As a result of the above, it has become imperative for companies to adopt proactive and practical risk management strategies aimed at identifying vulnerabilities, strengthening internal controls, and mitigating potential cyber threats. At the heart of these are legal and compliance issues which companies have to comply with in a world of increasing cyber security risks. To effectively manage cyber risks, organizations must first understand the modern forms cyber threats and risks may take. Some of the most prevalent threats include the following:

1. Phishing Attacks: Phishing is one of the most common and dangerous cyber threats to businesses, responsible for many data breaches. It occurs when attackers pretend to be trusted contacts and trick employees into clicking malicious links, downloading harmful files, or revealing sensitive information such as passwords or financial details. Modern phishing attacks are highly sophisticated, including corporate email compromise, where criminals steal the email credentials of executives and send fraudulent payment requests. Because phishing targets human behavior rather than technical systems, it is usually difficult to stop. Businesses can reduce the risk by using email security gateways, post-delivery protection tools, and security awareness training to help employees identify and report suspicious emails.

2. Malware Attacks: Malware refers to harmful software such as viruses and trojans that hackers use to access networks, steal data, or damage systems. It often spreads through infected websites, spam emails, or compromised devices. Small businesses are especially vulnerable because malware can damage devices, cause costly repairs, and expose sensitive business or customer data. To prevent malware attacks, organizations should implement endpoint protection systems and web security tools that block malicious downloads and prevent access to dangerous websites.

3. Ransomware: Ransomware is a cyberattack where hackers encrypt a company’s data and demand payment to restore access. It has become increasingly common because it is highly profitable for cybercriminals. Businesses that are often targeted are the ones that lack strong security systems or reliable backup systems. When important data is locked, organizations may face major operational disruptions and financial losses. To reduce this risk, businesses should install strong endpoint protection across all devices and implement secure cloud backup systems. Reliable backup systems allow companies to recover their data without paying ransom demands.

4. Insecure Passwords: Weak or easily guessed passwords are a major cybersecurity risk for many businesses. Employees often reuse passwords across multiple accounts or create simple passwords that attackers can easily guess. This can allow hackers to gain unauthorized access to sensitive company systems and information. The problem often occurs because employees are unaware of the risks associated with poor password practices. Businesses should use password management tools to generate and store strong passwords securely. In addition, multi-factor authentication (MFA) should be implemented to add an extra layer of security protection.

5. Insider Threats: Insider threats arise from individuals within the organization, such as employees, former staff, contractors, or partners who have access to company systems. These threats may occur intentionally due to malicious motives or unintentionally due to negligence or lack of awareness. Because insiders already have authorized access, they can cause serious data breaches or security incidents. The risk increases when employees have access to systems or information, they do not need for their roles. Businesses can reduce insider threats by promoting cybersecurity awareness, providing regular employee training, and limiting system access based on job responsibilities.

Key Compliance Obligations for Companies in Nigeria.

As cyber threats continue to evolve, several legal and regulatory frameworks impose specific obligations on companies to safeguard digital systems and personal data. To remain compliant and avoid regulatory sanctions, organizations must prioritize the following key compliance obligations.

1. Risk Management Requirements: Nigerian companies must continually evaluate and mitigate risks to ensure that they avoid any potential breaches that may occur from cybersecurity threats and risks. Central Bank of Nigeria (CBN) Guideline on Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Banks, 2024 mandates that Nigerian financial institutions move beyond basic security to a structured, continuous risk lifecycle. Under this guideline, companies must execute these four core risk management activities:
• Risk Identification: Organizations must identify all information assets and the specific threats or vulnerabilities associated with their confidentiality, integrity, and availability.
• Risk Assessment: A formal risk assessment must be conducted at least annually. Also, new assessments are required immediately following major changes, such as mergers, acquisitions, or the deployment of new technology and it also requires that the findings be recorded in a Cybersecurity Risk Control Self-Assessment report.
• Risk Measurement: Institutions are now required to quantify the financial loss and reputational damage that could result from identified cyber risks.
• Risk Mitigation & Treatment: Security measures such as encryption or multi-factor authentication must be implemented in direct proportion to how critical the asset is and based on the assessment, management must explicitly choose to reduce, accept, avoid, or transfer (e.g., through insurance) each identified risk.

2.Registration as a Data Controller / Processor with the NDPC: Pursuant to section 44 of the Nigeria Data Protection Act 2023 (NDPA), organisations that process personal data in Nigeria are required to register with the Nigeria Data Protection Commission (NDPC) as a Data Controller or Data Processor, particularly where they process personal data on a large scale or process sensitive personal data. Registration enables the NDPC to ensure compliance with applicable data protection obligations. Organisations are generally required to provide details of their data processing activities, the categories of personal data processed, and the security measures implemented to protect such data. Failure to register where required may expose organisations to regulatory sanctions and administrative penalties under the NDPA.

3. Conducting Data Protection Impact Assessments (DPIAs): Prior to the commencement of any project or data processing activity in Nigeria, an organization must identify its objectives and determine the necessity of a Data Protection Impact Assessment (DPIA). Under Section 28 of the Nigeria Data Protection Act (NDPA) 2023, a data controller is legally mandated to carry out a DPIA where processing is likely to result in a high risk to the rights and freedoms of data subjects. The NDPA General Application and Implementation Directive (GAID) 2025 clarifies these high-risk circumstances. A DPIA is mandatory when evaluating or scoring (profiling) data subjects, when engaging in automated decision-making with legal or similar significant effects, when conducting systematic monitoring and when sensitive or highly personal data is involved etc. Adherence to Section 28 of the NDPA 2023 and the GAID 2025 is a mandatory prerequisite for high-risk data processing. Failure to conduct a DPIA where required not only invites significant regulatory sanctions from the NDPC but also compromises the organization’s commitment to Data Protection.

4. Appointment of Data Protection Officers: Pursuant to section 32 of the Nigeria Data Protection Act 2023 (NDPA), a data controller of major importance is required to designate a Data Protection Officer (DPO) with expert knowledge of data protection law and practices and the ability to carry out the tasks prescribed under the Act. The Act further provides that a data controller or data processor must ensure that its Data Protection Officer is involved, properly and in a timely manner, in all issues relating to the protection of personal data. The duties of the DPO include informing the organisation and its employees of their legal obligations under applicable data protection laws, overseeing internal data protection policies and audits, and preparing periodic internal compliance reports for management, which may be integrated into the organisation’s Record of Processing Activities (RoPA).

5. Filing of Annual Compliance Audit Returns (CARs): Under the Nigeria Data Protection Act (NDPA) 2023 and the General Application and Implementation Directive (GAID) 2025, data controllers and processors of major importance are required to conduct an annual audit of their data protection practices. It mandates the filing of a Compliance Audit Return (CAR) with the Nigeria Data Protection Commission (NDPC) to demonstrate accountability and transparency, the deadline for this filing is 31st March of each year. The audit must be conducted and the CAR filed through a licensed Data Protection Compliance Organisation (DPCO), which provides an independent verification statement to the Commission. Failure to file the CAR by the prescribed deadline may result in penalty.

6. Breach Notification Obligations: Under Section 40 of the Nigeria Data Protection Act (NDPA) 2023, organizations are strictly required to report personal data breaches to the Nigeria Data Protection Commission (NDPC) within 72 hours of becoming aware of an incident likely to result in a risk to the rights and freedoms of individuals. Where a breach is categorized as high risk, the data controller must also notify the affected data subjects immediately in plain and clear language. The GAID 2025 further clarifies that these notifications must include a description of the breach, the categories of data affected, likely consequences, and the mitigation measures taken.

7. Legal Consequences: Cybersecurity incidents can expose organizations to significant legal, financial, and reputational consequences. Under the Cybercrimes (Prohibition, Prevention, etc.) Act, unauthorized access to computer systems, cyber fraud, identity theft, and related cyber offences attract criminal penalties, including fines and imprisonment for offenders. Organizations that fail to implement adequate safeguards may also face regulatory scrutiny, particularly where their systems are exploited to facilitate cybercrime. In addition, the Nigeria Data Protection Act empowers the Nigeria Data Protection Commission to impose administrative fines and corrective measures on organizations that fail to adequately protect personal data or comply with statutory data protection obligations.

Strategies for Strengthening Cybersecurity Compliance.

To effectively manage regulatory obligations and reduce cybersecurity risks, companies and organisations operating in Nigeria should consider adopting the following strategies:
1. Conduct Regular cybersecurity Risk Assessments: Organizations should carry out periodic cybersecurity risk assessments tailored to their specific operational and technological environment. A structured and tiered risk management approach enables companies to identify vulnerabilities, prioritize the protection of critical assets, and allocate resources efficiently.

2. Develop and Maintain an Incident Response Plan: Companies should establish a comprehensive incident response plan outlining procedures for the detection, containment, investigation, and remediation of cyber incidents. The plan should also include clear protocols for notifying regulatory authorities and affected stakeholders within the timelines required by law.

3. Implement Regular Cybersecurity Training for Employees: Human error remains one of the leading causes of cybersecurity incidents. Regular training programs focusing on phishing awareness, secure data handling, and general cybersecurity best practices can significantly reduce vulnerabilities and promote a culture of security within the organization.

4. Ensure Continuous Compliance Monitoring and Reporting: Organizations should actively monitor developments in cybersecurity regulations and guidelines, both within Nigeria and internationally. Continuous compliance monitoring enables companies to remain aligned with evolving regulatory standards and to respond proactively to emerging legal requirements.

5. Leverage Technology and Automation for Security Management: The use of advanced cybersecurity technologies, including automated monitoring tools and artificial intelligence-driven threat detection systems, can significantly strengthen an organization’s security posture. Automated systems can detect anomalies, flag potential threats, and initiate rapid responses, thereby enhancing both regulatory compliance and operational resilience.

Conclusion

Cybersecurity has become an essential priority for organizations operating in today’s digital economy. As businesses increasingly rely on digital systems for their operations, they must also recognize the growing risks posed by cyber threats such as phishing, ransomware, malware, and insider attacks. These threats not only cause financial and operational disruptions but may also expose companies to regulatory penalties and reputational damage.

