Central Bank Reintroduces Controversial Cybersecurity Levy

Lagos Mag
Lagos Mag  - Content Writer
6 Min Read

The Central Bank of Nigeria (CBN) says it will continue to enforce payment of the mandatory levy on all electronic transactions by banks and other financial institutions. This comes nearly four months after the decision suffered a major backlash when it was initially announced in May.

 

CBN, however, disclosed that the controversial levy had now been reduced to 0.005 per cent, from the initial 0.5 per cent.

 

The decisions were contained in the CBN’s Monetary, Credit, Foreign Trade, and Exchange Policy Guidelines for the Fiscal Years 2024-2025.

 

CBN pointed out that implementation of the levy was in accordance with the Cybercrime (Prohibition, Prevention, etc.) Act, 2015.

 

It mandated banks and Payment Service Providers (PSPs) to adhere to the guidelines on the risk-based cybersecurity framework.

 

The central bank also drew the attention of Other Financial Institutions (OFIs) to an earlier framework on “Issuance of Risk-based Cybersecurity framework and Guidelines for Other Financial Institutions (OFIs)”.

 

The guidelines specified the minimum cybersecurity baseline to be implemented by banks, OFIs and PSPs, and mandated the appointment of a Chief Information Security Officer (CISO) to oversee cybersecurity issues.

 

Back in May, the central bank had ordered the implementation of 0.5 per cent levy on all electronic transactions value as part of efforts to contain the rising threats of cybercrime in the financial system.

 

The implementation followed the enactment of the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024 and pursuant to the provisions of Section 44 (2)(a) of the Act, which provided for the rate deduction.

 

The directive was conveyed in a circular dated May 6, 2024 and addressed to all commercial, merchant, non-interest and payment service banks; other financial institutions, Mobile Money Operators and Payment Service Providers.

 

The circular was jointly signed by CBN’s Director, Payments System Management Department, Chibuzo Efobi, and Director, Financial Policy and Regulation Department, Haruna Mustafa.

 

The correspondence also post-dated CBN’s circulars of June 25, 2018 and October 5, 2018 on compliance with the Cybercrimes (Prohibition, Prevention, Etc.) Act 2015.

 

The CBN explained that the deducted funds were to be remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser (ONSA).

 

Accordingly, all banks, Other Financial Institutions and Payments Service Providers were required to implement the new provisions of the Act as directed.

 

The central bank stated that the levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution.

 

The deducted amount shall be reflected in the customer’s account with the narration: “Cybersecurity Levy”.

 

The circular, however, exempted some transactions from cybercrime levy. They included loan disbursements and repayments; salary payments; intra-account transfers within the same bank or between different banks for the same customer; intra-bank transfers between customers of the same bank, and Other Financial Institutions (OFIs) instructions to their correspondent banks.

 

Exemption also applied to interbank placements; banks’ transfers to CBN and vice-versa; inter-branch transfers within a bank, cheques clearing and settlements; and Letters of Credits (LCs).

 

Others included banks’ recapitalisation related funding only bulk funds movement from collection accounts; savings and deposits including transactions involving long-term investments, such as treasury bills, bonds; and commercial papers; government social welfare programmes transactions, such as pension payments; non-profit and charitable transactions, including donations to registered non- profit organisations or charities; educational institutions transactions, including tuition payments and other transaction involving schools, universities, or other educational institutions.

 

Transactions involving bank’s internal accounts, such as suspense accounts, clearing accounts, profit and loss accounts, inter-branch accounts, reserve accounts, nostro and vostro accounts, and escrow accounts were also exempted from the levy.

 

The central bank warned that Section 44 (8) of the Act prescribed that failure to remit the levy constituted an offence liable on conviction to a fine of not less than two per cent of the annual turnover of the defaulting business, among others.

 

All institutions under the regulatory purview of the CBN were directed to note and comply with the provisions of the Act and the circular.

 

However, following a major pushback by the Organised Private Sector (OPS), stakeholders and Nigerians at large, CBN, on May 19, announced the withdrawal of the controversial circular on the implementation of 0.5 per cent levy on all electronic transactions value.

 

The withdrawal was conveyed in a circular dated May 17, 2024 and addressed to all commercial, merchant, non-interest and payment service banks; other financial institutions, Mobile Money Operators and Payment Service Providers. It was also jointly signed by Efobi and Mustafa.

 

The brief circular read, “The Central Bank of Nigeria circular dated May 6, 2024 (Ref: PSMD/DIR/PUB/LAB/017/004) on the above subject refers.

 

“Further to this, please, be advised that the above referenced circular is hereby withdrawn. Please, be guided accordingly.”

Share this Article
Leave a comment