-botswanas-cybercrime-laws-keeping-up
Ministry of Transport. (2023). Annual Procurement Review Report. Gaborone: Government of Botswana.
Sunday Standard. (2025, Jan 9). Botswana witnesses surge in digital scams. Retrieved from https://www.sundaystandard.info/botswana-witnesses-surge-in-digital-scams
Public Procurement and Asset Disposal Board (PPADB). (2019). Compliance Monitoring and Performance Report. Gaborone: Government of Botswana.
Botswana Communications Regulatory Authority (BOCRA) / Botswana Computer Incident Response Team (BW-CIRT). (2023, Dec 19). Clickbait cash grab: Fake online deals haunt Batswana as online scam claims victims. Retrieved from https://www.cirt.org.bw/warnings/online-scam-claimed-several-victims-botswana
[1] K Nleya, ‘Public Procurement Reforms in Botswana: Challenges and Opportunities’ (2022) 5 Botswana Law Journal 112.
[2] L Keorapetse, ‘Cybersecurity and the Law in Botswana: Bridging the Gap Between Policy and Practice’ (2023) 9 African Journal of Law and Technology 45.
[3] G Dube, ‘Infrastructure Delays and Legal Bottlenecks in Botswana’s Procurement System’ (2024) 3 Southern African Public Law Review 89.
[4] Mmegi Online, ‘Botswana Faces Rising Cybercrime Threats’ (12 November 2023) https://www.mmegi.bw accessed 13 August 2025.
[5] Public Procurement Act 2021 (Botswana).
[6] ibid
[7] Ibid.
[8] K Nleya (n 1).
[9] Cybercrime and Computer Related Crimes Act (Botswana).
[10] Data Protection Act 2018 (Botswana).
[11] Council of Europe, Convention on Cybercrime (Budapest, 23 November 2001).
[12] L Keorapetse (n 2).
[13] O’Reilly-Konji, S., & Kamoni, P. (2023). The effect of procurement practices on public procurement performance in Botswana. IOSR Journal of Research & Method in Education (IOSR-JRME), 13(2), 01–08.
[14] Ministry of Transport. (2023). Annual Procurement Review Report. Gaborone: Government of Botswana.
[15] O’Reilly-Konji, S., & Kamoni, P. (2023). The effect of procurement practices on public procurement performance in Botswana. IOSR Journal of Research & Method in Education (IOSR-JRME), 13(2), 01–08.
[16] Public Procurement Regulatory Authority (PPRA). (2022). Annual Report 2021/22. Gaborone: Government of Botswana.
[17] ibid
[18] Vaiya, F. (2012). E-procurement implementation in developing countries: The case of Tanzania Public Procurement Regulatory Authority. International Journal of Academic Research in Business and Social Sciences, 2(5), 1–15.
[19] ibid
[20] Khan, N. (2018). Public procurement fundamentals: Lessons from and for the field. Bingley: Emerald Publishing Limited. Sarawa, D. I., & Mas’ud, A. (2020). Strategic public procurement regulatory compliance model with mediating effect of ethical behaviour. Heliyon, 6(1), e03232.
[21] PPADB. (2019). Compliance monitoring and performance report. Public Procurement and Asset Disposal Board, Gaborone.
[22] Amila, N. K. K. G. (2022). Importance of effective communication to minimize disputes in construction projects. Sch J. Eng Tech, 10(7), 128–140.
[23] Cordell, A., & Thompson, I. (2019). Carter’s 10Cs of supplier appraisal. London: Routledge.
[24] ibid
[25] Aone Motlaleng. (2025, July 21). Are Botswana’s Cybercrime Laws Keeping Up? The Legal Editorial Daily News. Highlights include weak enforcement due to lack of technical expertise and limited international cooperation. (thelegaleditorial.com)
Botswana’s cyber policies—including the Cybercrime Act (2018), Electronic (Evidence) Records Act 2014, Data Protection Act 2018—and the Maitlamo ICT policy are outlined, with noted gaps in cross-border cooperation and forensic capacity. (Portal, ncsi.ega.ee)
[26] Sunday Standard. (2025, Jan 9). Botswana witnesses surge in digital scams. Reports detail sophisticated phishing and social-media scams exploiting personal data and targeting citizens. (Sunday Standard)
BW-CIRT. (2023, Dec 19). Clickbait cash grab: Fake online deals haunt Batswana as online scam claims victims. Highlights the prevalence of online scams through social platforms. (cirt.org.bw)
[27] ibid
[28] ibid
[29] ibid
[30] K Nleya (n 1).
[31] L Keorapetse (n 2).
[32] L Keorapetse, ‘Cybersecurity and the Law in Botswana: Bridging the Gap Between Policy and Practice’ (2023) 9 African Journal of Law and Technology 45.