In Nigeria, legal frameworks such as the Nigeria Data Protection Act and the Cybercrimes (Prohibition, Prevention, etc.) Act place clear obligations on organizations to safeguard personal data and maintain secure digital systems. Consequently, companies must adopt proactive cybersecurity practices, including risk assessments, employee training, incident response planning, and continuous compliance monitoring. By strengthening internal controls and prioritizing cybersecurity governance, Nigerian organizations can better protect their systems, maintain regulatory compliance, and build long-term trust with customers and stakeholders.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

Companies with foreign ownership are entities incorporated in Nigeria but owned wholly or partly by non-Nigerian individuals or corporate bodies. Nigeria permits foreign participation across most sectors of its economy, and foreign investors may acquire up to 100% ownership of a Nigerian company, subject to compliance with statutory requirements and sector-specific restrictions.

The Companies and Allied Matters Act (CAMA), 2020 allows for 100% foreign ownership of businesses in Nigeria. Similarly, the Nigerian Investment Promotion Commission (NIPC) Act, 1995 also permits 100% foreign ownership, except in sectors with local participation reserved for Nigerians such as certain agricultural activities, cottage industries, and small-scale enterprises, as well as activities on the negative list. The negative list prohibits investment by both Nigerian and foreigners in areas such as the production of arms and ammunition, production of and dealing in narcotic drugs and psychotropic substances, production of military and para-military wear and accoutrements, as well as any additional activities designated from time to time by the Federal Executive Council.

While CAMA and the NIPC Act permit full foreign ownership of companies registered in Nigeria subject to the exceptions stated above, certain industries while permitting foreign ownership of companies, impose local content requirements that restrict full foreign ownership. These requirements do not necessarily prohibit foreign investment but aim to ensure that Nigerian labour, materials, expertise, and enterprises are meaningfully integrated into operations within those sectors.

Local content refers to the contribution a business project makes to the host community or country beyond the direct revenue or profits derived from project. It involves the use of local labour, expertise, suppliers, goods and services, building local capacity, and transferring technology.

Governments adopt local content frameworks to encourage domestic participation, foster sustainable economic development, strengthen local capacity, and promote knowledge transfer. This article highlights the key local content requirements in various Nigerian sectors to guide foreign investors in assessing compliance obligations and structuring investments appropriately.

Local Content Requirements in the Oil and Gas Industry
The local content obligations in Nigeria’s oil and gas sector are governed by the Nigerian Oil and Gas Industry Content Development Act, 2010 (Local Content Act) which provides a comprehensive framework for local content implementation and defines local content as the quantum of composite value added to or created in Nigeria through utilization of Nigerian resources and services in the petroleum industry resulting in the development of indigenous capability without compromising quality, health, safety and environmental standards. The Act applies to all operations in the Nigerian oil and gas industry including Exploration and Production/Service Companies.

The Act requires that Nigerian companies must be used for services where capacity exists, provides for levels of minimum thresholds for Nigerian ownership regarding the provision of different services in the sector, employment, and training; establishment of project offices in areas of operation; preference for Nigerian goods, services, and labour.

Companies formed and registered in Nigeria in accordance with the provisions of CAMA and not having less than 51% equity shares by Nigerians are regarded as Nigerian companies by the Local Content Act. International or multinational companies that work through their Nigerian subsidiaries must also satisfy the minimum local content requirement with respect to the equipment deployment for execution of works by ensuring that a minimum of percentage of the equipment is owned by the Nigerian subsidiaries. Failure to comply with the local content requirements applicable in the oil and gas sector attracts sanctions and penalties which can include fines, cancellation of the project or both.

The Local Content Act remains one of Nigeria’s strongest industry-specific local content frameworks, shaping how foreign and multinational companies structure their operations, partnerships, and investments in the oil and gas sector.

Local Content Requirement in the Maritime Industry
Local content development in the Nigerian maritime sector is primarily driven by the government to foster local capacity development. The enactment of the Coastal and Inland Shipping (Cabotage) Act, 2003 was one of the earliest initiatives by the Nigerian government to foster local capacity by implementing local content policies. The Cabotage Act is designed to promote local content and empower indigenous stakeholders in the shipping industry. It stipulates that vessels engaged in domestic trade must be wholly owned by Nigerian citizens, manned exclusively by Nigerian crew, built and registered in Nigeria. These provisions ensure that the economic benefits of coastal shipping accrue primarily to Nigerians.

However, where local capacity is insufficient, waivers may be provided as a temporary measure from local content requirements pending the development of indigenous capability. To support the Cabotage framework, the government established the Cabotage Vessel Financing Fund (CVFF), aimed at providing financial assistance to Nigerian shipowners to acquire and operate vessels that meet cabotage requirements.
Local content obligations under the Local Content Act, 2010, also significantly affect maritime operations. The Act requires that vessels used in oil and gas operations be Nigerian-flagged, crewed, and, where possible, built or maintained locally. The Petroleum Industry Act, 2021 also broadens the application of local content to cover marine services across all oil and gas licenses, leases, and contracts. As a result, maritime operators are now pivotal to oil-sector compliance, with oil companies required to patronize Nigerian shipping companies, shipyards, and maritime professionals.

Local Content Requirements in the Mining Industry
The Nigerian Minerals and Mining Act, 2007 regulates all aspects of the exploration and exploitation of solid minerals in Nigeria. Although the Act does not prescribe minimum Nigerian ownership thresholds or explicit preference for Nigerian goods and labour, it embeds local participation through its licensing structure. It provides that to obtain a lease, license or permit, the applicant must be a citizen of Nigeria or a company duly incorporated under the Companies and Allied Matters Act or a Mining Co-operative. Thus, a foreigner or foreign company that intends to legally operate in the Nigerian mining industry must incorporate a local subsidiary in Nigeria. The Act also provides that the holder of a Mining Lease, Small scale Mining Lease or Quarry Lease must, before commencing any development activity within the lease area, execute Community Development Agreement (CDA) with the host community. The CDA will ensure the transfer of social and economic benefits to the community such as apprenticeship, technical training and employment opportunities for indigenes of the communities.

Local Content Requirements in the Aviation Industry
The Nigerian aviation sector is primarily regulated by the Civil Aviation Act, 2022 and the Nigerian Civil Aviation Regulations, 2023, which address a variety of aviation issues, including aircraft registration, consumer protection, staff licensing, and airworthiness. The Regulations provide that to obtain an Air Transport Licence; the applicant must be a company in which Nigerians hold the majority of the shareholding. The Regulations also provide that for an applicant to obtain an Airline Operations Permit; Nigerians must own the majority of the company’s shares. Also, in order to register an aircraft in Nigeria, the Act and the Regulations provide that the aircraft must be owned by a Nigerian citizen or a foreigner who is lawfully admitted for permanent residence in Nigeria or by a company duly incorporated in Nigeria and the aircraft is based and used primarily in Nigeria. There is the Fly Nigeria Bill currently being promoted in the National Assembly, which is the first real effort at developing a Nigerian Aviation local content policy. This Bill seeks to protect and give market share to Nigerian airlines and prevents public funds from being ferried away by foreign airlines but plowed back into Nigerian airlines to generate employment, revenue, access to capital, foreign investment, career projection for core professionals.

Local Content Requirements in the Telecommunication Industry

Nigeria’s telecommunications sector is primarily regulated by the Nigerian Communications Act, 2003. In 2021, the Federal Government launched the National Policy for the Promotion of Indigenous Content in the Nigerian Telecommunications Sector to increase local participation and strengthen domestic capacity in the industry. Under the policy, local content requirements apply to companies involved in manufacturing telecommunications equipment such as smartphones, masts, fibre optic cables, etc., providing services and software for telecommunications sector, research and development. Therefore, companies providing the above services are required to meet the indigenous content requirements which are as follows:
a. incorporated in Nigeria;
b. having its principal place of business in Nigeria; and
c. having at least 51% of its share held by Nigerians.
The policy aligns with Executive Order 005 (2018), which refers to companies that meet the criteria, amongst others of being incorporated in Nigeria; having its principal place of business located in Nigeria; and having at least 51% of its equity held by Nigerians. The overall objective is to create a framework for supporting indigenous telecommunications businesses to become world class service providers among others.

Local Content Requirement in the Insurance Industry
In 2016, the National Insurance Commission (NAICOM) issued a circular titled Utilization of In-Country Capacities of Nigerian Insurers, Reinsurers and Pools Prior to Foreign Facultative Reinsurance. It established local content and empowerment requirements in insurance placements, stating that insurance placements relating to Nigerian risks must first exhaust local capacity before seeking foreign reinsurance. If local capacity is insufficient, insurers must submit documentary evidence showing how local capacity was fully utilised, and obtain written approval from NAICOM before engaging any foreign reinsurer. Under the newly enacted Nigerian Insurance Industry Reform Act 2025, local capacity must be fully utilized for all classes of insurance before they are insured or reinsured abroad, subject to the approval of NAICOM.

Local Content Requirement in the Lottery and Gaming Industry
In Nigeria, lottery and gaming companies are regulated by each state of the federation. This means that they are regulated by the appropriate regulatory body and law in the state(s) in which they operate. For instance, in Lagos State, the Lagos State Lotteries and Gaming Authority Law, 2021 establishes regulatory frameworks that promote local content and empowerment within the lottery and gaming sector in Lagos State. Key provisions include that licensed operators train and employ Nigerians, especially for customer-facing and technical roles. Also, 100% foreign ownership is not permitted as Nigerians are required to hold at least 15% of the shares in a foreign-owned lottery and gaming company to fulfil local content requirement and promote local participation.
Beyond the sectors considered above, there are other local content requirements required in other industries. For instance, foreign investors are prohibited from owning shares or holding board positions in private security guard companies, engineering firms must be registered with the Council for the Regulation of Engineering in Nigeria (COREN), with certain registrations requiring at least 55% Nigerian ownership.

Conclusion
The Companies and Allied Matters Act, 2020 permits 100% foreign ownership of companies in Nigeria, and the Nigerian Investment and Promotion Commission Act similarly allows full foreign participation except in sectors listed on the negative list. However, several key sectors of the Nigerian economy require mandatory minimum local content requirements, limiting foreign ownership and participation to ensure indigenous participation. These policies aim to promote indigenous involvement across strategic sectors, retain value within the national economy, and reduce dependence on foreign expertise and capital. Local content policies are steadily transforming the various sectors from a dependency-based service domain into growth engines capable of driving industrialization, job creation, and capital retention. However, implementation and consistency are keys to the actualization of the intendments of these local content policies. It is recommended that all sectors adopt formal local content frameworks to maximize the economic benefits. With sustained commitment, coordinated regulation, and strategic implementation, Nigerian industries can become self-reinforcing catalysts for national economic growth.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

2025 was a very exciting year and saw significant changes in Nigeria’s legal and regulatory landscape. Series of laws were enacted by the National Assembly and regulatory guidelines were also issued by regulators including the Central Bank of Nigeria, Federal Competition and Consumer Protection Commission, the Nigerian Communications Commission, etc. There were also some important judicial decisions from the courts in Nigeria which shaped the legal and regulatory space in the country. This recap is divided into four parts representing the four quarters of the year, highlighting what we think are the most impactful laws and regulations, reforms, and judicial decisions in 2025.

