CBN Directs Financial Institutions on Electronic Transactions
The Central Bank of Nigeria (CBN) has instructed all financial institutions to begin deducting a cybersecurity levy on all electronic transactions starting May 20, 2024. This directive comes six years after the initial instruction was given.
The levy, which is 0.005% of the transaction value, will be remitted to the National Cybersecurity Fund, administered by the Office of the National Security Adviser (ONSA). The deductions will apply to all electronic transactions made through commercial banks, merchant banks, non-interest banks, payment system banks, Other Financial Institutions (OFIs), mobile money operators, and payment service providers.
Failure to comply and remit the levy within the stipulated timeframe will result in a penalty of 2% of the institution’s annual turnover. The CBN had initially released guidelines for the collection of the levy in 2018, but it did not take effect.
In a circular dated May 6, 2024, the CBN directed financial institutions to begin the deductions, citing the enactment of the Cybercrime (Prohibition, Prevention, etc Amendment) Act 2024. The levy will be applied at the point of electronic transfer origination and deducted by the financial institution.
The deducted amount will be reflected in the customer’s account with the narration “Cybersecurity Levy.” Financial institutions are required to remit the collected levies in bulk to the National Cybersecurity Fund account domiciled at the CBN by the 5th business day of every subsequent month.
Exemptions apply to certain transactions to avoid multiple applications of the levy on the same transaction or transfer. Failure to remit the levy, as has been stated, is an offence punishable by a fine of not less than 2% of the annual turnover of the defaulting business.
