The Central Bank of Nigeria (CBN) has announced plans to enforce a controversial cybersecurity levy on electronic transactions, albeit at a significantly reduced rate, for the 2024-2025 fiscal year.
Originally set at 0.5%, the levy has been slashed to 0.005% following public outcry.
This charge, mandated by the Cybercrime (Prohibition, Prevention, etc.) Act of 2015, will apply to all electronic transactions processed by banks and other financial institutions.
In its latest Monetary, Credit, Foreign Trade, and Exchange Policy Guidelines, the CBN stated, “The CBN shall continue to enforce the payment of the mandatory levy of 0.005 percent on all electronic transactions by banks and other financial institutions, in accordance with the Cybercrime Act, 2015.”
The levy aims to create a dedicated cybersecurity fund to strengthen the Nigerian banking sector’s defenses against online attacks.
This move comes as part of a broader initiative to enhance cybersecurity measures across the financial industry.
Under the new guidelines, payment service providers (PSPs), banks, and other financial institutions (OFIs) are required to comply with minimum cybersecurity standards.
These include the appointment of Chief Information Security Officers (CISOs) to oversee cybersecurity compliance, as outlined in the 2022 risk-based cybersecurity framework.
“Banks and Payment Service Providers are mandated to adhere to the guidelines on the risk-based cyber security framework,” the CBN document emphasizes, referencing a 2018 circular aimed at combating increasing cybersecurity threats in the banking industry.
However, the levy has faced strong opposition from various quarters. Critics argue that it imposes an unnecessary financial burden on individuals and businesses alike.
The federal government had previously suspended the levy in response to public backlash, pending further review.
The House of Representatives, despite having passed the amendment act that introduced the levy, called for its suspension.
Subsequently, the CBN withdrew the circular directing the collection of the fee.
Now, with the reduced rate, the CBN appears to be striking a balance between addressing cybersecurity concerns and mitigating the financial impact on Nigerians.
As the implementation moves forward, it remains to be seen how this compromise will be received by the public and various stakeholders in the financial sector.
The reintroduction of this levy, even at a lower rate, underscores the ongoing challenge of funding cybersecurity measures in an increasingly digital economy.
It also highlights the delicate balance regulators must strike between ensuring financial security and avoiding undue burdens on citizens and businesses.