1st Quarter (January – March 2025)

The first quarter was significantly marked by the issuance of guidelines and regulations from regulators and key judicial decisions by the courts. The Central Bank of Nigeria issued guidelines to suspend the extension of export proceeds and also announced the approval of the Nigerian Foreign Exchange (FX) Code. Key decisions which shaped the tax landscape and also affirmed the multi-sectoral regulatory authority of the Federal Competition and Consumer Protection Commission 9FCCPC) were delivered by the courts. The Investment and Securities Act, 2025 was also signed into law by the Nigerian President.

• The implementation of the Deduction of Tax at Source (Withholding) Regulations, 2024 began on 1st January 2025 requiring corporate entities, statutory bodies, public authorities, etc. to deduct withholding tax at source from 1st January 2025.
• On 8 January 2025, the Central Bank of Nigeria (CBN) issued a circular on the Suspension of Extension of Exports Proceeds on Behalf of Exporters for the immediate suspension of approvals for the extension of repatriation of export proceeds on behalf of exporters mandating that proceeds for non-oil exports must be repatriated and credited to the exporters’ domiciliary accounts within 180 days and for oil and gas exports, within 90 days from the date of the bill of lading.
• On 11th January 2025, the Presidential Enabling Business Environment Council announced that it would establish commercial courts and Ease of Doing Business Councils across all 36 states and the Federal Capital Territory as part of its effort to improve the country’s business climate.
• On 22nd January 2025, the CBN announced the approval of the Nigerian Foreign Exchange (FX) Code as a guideline to the banking industry to promote ethical conduct of Authorised Dealers in the Nigerian Foreign Exchange Market.
• 0n 24 January 2025, in a circular titled “Waiver of Non-Refundable Annual License Renewal Fee for Existing Bureaux De Change”, the CBN announced the waiver of payment of annual renewal fee for existing bureau de change (BDC) operators due to transition into the new BDC regulatory structure required by CBN.
• On 27 January 2025, the Federal High Court (FHC) in the appeal between Federal Inland Revenue Service v. MTN Nigerian Communications Plc (FHC/L/1A/2024), set aside the judgement of the Tax Appeal Tribunal (TAT) which awarded the sum of $71 million against MTN while declining the reliefs for penalties and interest sought by FIRS. The FHC increased the liability and ordered MTN to pay $87.9 million as penalties and interest.
• On 28 January 2025, the Collective Management Regulations, 2025 was issued by the Nigerian Copyright Commission and repealed the Copyright (Collective Management Organisation) Regulations, 2007. The Regulations provide for the approval and supervision of companies seeking to operate as a Collective Management Organisation (CMO) and their relationships with users and other CMOs, etc. The Regulations impose administrative fines ranging from N200,000 t0 N500,000 for unethical practices and non-compliance with the Regulations. Other sanctions include caution, suspension or disqualification.
• On 3 February 2025, the National Pencom Commission issued the Revised Circular on the Operations of Branch Offices and Service Centres by Licensed Pension Fund Administrators. The circular was issued to give effect to section 72 of the Pension Reform Act, 2014 and provides the metrics for requiring the opening and operation of branches and service centres by Pension Fund Administrators in Nigeria.
• On 7 February 2025, the Federal High Court in Emeka Nnubia v. Minister of Industry, Trade and Investment, Federal Competition and Consumer Protection Commission & Anor in Suit No: FHC/L/CS/1009/2024 affirmed the Federal Competition and Consumer Protection Commission (FCCPC) as the primary regulator for competition and consumer protection issues in all sectors in Nigeria including the telecommunications sector.
• On 12 February 2025, the Federal Ministry of Interior issued a circular on the Review of Approving Authority for Expatriate Quota and Citizenship Applications. The review was done to enhance transparency and accountability in the administration of Expatriate Quota and Citizenship applications.
• On 4 March 2025, the first Mobile Virtual Network Operator (MVNO) to be licensed by the Nigerian Communications Commission (NCC) launched and commenced operations in Nigeria.
• On 13 March 2025, the Court of Appeal in Kuda Microfinance Bank Ltd v. Amarachi Kenneth Blessing (CA/EK/48/2024) held that a bank may lawfully restrict a customer’s account upon receiving reports of fraudulent or suspicious activity without the need to first obtain a court order.
• On 20 March 2025, the Nigeria Data Protection Commission issued the Nigeria Data Protection Act General Application and Implementation Directive, 2025 (hereinafter “the GAID). The GAID was issued to provide clarity and practical guidance on the implementation of the NDPA. It repealed the Nigeria Data Protection Regulation, 2019 and the Nigeria Data Protection Regulation Implementation Framework, 2020.
• On 29 March 2025, the Nigerian President, signed the Investment and Securities Act, 2025 into law. The Act repealed the Investment and Securities Act, 2007 and it is aimed at strengthening the legal and regulatory framework for investments and capital market activities in Nigeria. The Act classified exchanges into composite and non-composite exchanges and also legally recognised virtual assets bringing an end to the uncertainty concerning transacting virtual assets in Nigeria.

2nd Quarter (April – June 2025)

The second quarter saw a lot of regulatory actions from regulators in the exercise of their regulatory powers and functions. Laws were also enacted in this quarter. The Securities and Exchange Commission issued a circular on the transmutation of executive directors and the Nigerian Immigration Service (NIS) issued guidelines for the purpose of implementing e-visa system, automated landing and exit cards in Nigeria. Four Nigerian tax laws were enacted to unify tax laws and revolutionize tax collections and enforcement in Nigeria.

• On 6 April 2025, the Registrar General of the Corporate Affairs Commission, announced the launch of an AI-driven Intelligent Company Registration Portal (ICRP) to revolutionize business registration in Nigeria and improve ease of doing business in Nigeria.
• On 25 April 2025, the Competition and Consumer Protection Tribunal upheld the $220 million penalty imposed on Meta platforms Incorporated (Facebook and WhatsApp) by the Federal Competition and Consumer Protection Commission (FCCPC) for data discriminatory practices in Nigeria and ordered for the payment of $35,000 as reimbursement for FCCPC’s investigation expenses. Part of the orders made by the Tribunal against Meta Platforms Incorporated include to immediately reinstate the rights of Nigerian users to determine how their data is shared and submit a compliance letter by 1 July 2025.
• On 2 May 2025, the Nigerian Immigration Service released the Guidelines for the Implementation of the e-Visa Application System and Automated Landing and Exit Cards. The Guidelines introduced e-visa which replaced visa on arrival. The e-visa application system also introduced thirteen (13) short-visit visa categories for eligible foreign travellers and imposed penalties for overstaying visas effective from 1 September 2025. Electronic landing and exit cards were also introduced to replace the manual processes of embarking and disembarking travellers.
• On 29 May 2025, the Nigerian President approved the establishment of the National Credit Guarantee Company Limited (NCGC) and the appointment of its board and management team. The NCGC is backed with an initial capital of N100 billion for the purpose of expanding access to finance for Micro, Small and Medium Enterprises (MSMEs), manufacturers, large businesses, etc. across Nigeria.
• On 11 June 2025, the Lagos State Electricity Regulatory Commission (LASERC) issued Order No. LASERC ORDER/001/2025 establishing the regulatory framework for electricity market operations within Lagos State. The issuance of the Order marked the conclusion of the transition for transfer of regulatory oversight from Nigerian Electricity Regulatory Commission to LASERC. The Order requires individuals and entities to obtain licenses from LASERC to legally undertake regulated electricity activities within Lagos State.
• On 17 June 2025, the Corporate Affairs Commission (CAC) announced the review of its service fees effective from 1 August 2025. The fees for company incorporation and post-incorporation services were therefore reviewed upward. The implementation date was also subsequently postponed to 1 October 2025.
• On 19 June 2025, the Securities and Exchange Commission (SEC) issued the Circular to All Public Companies and Capital Market Operators on the Transmutation of Independent Non-Executive Directors and Tenure of Directors. SEC directed the immediate discontinuance of the transmutation of Independent Non-Executive Directors (INEDS) into Executive Directors within the same company or its group structure by public companies and significant capital market operator. SEC also introduced a 3-year cool off period for Chief Executive Officer or Executive Director upon stepping down from a company before being eligible for appointment as Chairman.
• On 26 June 2025, the Nigeria President signed four tax reform bills into law. The four laws are: the Nigeria Tax Act 2025, the Nigeria Tax Administration Act 2025, the Nigeria Revenue Service (Establishment) Act 2025, and the Joint Revenue Board (Establishment) Act 2025. The Acts repeals certain tax laws and also reduced the multiplicity of taxes with the aim harmonising tax collection and enhancing the ease of doing business in Nigeria.
• On 30 June 2025, the Nigerian President ordered the temporary suspension of the implementation of the Financial Reporting Council (Amendment) Act, 2023 which imposed new annual dues on large private companies classified as Public Interest Entities.

3rd Quarter (July – September 2025)

The third quarter was also significantly marked by regulatory actions through issuance of Guidelines and regulations. Sanctions and penalties were also imposed for regulatory breaches. The Federal Inland Revenue Service (FIRS) announced the discontinuance of the issuance of tax exemption certificates. The Nigerian Communications Commission issued a license framework for licensing and regulating international Application to Person (A2P) messaging in Nigeria.

