CBN Mandates Banks to Implement 0.5% Cybersecurity Levy on Transactions

In a move to bolster cybersecurity measures across Nigeria's financial landscape, the Central Bank of Nigeria (CBN) has issued a directive instructing deposit money banks to impose a 0.5% levy on electronic transactions.

Issued via a circular dated May 6, 2024, the apex bank mandated all commercial, merchant, non-interest, and payment service banks, as well as mobile money operators and payment service providers, to adhere to the levy imposition.

Citing the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024, the circular referenced Section 44 (2) (a) of the Act, stipulating the levy's requirement. The collected levy, equivalent to half a percent of all electronic transaction values by specified businesses, is to be remitted to the National Cybersecurity Fund (NCF), under the administration of the Office of the National Security Adviser (ONSA).

Implementation of the levy is set to commence within two weeks from the circular's issuance. Financial institutions are tasked with applying the levy at the point of electronic transfer origination, with the deducted amount to be reflected in customers' accounts labeled as 'Cybersecurity Levy'.

Furthermore, the circular outlined exemptions from the levy, including loan disbursements and repayments, salary payments, intra-account transfers within the same bank or between different banks for the same customer, among others.

This directive comes on the heels of recent regulatory actions by the CBN, which included halting fintech firms' customer onboarding processes like Opay and Palmpay. Additionally, banks were instructed to enforce a 0.375% stamp duty charge on all mortgage-backed loans and bonds.

The CBN's proactive measures underscore a concerted effort to fortify the country's financial ecosystem against evolving cybersecurity threats