CBN directs banks to charge 0.5% cybersecurity levy on transactions

CBN Governor Olayemi Cardoso

By Emmanuel Babafemi

In a significant regulatory move, the Central Bank of Nigeria (CBN) has directed all banks operating within the country to begin levying a 0.5% cybersecurity levy on transactions.

This directive, which comes into effect immediately, is part of the CBN’s broader efforts to strengthen cybersecurity measures across the financial sector.

The directive, communicated via a circular dated May 6, 2024, applies to all commercial banks, merchant banks, non-interest banks, payment service banks, mobile money operators, and payment service providers operating within Nigeria.

It mandates these financial institutions to charge a levy equivalent to 0.5% of the value of all electronic transactions conducted by their customers.

The basis for this levy is rooted in the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024, specifically Section 44 (2) (a) of the Act.

According to the circular issued by the CBN, this section of the Act stipulates the imposition of a levy on electronic transactions, with the collected funds intended for the National Cybersecurity Fund (NCF).

ALSO READ: CBN orders OPay, Palmpay, Kuda Bank, Moniepoint to suspend new customer onboarding amid forex probe

The NCF will be administered by the Office of the National Security Adviser (ONSA).

The implementation of this levy is set to commence within two weeks from the date of the circular.

Financial institutions are tasked with applying the levy at the point of electronic transfer origination and subsequently deducting the specified amount.

The deducted funds are then to be remitted in bulk to the NCF account, which is domiciled at the Central Bank of Nigeria, by the fifth business day of each subsequent month.

While the levy is comprehensive in its scope, certain transactions have been exempted.

These include loan disbursements and repayments, salary payments, and intra-account transfers within the same bank or between different banks for the same customer, among others.

Additionally, transactions such as inter-branch transfers within a bank and cheque clearing are exempt from the levy.

In conjunction with the implementation of the cybersecurity levy, the CBN has recently undertaken other regulatory measures aimed at safeguarding the integrity and stability of the Nigerian financial system.

This includes the suspension of new customer onboarding for fintech firms and the instruction for banks to levy a 0.375% stamp duty charge on mortgaged-backed loans and bonds.

These collective actions underscore the CBN’s commitment to fortifying cybersecurity protocols and ensuring the resilience of Nigeria’s financial sector in the face of evolving cyber threats.