• On 6 July 2025, the Nigeria Data Protection Commission (NDPC) imposed a fine of N766,242,500 on Multichoice Nigeria who are the owners of DSTV for breaching the Nigerian Data Protection Act through unlawful cross-border data transfers and violation of Nigerian data subjects’ personal data.
• On 8 July 2025, the Nigerian Communications Commission (NCC) issued the License Framework for International Application to Person (A2P) Messaging in Nigeria. The framework was issued by NCC in a move to regulate Application to Person services in Nigeria through the introduction of the International A2P Messaging Aggregator License.
• On 25 July 2025, the Federal Competition and Consumer Protection Commission (FCCPC) issued the Digital, Electronic, Online or Non-Traditional Consumer Lending Regulations, 2025. The regulations provide for the registration of digital and traditional money lenders with the exception of licensed microfinance banks. It also imposes obligations including filing of bi-annual and annual reports, etc. on money lenders with sanctions and penalties provided for the breach of any of the provisions of the Guidelines.
• On 29 July 2025, the Federal Inland Revenue Service (FIRS) in a public notice announced the discontinuance of issuance of tax exemption certificates to all taxpayers including pioneer status companies, non-governmental organisations and free zone entities. Subsisting tax exemption certificates would not be renewed by the FIRS.
• On 30 July 2025, the National Insurance Commission (NAICOM) issued the Guidelines for Insurtech Operations in Nigeria. The Guidelines became operational on 1 August 2025 providing a regulatory framework for the safe and responsible deployment of Insurtech solutions by licensed insurance operators. The Guidelines provide the minimum capital requirements for Insurtech operators as well as the permissible and non-permissible activities.
• On 5 August 2025, the Nigerian President, signed the Nigerian Insurance Industry Reform Act, 2025 into law. The Act repealed the Insurance Act 2003 and consolidated several insurance laws including the Marine Insurance Act, Motor Vehicles (Third Party Insurance) Act, etc. into a unified and streamlined legal framework for the insurance industry. It also revised the minimum capital requirements for insurance companies across various insurance categories to reflect a risk-based capital approach in alignment with current international standards and practices.
• On 6 August 2025, NCC announced the release of the Guidelines on Corporate Governance, 2025. The Guidelines are applicable to all communication companies in Nigeria and provides for the composition of the board of directors, board committees and appointment processes, etc.
• On 16 September 2025, the Central Bank of Nigeria (CBN) issued a circular on the Appointment and Announcement of Successors to Managing Director. The CBN requires Payment Service Banks (PSBs) to obtain the regulatory approval of the CBN of the successor of a Managing Director (MD/CEO) no later than six months to the expiration of the tenure of the incumbent MD/CEO.
• On 18 September 2025, the Federal Government issued a directive mandating all mining and quarrying companies licensed since 2024 to finalize their Community Development Agreements with host communities before 31 December 2025.
• On 21 September 2025, the Minister of Solid Minerals Development announced the revocation of 1,263 mineral licenses in Nigeria following failure by the licensees to comply with the mandatory payment of their annual service fees.
• On 29 September 2025, the National Pension Commission (PENCOM) issued a circular which reviewed the minimum capital requirement for Pension Fund Administrators (PFAs) and Pension Fund Custodians (PFCs). The circular directs PFAs to increase their capital base to 20 million Naira from 5 million Naira while PFCs are to increase their capital base to 25 billion Naira from 2 billion Naira.

4th Quarter (October – December 2025)

Key regulatory activities especially in the Nigerian financial services and oil and gas sectors occurred in the fourth quarter. The Central Bank of Nigeria (CBN) issued guidelines to regulate agent banking activities in Nigeria. A draft Guidelines for handling Authorized Push Payment Fraud was also issued by CBN to preserve the integrity of Nigerian payment system. The Nigerian Investment Promotion Commission also put a stop to applications for Pioneer Status Incentive in view of the Economic Development Tax Incentive (EDTI) to commence from 1 January 2026.

• On 6 October 2025, the Central Bank of Nigeria (CBN) issued the Guidelines for the Operation of Agent Banking in Nigeria. The Guidelines provides for the permissible and non-permissible agent banking activities, appointment of agents, agent qualification and due diligence requirements, rules on agents’ locations and geo-tagging of agents’ devices, etc.
• On 9 October 2025, CBN issued the Exposure Draft Guidelines on the Operations of Automated Teller Machines (ATMs) in Nigeria to provide additional guidance on the operation of ATMs and provide clarity of security requirements of ATMs, resolution of failed transactions, etc.
• On 10 November 2025, the Nigerian House of Representatives ad hoc committee on the economic, regulatory and security implications of cryptocurrency adoptions and Point of Sale Operations discussed the opportunities, challenges and future of Nigeria’s digital finance ecosystem with cryptocurrency operators and digital asset innovators.
• With effect from 10 November 2025, the Nigerian Investment Promotion Commission (NIPC) stopped receiving applications for Pioneer Status Incentive in a bid to fully transition to the new Economic Development Tax Incentive (EDTI) scheme which will take effect from 1 January 2025.
• On 13 November 2025, the Nigerian Midstream and Downstream Petroleum Regulatory Authority (NMDPRA) announced the suspension of the proposed 15 percent import duty on Premium Motor Spirit (PMS) and Automotive Gas Oil (AGO) which was initially approved by the President and announced by the NMDPRA on 21 October 2025.
• On 26 November 2025, the Securities and Exchange Commission (SEC) directed all capital market operators to state their compliance level and ensure that all tradable instruments are registered in line with the newly enacted Investments and Securities Act, 2025 no later than January 2026.
• On 26 November 2025, CBN issued the Draft Guidelines for Handling Authorised Push Payment Fraud. The draft Guidelines provides for reporting APP fraud, resolution and reimbursement and the roles of financial institutions in preventing, detecting and mitigating APP fraud. The Guidelines also mandates financial institutions to have an APP Fraud Policy and implemented by the Boards of financial institutions.
• On 28 November 2025, the Nigeria President approved the establishment of the National Tax Policy Implementation Committee to oversee the implementation of Nigeria’s newly enacted tax laws which would take effect from 1 January 2025.
• On 1 December 2025, the Nigerian Upstream Petroleum Regulatory Commission (NUPRC) launched the 2025 oil licensing round through digital bids of the 50 oil and gas blocks approved for bidding. The oil licensing round is expected to deepen investment in the Nigerian upstream sector.
• On 10 December 2025, the Joint Revenue Board (formerly Joint Tax Board) placed a nationwide ban on road taxes, levies and related charges in a bid to sanitize Nigeria’s tax administration and improve the ease of doing business.

Conclusion

2025 has been a remarkable year of significant changes and reforms in Nigeria’s legal and regulatory landscape. Key regulatory guidelines and regulations were introduced by regulators including the Central Bank of Nigeria, the Federal Competition and Consumer Protection Commission, the Nigeria Data Protection Commission, etc. The CBN introduced the guidelines for agent banking to regulate agent banking activities. The CBN guidelines for handling APP fraud was also issued to preserve the integrity of the financial services sector. The Nigerian tax landscape was also reshaped with the enactment of four new tax laws which repealed some existing tax laws and consolidated several tax laws. The Investments and Securities Act, 2025 ushered in a new regime for the recognition of virtual assets. Key judicial pronouncements were also made by the courts. The Competition and Consumer Protection Tribunal imposed fines on Meta Platforms incorporated for violating the Nigeria Data Protection Act and unlawful cross-border transfer of data of Nigerian data subjects. The Court of Appeal also delivered a judgement authorizing financial institutions to freeze customers’ bank accounts on suspicion of fraudulent activities without the need to first obtain a court order.

As we approach the new year, we extend our sincere gratitude to all our clients for their continued trust in us and wish you a Merry Christmas and a prosperous New Year 2026.

Please note that the contents of this Article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

The emergence and continued growth of Financial Technology (FinTech) companies in the Nigerian financial services sector has redefined how financial services are delivered, with technology driven solutions that enable faster payments, lending and wealth management. These innovations often lead to complex collaborations between FinTech startups, traditional banks and third-party service providers. These partnerships may inevitably expose the parties to legal and regulatory risks if not properly managed.

As FinTechs and banks increasingly depend on one another to provide innovative financial solutions, products and services to customers, poorly drafted agreements can expose the parties to regulatory breaches, penalties, data protection violations, commercial disputes, etc. To manage legal risks in FinTech contracts, the contracting parties must first conduct thorough legal and other due diligence on prospective partners, establish a robust compliance framework, and develop a robust partnership agreement that allocates roles and responsibilities and anticipates potential risks.

Nature of FinTech Partnerships

FinTechs do not operate in a vacuum. They depend on strategic partnerships/collaborations to launch and provide their products and services to customers. Partnerships and collaborations enable FinTechs that may not hold the necessary financial license from the Central Bank of Nigeria (CBN) to partner with licensed financial institutions so as to leverage its financial license to provide products and services to customers.

Through collaborations and partnerships, FinTechs are for example able to provide services to e-commerce platforms offering point-of-sale lending or payment processing for e-hailing providers or sharing infrastructure such as Application Programming Interface (API) with other technology service providers who require it.

Legal Risks in FinTech Partnerships

Partnerships and collaborations stimulate innovation in the FinTech industry but can also expose parties to unique legal, regulatory, reputational and operational risks. The success or failure of a FinTech partnership often depends on how well these risks are identified, allocated and addressed within a contract. Below are some of the most common legal risks that arise from such partnerships.

1. Regulatory Risk: FinTech product offerings in Nigeria such as payment processing, digital lending, crowdfunding, and wealth management are all regulated by specific regulatory agencies including the Central Bank of Nigeria (CBN) and the Securities and Exchange Commission (SEC) under specific license categories with terms and conditions attached to each license category. Regulatory approvals are usually required for most partnerships before a financial institution can legally enter into any such partnerships. Failure to obtain the appropriate regulatory approval for proposed partnerships may result in regulatory sanctions and penalties including fines, revocation of license, etc.

2. Data Protection and Cybersecurity: Fintech operations are heavily data driven, involving the collection and processing of sensitive personal and financial information. Under the Nigeria Data Protection Act 2023 (NDPA), both parties in a partnership may qualify as joint data controllers or processors, sharing equal responsibilities for compliance. A data breach affecting one party can expose both to liability, enforcement actions by the Nigeria Data Protection Commission (NDPC), and reputational damage.

3. Intellectual Property and Technology Ownership: Most FinTech solutions depend on proprietary software, mobile applications, and digital interfaces. Disputes may arise over ownership of intellectual property developed or used during a partnership, especially when one party customizes a platform or co-creates a product, if intellectual property is not properly protected and ownership defined.

4. Liability and Risk Allocation: When digital transactions fail due to systems failure or downtime, unauthorised transfers, or service interruptions, customers may suffer losses. The question then arises: who bears the liability? If not properly defined, both parties could be held jointly and severally responsible under consumer protection or other laws. There is therefore a need to include clear indemnity provisions, caps on liability, and mechanisms for loss allocation in any contract.

