The Central Bank of Nigeria (CBN) has announced its decision to reintroduce the Cybersecurity Levy on all electronic transactions in the country.
This levy is set at a reduced rate of 0.005%, a significant drop from the earlier proposed rate of 0.5% announced in May 2024.
This decision was revealed in the CBN’s recently published Monetary, Credit, Foreign Trade, and Exchange Policy Guidelines for Fiscal Years 2024-2025.
According to the document, all banks and financial institutions are required to deduct the levy from every electronic transaction performed by their customers.
The levy will be imposed in accordance with the Cybercrime (Prohibition, Prevention, etc.) Act, 2015.
This law was enacted to combat cyber threats and ensure the protection of Nigeria’s financial systems.
The reintroduced levy is intended to strengthen cybersecurity in the country’s banking sector by creating a special fund that will help defend against growing online threats.
A CBN official explained the rationale behind this policy, noting that cybersecurity has become a critical issue in the country’s financial sector.
“Cybersecurity is of utmost importance in safeguarding Nigeria’s financial systems. This levy will help create a fund to ensure our banking systems are well-protected against online threats,” the official said.
The CBN’s policy also stresses that all Payment Service Providers (PSPs), banks, and Other Financial Institutions (OFIs) must comply with certain cybersecurity standards.
Among these standards is the requirement to appoint Chief Information Security Officers (CISOs).
These officers will oversee and ensure that the financial institutions adhere to the new cybersecurity standards, which are in line with a 2022 risk-based cybersecurity framework.
In its directive, the CBN referred to a previous circular titled Issuance of Risk-based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Providers.
This circular, issued in October 2018, had been introduced as a response to the growing cyber threats within the banking industry.
The guidelines within that framework outlined the need for Nigerian banks and PSPs to implement stronger cybersecurity measures, including risk management strategies and regular cybersecurity assessments.
The Cybersecurity Levy comes as part of the CBN’s broader effort to secure the country’s increasingly digital financial ecosystem.
In recent years, Nigeria has seen a tremendous rise in electronic payments and transactions.
With more people using mobile banking, online payment services, and digital wallets, the risk of cybercrime has escalated.
As digital banking becomes more prevalent in Nigeria, cybercriminals have also evolved, with reports of phishing scams, online fraud, and hacking attempts becoming more frequent.
Financial regulators, including the CBN, have raised concerns over the potential impact of cyberattacks on customer data, financial assets, and the overall stability of the banking sector.
The newly reduced 0.005% levy is intended to be more palatable for Nigerians, especially as the previous 0.5% rate was criticized for being too high and burdensome.
The CBN’s decision to cut the rate demonstrates an attempt to balance the need for cybersecurity funding with the economic pressures currently faced by Nigerian consumers.
While some Nigerians may welcome the reduction in the levy, others are concerned that this new cost will still affect the affordability of digital banking services.
Many worry that the added cost may disproportionately impact low-income individuals who rely heavily on electronic payments for small transactions.
Moreover, questions have been raised about how efficiently the funds generated from the levy will be used.
The CBN has promised that the proceeds will go directly toward creating a cybersecurity fund to bolster the financial sector’s defenses.
However, the effectiveness of this initiative remains to be seen, as many Nigerians remain skeptical of government-led initiatives involving public funds.
Cybersecurity in Nigeria’s banking sector has become a pressing issue in recent years.
The rise in financial technology (fintech) platforms, online banking, and mobile wallets has increased exposure to cyber threats.
In 2020, Nigerian banks reportedly lost billions of naira due to cyberattacks.
These incidents have heightened the need for robust cybersecurity measures to protect both consumers and financial institutions from further losses.