5. Consumer Protection and Dispute Resolution: Fintech partnerships often involve multiple parties receiving or processing customers’ transactions, making accountability complex when issues arise. Consumers protection regulations require that consumers know which entity is responsible for handling their complaints. Agreements should define the customer-facing entity, procedures for addressing complaints, refund obligations, and timelines for resolution. Establishing a clear dispute resolution process whether internal escalation, mediation, or arbitration helps preserve business relationships and avoid reputational damage.

6. Cross-Border and Jurisdictional Issues: Some partnerships involve cross-border data transfers or offshore service provision. In such cases, questions may arise regarding applicable laws, tax, jurisdiction, dispute resolution and enforcement of judgments. It is therefore advisable that the governing law, jurisdiction, mechanisms for settling disputes and enforcing foreign arbitral awards or judgments be clearly specified.

Essential Tips for Managing Legal and Regulatory Risks in FinTech Partnerships

Effectively managing legal and regulatory risks in FinTech partnerships/collaborations begin with having a contract that clearly sets out the rights and responsibilities of the parties. While regulations may provide the overall compliance framework, the contract is usually what sets out responsibilities, clarifies liabilities, and ensures both parties operate within legally acceptable limits. A clearly set out agreement not only protects the parties but also signals to regulators that the relationship is grounded in proper governance and accountability. Below are some essential tips for managing legal and regulatory risks that may arise from partnerships in the FinTech services sector:

A. Choose the Right Contract Type: FinTech projects and services may require different types of contracts and agreements to formalize relationships and transactions. Service Level Agreements (SLAs) set the quality and performance standards of any FinTech service, like availability, reliability, security, compliance, as well as the penalties and remedies for any breaches. Data Sharing Agreements (DSAs) detail the terms of how data is collected, stored, processed, and shared between the parties. Software Licensing Agreements (SLAs) grant the rights and obligations of using a FinTech software or platform, such as scope, duration, fees, and limitations. Lastly, Partnership Agreements (PAs) establish the roles, responsibilities, contributions, and benefits of each part to a FinTech collaboration or joint venture. Additionally, they define the governance, decision-making, dispute resolution, and termination mechanisms of the partnership. It is important to understand the nature of the FinTech project, the parties involved, and the regulatory environment, as these factors determine which agreements are necessary, their specific terms, and how they should be structured to protect all stakeholders and ensure legal and operational compliance.

B. Use Clear and Concise Language: Like in all contracts, one of the most important aspects of managing FinTech contracts and agreements is to use clear and concise language that leaves no room for ambiguity or misinterpretation. It is advised to consistently use accurate terminologies, definitions and references throughout the contract to ensure easy reading, understanding and interpretations.

C. Constant Review and Update of Agreements: FinTech agreements should be regularly reviewed and updated to ensure that they reflect current trends, future needs and expectations of parties and customers and that they also align with any regulatory or policy changes introduced from time to time by the regulators. There is also a need to keep abreast with technological developments and innovations in the FinTech ecosystem to ensure that contracts are updated to incorporate service provision with the use of advanced and innovative technology.

D. Seek Professional Advice and Support: Managing FinTech contracts can be challenging, especially if the parties do not have expertise or did not consult experts to deal with the legal, technical, or business aspects of the partnership arrangements. The best approach to avoiding potential pitfalls is to from the outset, seek assistance from professionals who can support and seamlessly guide through the process of negotiating, contracting, interpreting and enforcing these agreements.

In summary, a well-structured FinTech contract should amongst others specify which party bears regulatory responsibility for compliance; how customer data is stored, shared, managed and protected; how revenue, risk, and liability are allocated and shared; termination, jurisdiction, dispute resolution, etc. Without these, fintech relationships could easily breakdown and lead to regulatory breaches, contractual disputes, and reputational damage for parties. In essence, the contract is not merely a record of collaboration, it is the foundation that sustains trust, compliance, and operational success in FinTech partnerships.

Conclusion

As the FinTech industry in Nigeria continues to grow, strategic partnerships will continue to play increasingly pivotal role for FinTech companies seeking to scale their operations and penetrate new markets. This collaborative approach allows FinTechs to accelerate their growth while minimizing the risks and challenges typically associated with scaling and/or market entry.

FinTech partnerships are essential to driving innovation, inclusion, and competitiveness in Nigeria’s financial ecosystem. Without robust legal and contractual foundations, these partnerships can expose parties to significant regulatory, legal, operational, and reputational risks. Effective contracting in the digital finance ecosystem requires more than just template agreements. Well-structured contracts are not merely instruments of protection; they are robust tools for innovation and trust in the future of digital finance.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

Agent banking entails the provision of financial services by a third party (Agents) to customers on behalf of a licensed deposit-taking financial institutions (Principals).

This article therefore provides an overview of some of the key provisions of the new Guidelines.

Scope of Permissible Agent Banking Activities

The activities which are allowed or prohibited under agent banking relationships are set out in the Guidelines. Some of the activities that are permitted under agent banking are cash deposits and withdrawals, facilitating bill payments, local currency funds transfer services, providing account opening forms on behalf of principal, facilitating cheque book request and collection, etc.

Super Agents and Agents are however prohibited from carrying out banking services including account opening, loan underwriting, investment and foreign exchange services.

Agent Banking Arrangements

Agent banking arrangements or relationships could involve two or three parties as the case may be. Agent banking relationship could involve the Principal and the Agents or where the relationship is tripartite, include a Super Agent as an intermediary between the Principal and Agents.

The Principal is a duly licensed deposit-taking financial institutions authorized to carry out agent banking activities; the Super Agent is an incorporated entity licensed to carry out the activities of recruiting, aggregating and managing Agents, while Agents are individuals or non-individual entities appointed by Principals or Super Agents to carry out agent banking activities.

An agent banking relationship is formalized when a financial institution enters into an agent banking agreement with an Agent for the purpose of providing any of the permitted agent banking activities. An Agent cannot be engaged by more than one financial institution to provide agent banking services or be under more than one network of Super Agent at a time.

Mandatory Regulatory Requirements for Appointment of Agents

Financial institutions and Super Agents have very strict regulatory obligations in the appointment of Agents to provide permitted agent banking services to customers. These regulatory requirements are to be met by financial institutions or Super Agents prior to the appointments of Agents. The regulatory requirements include obtaining satisfactory documentations from Agents such as certificate of incorporation with the Corporate Affairs Commission (CAC), particulars and Bank Verification Numbers (BVN) of directors/promoters etc., conducting enhanced due diligence on Agents, and carrying out risk assessment obligations on Agents prior to their appointment and onboarding. The risk assessment could be carried out directly by the financial institution or through a Super Agent.

Use of Dedicated Agent Accounts

Transactions by Agents within the scope of the permitted activities are required to be performed through a dedicated account or wallet maintained with the Principal and the POS device provided to the Agent shall be linked with the account or wallet only. Performance of transactions outside the dedicated account or wallet is a violation which attracts sanctions including liability for any misconduct or fraud arising from the transaction, termination of the agent banking agreement and blacklisting of the Agent.

List of Agents and Locations

Financial institutions are to publish a list of their Agents on their website. Each branch of the financial institution is also required to display the list of its Agents within its locality.

Agents are only allowed to provide agent banking services within their approved locations and may not relocate, transfer or close their operations at the approved locations without prior notification to the financial institution and/or Super Agent.

To prevent Agents from operating at multiple locations, devices provided to Agents in providing agent banking services must be geo-fenced or tagged to the operate only within the agreed registered Agent location. The requirement for the devices to be geo-fenced or tagged will take effect from 1^st April 2026.

Operational and Transactional Limits

Financial institutions are required to provide operational and transactional limits for Agents in line with the Guidelines and ensure that the limits are not exceeded in the provision of agent banking services. Accordingly, the mandatory transaction limits set by the Guidelines include N100,000 daily limit and N500,000 weekly limit for deposits and withdrawals. A daily and weekly limit of N100,000 apply to bill payments.

Sanctions and Penalties

The CBN may direct financial institutions to take remedial or corrective actions including taking actions that it may deem appropriate against erring Agents or terminating the Agent Banking Agreement. CBN may also impose sanctions and penalties against financial institutions, Super Agents and/or Agents as the case may be. The sanctions which CBN may impose include:

1. Suspension or prohibition from further engagement in agent banking business
2. Prohibition from onboarding new agents
3. Suspension or removal of the Board, Management and officers of the Principal
4. Revocation of agent banking approval
5. Revocation of operational license.

Conclusion

The issuance of the new Guidelines by CBN is to ensure the regulation of the operations of agent banking in Nigeria. Agents are restricted to transact only the permitted business activities within their approved locations. The devices of Agents are to be geo-fenced or tagged to prevent Agents from operating from multiple locations. Agent banking arrangements are to be formalized with the execution of agent banking agreements upon the satisfactory review of the documentations, conduct of enhanced due diligence and risk assessments. CBN has the power to direct financial institutions who are Principals in agent banking arrangements to take remedial or corrective actions, however, CBN has extensive powers to impose administrative penalties and sanctions on erring Principals and Super Agents.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

Money laundering and terrorist financing are major threats to national and global security, and Nigeria is no exception. Under Section 18(2) of the Money Laundering (Prevention and Prohibition) Act, 2022 (MLPPA), money laundering is defined as the act of concealing, disguising, converting, transferring, or controlling funds or property, knowing they are proceeds of an unlawful act. Terrorist financing on the other hand, refers to the provision of funds or financial support to individuals or groups to enable them commit acts of terrorism.

Financial institutions have long been the primary focus of anti-money laundering and counter-terrorism financing (AML/CFT) efforts by governments, it is however now widely recognized that several other sectors are also at risk of being exploited by illicit financial actors. These sectors include professionals, business support services and businesses that are not primarily engaged in financial services but are vulnerable to being used as channels for illicit financial flows. These businesses and professions, often referred to as Designated Non-Financial Businesses and Professions (DNFBPs), include lawyers, real estate agents, accountants, casinos, non-governmental organizations (NGOs), among others. Section 30 of the MLPPA defines DNFBPs as dealers in jewellery, cars and luxury goods, precious stones and metals, chartered accountants, audit firms, tax consultants, clearing and settlement companies, legal practitioners, hotels, casinos, supermarkets, dealers in real estate, audit firms, etc. and such other businesses as the Federal Ministry of Industry, Trade and Investment or appropriate regulatory authorities may from time to time designate.

To ensure effective regulation and oversight of these sectors, the Nigerian Special Control Unit on Money Laundering (SCUML) was established. SCUML operates as a unit under the Nigerian Economic and Financial Crimes Commission (EFCC) and is responsible for registering, monitoring, and supervising DNFBPs in accordance with the MLPPA, the Terrorism (Prevention and Prohibition) Act 2022, and relevant SCUML Regulations.

Legal and Regulatory Framework for AML/CFT in Designated Non-Financial Institutions

In line with international standards and global best practices, Nigeria has established a comprehensive legal and regulatory framework to address money laundering and terrorist financing within DNFBPs. This framework is designed to guide, regulate, and enforce compliance among DNFBPs. Key laws and regulations governing AML/CFT compliance in DNFBPs include:

The Money Laundering (Prevention and Prohibition) Act, 2022 (MLPPA): The MLPPA repealed the Money Laundering (Prohibition) Act, 2011 and introduced a more robust legal and institutional framework for combating money laundering and related offences in Nigeria. The Act establishes the SCUML as the regulatory authority responsible for supervising DNFBPs and ensuring their compliance with AML/CFT obligations. The Act mandates DNFBPs to implement internal controls, procedures, and policies to mitigate money laundering and terrorism financing risks, particularly in relation to new products or emerging technologies.

The Terrorism (Prevention and Prohibition) Act, 2022 (TPPA): This Act repealed the Terrorism (Prevention) Act, 2011. It provides for a unified and comprehensive framework for the detection, prevention, prohibition, and prosecution of acts of terrorism, terrorism financing, proliferation, and financing the proliferation of weapons of mass destruction in Nigeria. It complements the MLPPA and emphasizes customer due diligence and the reporting of suspicious transactions related to terrorism financing. The TPPA incorporated the Nigeria Sanctions Committee (NSC), tasked with identifying and publishing the names of individuals and entities linked to terrorism and proliferation financing in Nigeria. It mandates all DNFBPs to among other things, identify and freeze all funds, assets, and other economic resources belonging to listed individuals or entities, report such actions to the NSC, and file Suspicious Transaction Reports with the Nigerian Financial Intelligence Unit (NFIU) for further investigation. To support compliance, the NSC launched the Nigeria Sanctions List Alert System (NigSac), which provides real-time alerts to DNFBPs on designated persons and entities. Subscription to this alert system is considered a critical obligation under the TPPA for all DNFBPs.

Nigerian Financial Intelligence Unit Act, 2018: This Act established The Nigerian Financial Intelligence Unit (NFIU) as the central national agency responsible for receiving and analysing disclosures from reporting organizations, to produce financial intelligence to other agencies combating money laundering, terrorism financing, and other financial crimes. The NFIU is empowered to request financial information from a broad range of institutions and to issue guidance and directives to these institutions and to conduct on-site inspections to ensure compliance with anti-money laundering and counter-terrorist financing regulations.

The Economic and Financial Crimes Commission (Establishment) Act, 2004: This Act establishes the Economic and Financial Crimes Commission (EFCC) as Nigeria’s principal agency for investigating and prosecuting financial crimes, including money laundering. The EFCC works in collaboration with the NFIU and other regulatory bodies to enforce anti-money laundering, and prosecute offenders.

Economic and Financial Crimes Commission (Anti-Money Laundering, Combating the Financing of Terrorism and Countering the Proliferation Financing of Weapons of Mass Destruction for Designated Non-Financial Businesses and Professions and Other Related Matters) Regulations, 2024: These Regulations cover the relevant provisions of the MLPPA, TPPA and any other relevant laws or regulations that provides for AML/CFT and Countering Proliferation Financing of Weapons of Mass Destruction (CPF), the conduct of Customer Due Diligence, monitoring and filing of suspicious transactions reports to the NFIU, etc. The Regulations designate the SCUML as the body responsible for the registration, monitoring and supervision of DNFBPs’ compliance with AML/CFT/CPF obligations. The Regulations mandate DNFBPs to implement risk-based AML/CFT/CPF programs proportionate to their business operations and ensure clients and customers are integrated into these systems., amongst other obligations.

SCUML Regulations 2013 (as amended by SCUML Regulations 2016): This is also known as the Federal Ministry of Industry, Trade and Investment (Designation of Non-Financial Institutions and Other Related Matters) Regulations, 2013. It was issued pursuant to the Money Laundering (Prohibition) Act, 2011. Despite the repeal of the enabling Act, the Regulations remain in force as subsidiary legislation. The Regulations designate specific businesses and professions as Non-Financial Institutions (NFIs) and impose key AML/CFT obligations, including customer due diligence, the establishment of internal compliance programs, and reporting requirements. The Regulations also established SCUML as the body responsible for registering, supervising, and monitoring DNFBPs. It should be noted that under this regulation, the SCUML was initially established as a department under the Federal Ministry of Industry, Trade and Investment. SCUML has now been re-established under the EFCC by the MLPPA, reflecting a more enforcement-driven approach.

Additionally, Nigeria actively collaborates with international bodies such as the Financial Action Task Force (FATF), the Inter-Governmental Action Group against Money Laundering in West Africa (GIABA), and the Egmont Group of Financial Intelligence Units to enhance and align its AML/CTF framework with global standards.

Statutory Obligations of Designated Non-Financial Businesses and Professions Under the AML/CFT Framework

Under Nigeria’s AML regime, DNFBPs are legally required to comply with several statutory obligations aimed at preventing money laundering, terrorist financing, and proliferation financing. DNFPBs are enjoined to comply with these obligations to avoid regulatory sanctions, including fines, penalties, or business closure. The key obligations imposed on DNFBPs include:

1. Registration: To register with the SCUML under the relevant category and be issued with registration certificate.
2. Customer Due Diligence: DNFBPs must implement risk-based customer due diligence measures. This involves verifying customers’ identities, identifying beneficial owners, and assessing risks associated with each customer.
3. Reporting Suspicious Transactions: DNFBPs are required to submit Suspicious Transaction Reports (STRs) to the NFIU when they detect transactions that may be linked to money laundering, terrorism financing, or other financial crimes within 24 hours after the said transaction.
4. Reporting International Transfer of Funds and Cash: DNFBPs are required to report in writing a transfer to or from a foreign country of funds or securities by a person or body corporate including a money service business of a sum exceeding US$10,000 or its equivalent to the NFIU within one day from the date of the transaction.
5. Record Keeping: DNFBPs must maintain records of transactions, customer identification data, and supporting documents for at least five years after the completion of the transaction. These records must be accessible for regulatory review.
6. Internal Procedures, Policies and Controls Compliance Programs: DNFBPs must establish internal AML/CFT compliance programs, including the development of policies, procedures, and controls to prevent financial crimes. Regular staff training and independent audits are also encouraged as they are essential to ensure ongoing compliance.
7. Risk Assessment: DNFBPs are mandated to undertake risk assessments for new products, business practices and technologies before launching them to identify and manage money laundering risks. DNFBPs must then take appropriate measures to manage and mitigate any identified risks.
8. Politically Exposed Persons (PEPs): DNFBPs must conduct Enhanced Due Diligence (EDD) on PEPs, requiring additional scrutiny of transactions, ongoing monitoring, and obtaining senior management approval before establishing or maintaining a business relationship.
9. Currency Transactions Reports (CTRs): DNFBPs are mandated to make Currency Transactions Reports to SCUML of any single transaction, lodgement or transfer of funds in excess of N5,000,000 or its equivalent in the case of an individual or N10,000,000 in the of body corporate within 7 days from the date of transaction.
10. Cash Based Transactions Reports (CBTRs): DNFBPs are required to make Cash Based Transactions Reports to SCUML on any single transaction in excess of $1,000 or its equivalent within 7 days from the date of transaction.

Conclusion

Designated Non-Financial Businesses and Professions (DNFBPs) play a critical role in Nigeria’s fight against money laundering and terrorism financing. Their statutory obligations under AML/CFT regulations include registration, record-keeping, reporting suspicious activities, conducting customer due diligence, amongst others. Non-compliance can result in various sanctions, including fines, suspension, revocation or withdrawal of operating license by the appropriate licensing authority. As DNFBPs in Nigeria continue to grow and engage with global markets, it is it is imperative they remain up to date with regulatory developments and adopt effective compliance practices. By doing so, they can mitigate legal and reputational risks, prevent financial crimes, and contribute to the country’s broader efforts to combat financial crimes.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

On 26^th June 2025, the President of the Federal Republic of Nigeria signed four landmark tax reform bills into law, marking a significant shift in the nation’s tax landscape. The laws are the Nigeria Tax Act (Ease of Doing Business), the Nigeria Tax Administration Act, the Nigeria Revenue Service (Establishment) Act, and the Joint Revenue Board (Establishment) Act. Once operational, these laws are expected to simplify tax administration, improve compliance, enhance revenue generation, and foster a more business-friendly environment. The implementation of the newly signed four tax fiscal reform laws will commence by 1^st January 2026.

This article outlines some notable highlights of the Acts that individuals and businesses should be aware of.

Key Highlights of Nigeria’s Newly Signed Tax Reform Acts

Some of the highlights of the newly signed Tax Reform Acts include:

1. Personal Income Tax Relief: Low-income earners earning NGN800,000 or less per annum are completely exempted from personal income tax under the Nigeria Tax Act (NTA). 25% personal income tax applies only to individuals earning above N50 million annually. The Act also increases the tax exemption threshold for compensation for loss of employment or injury from NGN10million to NGN50million.
2. VAT Exemptions on Essential Goods and Services: Essential goods and services including food items, medical equipment and services, pharmaceuticals, tuition fees, electricity, educational books and materials, exports (excluding oil and gas exports) etc., are exempted from VAT. The impact of this is that businesses selling these goods and services can recover their VAT costs, despite the zero rate.
3. Establishment of Nigeria Revenue Service (NRS): The Federal Inland Revenue Service (FIRS), the agency established to regulate the collection of tax in Nigeria has now become Nigeria Revenue Service (NRS). The Nigeria Revenue Service (Establishment) Act repeals the current Federal Inland Revenue Service Act and defines the NRS’ expanded mandate, including non-tax revenue collection of other agencies such as the Nigeria Customs Service, Nigeria Upstream Petroleum Regulatory Commission (NUPRC), Nigeria Ports Authority (NPA), among others. The Bill also lays out transparency, accountability, and efficiency mechanisms. The Acts also provide that State Internal Revenue Services (SIRS) will be autonomous in the running of their affairs.
4. Increase in Tax Exemption Threshold for Small Companies: Prior to the assent of the Acts, only small companies with an annual gross turnover of less than N25m were exempted from tax. Under the new Acts, there is an increase in the tax exemption threshold for small companies from annual gross turnover of N25m to N100m. Thus, small companies with gross turnover of N100m and below and total fixed assets not exceeding NGN250million are now exempt from Companies Income Tax (CIT), Capital Gains Tax (CGT) and the newly introduced Development levy.
5. Increased Capital Gains Tax (CGT) rate – The NTA increases the CGT rate from 10% to 30% for companies, aligning the CGT and CIT. For individuals, capital gains will be taxed at the applicable income tax rate based on the progressive tax band of the individual.
6. Introduction of Development Levy – Nigerian companies except small companies will pay a “Development Levy” at 4% of their assessable profits. The Development Levy consolidates the Tertiary Education Tax (TET), Information Technology Levy (IT), the National Agency for Science and Engineering Infrastructure (NASENI) levy and the Police Trust Fund (PTF) levy.
7. Introduction of Economic Development Incentive – The Acts replace the “pioneer” tax holiday with a new Economic Development Incentive (EDI), offering a 5% annual tax credit for 5 years on qualifying capital expenses made by eligible companies within 5 years from production start. Unused credits can be carried forward for another 5 years, after which they expire.
8. Minimum Effective Tax Rate (ETR) – Nigerian companies who are members of a multinational group with aggregate group turnover of EUR750million and above or have an annual turnover of NGN50billion and above, will now be subject to ETR of 15% of their “Net Income”. This rule does not apply to Free Zone companies on their exports out of Nigeria, provided that such companies are not part of multinational groups.
9. Introduction of the Office of Tax Ombuds: Under the new Acts, an Office of Tax Ombud has been introduced to protect taxpayers against arbitrary tax assessments. The Tax Ombuds office will liaise with the tax authorities on behalf of taxpayers and serve as an independent arbiter to review and resolve complaints relating to taxes, levies, duties or similar regulatory charges.
10. Increased penalties for non-compliance: There has been a significant increase in non-compliance penalties and the introduction of new penalties. Some of the updates include increase in the penalty for failure to file returns to NGN100,000 in the first month, and NGN50,000 for every month the failure continues, introduction of new penalties such as penalty of NGN5million for awarding contracts to individuals or entities that are not registered for tax, penalties for failure to grant access for deployment of technology, inducing a tax officer, etc.
11. Powers for AGF to Deduct Taxes: The new laws grant the Attorney General of the Federation (AGF) powers to deduct unremitted taxes by a government or MDA and pay to the beneficiary government.
12. VAT and CIT Rates Remain the Same: Under the new laws, Value Added Tax (VAT) remains at 7.5% and Company Income Tax (CIT) for large companies remains at 30%, without any increment. However, the 30% rate can be reduced to 25% effective from a date as may be determined in an Order issued by the President on the advice of the National Economic Council.
13. Tax Incentives for Agricultural Companies: Income generated by companies engaged in agricultural businesses, including crop production, livestock, aquaculture, forestry, dairy, cocoa processing and manufacturing of animal feeds will be exempt from income tax for the first five (5) years from commencement of business.

Other notable reforms introduced by the new Acts include; transfer of income from Electronic Money Transfer levy exclusively to states as part of stamp duties, ceding of 5% of VAT revenue to states by the federal government, tax break or incentives for employers to hire more people, tax exemption on personal effects not exceeding N5m, VAT exemption on purchase of real estate, amongst others.

Conclusion

The signing of the four landmark tax reform Acts in Nigeria marks a significant transformation in Nigeria’s tax regime. The reforms introduced by these Acts are expected to reduce the tax burden on vulnerable groups, encourage MSME growth, and stimulate foreign and local investments. Businesses are advised to reassess their compliance strategy and consult with legal or tax professionals to understand how the new laws affect their operations.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

In the last few years, the Nigerian Financial Technology (FinTech) space has witnessed exponential growth and has attracted both local and international investors. Nigeria is home to some unicorns especially in the payments segments of the financial services sector. Like in most jurisdictions, the regulators appear to be playing ‘catch up’ with FinTechs and it has been said that there appears to be an over regulation of FinTechs in Nigeria.

FinTechs in Nigeria are regulated by a number of regulators through laws, guidelines and regulations. While there appears to be concerns that FinTechs are overregulated in Nigeria in view of the series of regulations that mandatorily apply to their operations, there is also the view that the idea of overregulating FinTechs is a myth.

The article discusses the regulation of FinTechs in Nigeria in order to explore whether the concerns relating to the overregulation of FinTechs in Nigeria is a myth or reality.

The Reality of Overregulation of FinTechs in Nigeria

The main regulators regulating FinTechs in Nigeria include the Central Bank of Nigeria (CBN), the Nigerian Securities and Exchange Commission (SEC), Nigerian Deposit Insurance Commission (NDIC), the Nigeria Data Protection Commission (NDPC), Federal Competition and Consumer Protection Commission, etc.

These regulators have taken a robust approach to regulating the business activities and operations of FinTechs in many areas including licensing, consumer protection, data protection, risk management, technical requirements, etc.

These regulatory activities have prompted the discussion about the possibility of overregulation of FinTechs in Nigeria especially as sometimes there are conflicting signals coming out from different regulatory agencies. Some of these issues include the following:

1. Rigid Licensing Regime: Mandatory registration and licensing obligations are imposed on FinTechs before the commencement of any business operations in Nigeria by both the Central Bank of Nigeria and SEC.

There are mandatory, regulatory and documentary requirements for these registrations and licensing which are usually rigid and strict and may vary depending on the product offerings, business activities or nature of the FinTech company. These requirements are sometimes said to be very rigid and there are hardly any flexibilities or discretions on the part on the regulators.

2. Overlapping Regulatory Oversight: FinTechs in Nigeria are regulated by multiplicity of agencies. This multiple regulatory oversight creates a complex and confusing regulatory and compliance environment.

For instance, a digital money lending company licensed by the CBN and required to comply with the consumer protection framework of the CBN may also be required to comply with FCCPC’s regulations requiring registration with the FCCPC.

These two requirements are not the same and usually lead to overlapping and sometimes conflicting regulatory requirements.

In the past, the CBN had restricted banks from opening and operating bank accounts for digital/virtual assets companies despite the fact that SEC recognizes cryptocurrencies as digital assets and issued clear guidelines which regulate the operation of cryptocurrency and virtual asset companies in Nigeria.

The new Investment and Securities Act, 2025 somewhat seeks to address some of these conflicting positions. The jury is however still out on how the regulators would enforce the provisions of the new law.

3. Compliance with Established Minimum Standards: Minimum standards are prescribed and mandatorily required for equipment and technologies to be deployed in the provision of financial services by FinTechs in Nigeria.

For instance, the CBN provided the minimum standards for the equipment, applications and processing systems required for the provision of contactless payment through the Guidelines for Contactless Payments in Nigeria, 2023.

Thus, the systems to be deployed for contactless payments must comply with Advanced Encryption Standards, Payment Application Data Security Standard, ISO27001 – Information Security Management System, etc. for the operation of any contactless payment in Nigeria.

4. Prior Approval: There are a number of instances where CBN would require prior approval before certain actions could be undertaken by a FinTech company.

One of such instances is the requirements for potential operators in the FinTech space to obtain CBN’s prior approval in the form of Approval-in-Principle (AIP) before its promoters could apply to the Corporate Affairs Commission (CAC) for the incorporation of their companies. The CAC on the other hand will not usually require for Approval-in-Principle before it incorporates a FinTech company.

However, a promoter who incorporates a FinTech company before applying to the CBN for AIP could face regulatory challenges in obtaining the license as the CBN regulations with respect to these FinTech licenses are clear – do not incorporate before applying for AIP.

CBN also requires operators in the financial services sector to obtain prior approval and ensure that individuals to be employed are not blacklisted for employment in the sector.

With the bureaucracy in the CBN, it usually takes weeks or even months before these approvals could be obtained which can delay the commencement of business operations of the FinTech companies.

5. Stringent Capital Requirements: The capital requirements for various FinTech licenses from the CBN have been criticized and said to be very burdensome especially for start-ups.

These capital requirements have been said to make the provision of financial services unnecessarily expensive. For examples, the capital requirement for Payment Solution Service (PSS) license is 250 million Naira, Mobile Money Operators (MMO) license is 2 billion Naira, etc. these are expensive and not affordable for many potential players in the FinTech space.

These enormous capital requirements will inevitably stifle innovation and hinder financial inclusion. In 2018, the CBN increased the capital thresholds for Microfinance Banks (MFBs) from 100 million Naira to 1 billion Naira for state MFBs, and from 2 billion Naira to 5 billion Naira for national MFBs thereby causing many FinTechs to go out of business as they simply could not meet the new capital requirements.

6. Frequent Regulatory Changes and Issuance of New Regulations: The Nigerian FinTech regulatory environment is constantly evolving and this is closely marked by regulators issuing frequent amendments to guidelines and regulations. In some circumstances, guidelines and regulations are superseded with the issuance of new ones that introduce additional onerous compliance obligations, revised licensing fees, etc.

These frequent changes create regulatory compliance burden on FinTechs, requiring them to ensure that their processes, systems and operations comply with the latest regulations or amendments. For instance, the CBN issued a circular on 6 May 2024 requiring all financial institutions to reconfigure their systems for the purpose of deducting cybersecurity levy within a stipulated period.

However, barely two weeks after the CBN directive, the CBN circular requiring financial institutions to reconfigure their systems for the cybersecurity levy deductions was withdrawn by the CBN. Many financial institutions would have incurred cost as a result of taking steps to comply with the circular failing which they may be sanctioned by the CBN.

7. Compliance Costs: The many regulations hurdle that FinTechs are required to comply with, are quite expensive thereby leading to increased and expensive compliance costs. Many startup FinTechs struggle to absorb these costs. These enormous compliance costs together with operational costs create regulatory and operational burden for many FinTechs which if not managed properly, could prevent them from upscaling and ultimately may lead to their demise.

Overregulation as a Myth in Nigeria

Despite the various issues which show that FinTechs appear to be overregulated in Nigeria, there are various reasons why it is arguable that the nature of regulations of FinTechs is very necessary.

1. Consumer Protection: The regulation of FinTechs in Nigeria is necessary for the purpose of ensuring consumer protection. Many regulations put in place by the regulators such as customer due diligence requirements, FCCPC’s registration requirement, data compliance, etc. are designed to safeguard consumers in areas such as fraud, predatory lending practices and financial crimes, breach of data, etc.

The FCCPC’s registration requirement for digital money lenders was put in place to protect consumers from exploitative practices such as breach of data privacy, threats and intimidating tactics for loan recovery, etc.

Without FinTech regulations, consumers may be subject to arbitrary charges, data breaches and delayed or lack of resolution of legitimate complaints, etc.

The capital requirements and the strict licensing regime put in place by the CBN also ensure that only promoters that are financially capable are admitted into the Nigerian FinTech ecosystem. In doing so, the CBN ensures that consumers’ funds are protected while in the custody of licensed FinTech operators.

The SEC also requires the registration of players in the Nigerian capital market to enable it bring the players within its regulatory purview. SEC has consistently advised Nigerians against investing in unregistered investment schemes and issued notices notifying Nigerians of fraudulent/unregistered investment schemes.

The effort by the SEC is to ensure consumer protection by ensuring that Nigerians do not invest in fraudulent/unregistered investment schemes and thereby lose their funds. Despite the efforts of the SEC, many Nigerians invested and lost about 822 million USD in CBEX, a Ponzi Scheme which promised Nigerian investors high returns on their investments. Without regulation of FinTechs, there would be little to no consumer protection.

2. Stability and Security of the Financial System: The regulators issue regulations to address important issues that may affect the stability and security of the financial systems if left unregulated.

To ensure the security and stability of the financial system, the regulators such as the CBN have put in place the minimum standards that must be complied with for any FinTech company to operate in Nigeria. These minimum standards are put in place to safeguard the financial system and also protect consumers whose funds and data may be stolen by cybercriminals without the adoption of the minimum standards.

The CBN issued the Risk-Based Cybersecurity Framework and Guidelines for Other Financial Institutions, 2022 providing for the minimum cybersecurity measures to be taken to ensure their continued safe and secured operations. The CBN also requires compliance with Anti-money laundering requirements by promoters applying for financial licenses from the CBN.

These efforts by the CBN are to ensure that the financial system remains stable, reliable and secured for consumers and other players in the financial sector.

3. Supportive Regulatory Initiatives: The regulatory sandbox and the regulatory incubation programs operated by the CBN and SEC respectively tend to provide potential operators in the financial services sector with regulatory support to ensure that their innovative products are tested in a regulated environment fostering innovation while also ensuring compliance.

The CBN has also issued regulations which ensures that the provision of financial services is not restricted to the use of traditional bank account number through regulations that allow the creation and operation of e-wallets, opening of bank accounts with phone numbers, etc.

4. Continued Growth of the Fintech Sector: Despite the enormous regulatory challenges which FinTechs tend to face in Nigeria, they have continued to experience exponential growth. Nigeria is home to FinTech unicorns which include Flutterwave, Opay, Moniepoint, etc. This shows that when followed to the letter, the regulations do not necessarily inhibit the normal operation or growth of FinTechs or limit their profitability but instead provide them with a necessary framework for growth.

Conclusion

We have discussed the key areas where there appear to be strict and burdensome regulations of FinTechs in Nigeria in what could be regarded as overregulation. We have also considered some of the key issues which show that strict FinTech regulations are necessary especially for ensuring the stability and security of the financial system and the protection of consumers.

There are valid arguments on both sides which show that FinTech overregulation in Nigeria may be a reality and may also be a myth. Whether FinTechs are overregulated in Nigeria would depend on which angle one decides to look at it.

When viewed from the necessity of ensuring consumer protection, fraud prevention, KYC, anti-money laundering, the stability and security of the financial system, one could argue that FinTech overregulation in Nigeria is a myth.

However, when viewed from the rigid licensing and capital requirements, mandatory minimum standards, lack of discretion, etc, it may be argued that FinTech overregulation in Nigeria is a reality. It is important that the regulators maintain a balanced perspective when regulating, issuing guidelines and regulations to ensure that FinTech companies are not stifled from innovating and growing.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.
For further information or to see our other service offerings, please visit www.goldsmithsllp.com or contact:

Arbitration is a process where parties to a dispute agree to submit their dispute to one or more neutral third parties, known as arbitrators, who render a binding decision on the matter. This method is distinct from other ADR forms, such as mediation or conciliation, in that the arbitrator’s decision is typically final and enforceable, similar to a court judgment. The consensual nature of this approach allows parties to tailor the process to their specific needs, selecting arbitrators with relevant expertise and determining procedural rules that best suit the context of their dispute.

The advantages of using Alternative Dispute Resolution in Commercial disputes provides confidentiality, expertise, flexibility and autonomy, enforceability, cost and time efficiency.

Regulatory Framework in Nigeria.

Nigeria has established a comprehensive regulatory framework for private dispute resolution, notably through the Arbitration and Mediation Act 2023 (the Act). This legislation modernizes and consolidates the country’s approach to alternative dispute resolution, aligning it with international standards and best practices.

Key Features of the Arbitration and Mediation Act 2023:

1. Unified Legal Framework: The Act creates a unified pathway for resolving conflicts via private mechanisms, promoting fair and efficient outcomes in commercial matters.
2. Mandatory Stay of Court Proceedings: Courts are now mandated to halt proceedings and refer parties to dispute resolution when a valid agreement exists, unless the agreement is deemed void, inoperative, or incapable of being performed.
3. Third-Party Funding: The Act explicitly permits third-party funding, addressing previous uncertainties and enhancing access to justice. This arrangement involves a funder who has no prior interest in an investment or commercial dispute, providing financial support to one of the parties engaged in the dispute resolution, in return for a share of the eventual proceeds of the award, if any.
4. Award Review Tribunal: This innovative provision allows parties to opt for an Award Review Tribunal to review arbitral awards, providing an additional layer of scrutiny before resorting to court intervention.
5. Interim Measures: The Act empowers both arbitral tribunals and national courts to grant interim relief to protect parties’ interests during dispute resolution. Interim measures issued by arbitral tribunals are enforceable by the courts, strengthening the process’s effectiveness. Examples of Interim measures include injunctions, security for costs, preservation of assets.
6. Arbitrator Immunity: The Act grants immunity to arbitrators, appointing authorities, and arbitral institutions, except in cases of bad faith, promoting impartiality and independence.
7. Electronic Communications: Agreements can now be validly made through electronic communications, broadening the scope of acceptable forms for such agreements.

These provisions collectively enhance Nigeria’s alternative dispute resolution landscape, making it more attractive for both domestic and international commercial disputes. The Act’s alignment with global standards underscores Nigeria’s commitment to providing a robust and efficient dispute resolution mechanism.

Reasons Why Parties Should Choose Arbitration

This method offers several compelling advantages over traditional litigation, making it an attractive option for resolving commercial disputes:

1. Confidentiality: Proceedings are conducted in private, ensuring that sensitive business information remains confidential. This privacy helps protect trade secrets and maintain reputations.
2. Expertise of Arbitrators: Parties can select arbitrators with specialized knowledge relevant to their industry or the specific issues at hand, leading to more informed and appropriate decisions.
3. Flexibility and Control: The process can be customized to fit the parties’ preferences, ranging from the procedural rules and timelines to the venue of hearings.
4. Enforceability of Awards: Arbitral awards are generally easier to enforce internationally compared to court judgments. Nigeria is a signatory to the New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards, which means that awards obtained abroad can be enforced in Nigeria.
5. Cost and Time Efficiency: This mechanism is often quicker and less expensive than court litigation. . The streamlined procedures and limited discovery processes often result in faster resolutions, reducing legal fees and associated costs. For example, a typical court case in Nigeria can take 4 to 10 years to conclude, depending on the complexity of the case and the jurisdiction, with some cases taking even longer.
6. Neutral Forum: In international disputes, it offers a neutral venue, which can alleviate concerns about potential biases in a foreign court system. This neutrality fosters fairness and can be pivotal in disputes involving parties from different countries.

The Arbitration Process in Nigeria

To effectively utilize this method of dispute resolution, it’s essential for parties to include clear and comprehensive dispute resolution clauses in their commercial agreements. These clauses serve as a mutual commitment to resolve potential disputes handle potential disagreements outside the courtroom.

The process typically unfolds in the following stages:

1. Commencement: The process begins when a party submits a “Notice of Arbitration” or “Demand for Arbitration,” outlining the dispute and the relief sought. This notice is sent to the opposing party and where applicable, to the designated dispute resolution institution.
2. Selection of Arbitrator(s): Depending on the clause in the agreement, parties select one or more arbitrators based on criteria such as expertise, neutrality, and availability. Selection can be by mutual consent or through institutions such as the Nigerian Institute of Chartered Arbitrators (NICArb), Lagos Court of Arbitration, International Centre for Arbitration and ADR, Maritime Arbitrators Association of Nigeria, or the Lagos Chamber of Commerce International Arbitration Centre. etc.
3. Preliminary Hearing and Scheduling: Once appointed, the arbitrator(s) conduct a preliminary hearing to discuss procedural matters, including timelines, discovery processes, and the scheduling of hearings. This stage ensures that both parties understand the procedures and have an opportunity to present their case adequately.
4. Exchange of Information (Discovery): Parties exchange relevant documents and information pertinent to the dispute. Although this stage is usually more concise than in court proceedings, it still allows for meaningful disclosure to support the hearing.
5. Hearing: During the hearing, both parties present their evidence and argument through their skilled lawyers. This may include witness testimonies, expert reports, and documentary evidence. Hearings can be conducted in person, via video conference, or through written submissions, depending on the agreement and circumstances.
6. Deliberation and Award: After the hearing, the arbitrator(s) deliberate and issue a written decision, known as an award. This award is binding on the parties and enforceable in courts, subject to limited grounds for challenge.

Throughout the dispute resolution process, parties maintain control over various aspects, such as selecting arbitrators and tailoring procedures to fit the specific needs of their dispute. This flexibility, combined with the binding nature of arbitral awards, makes this method a valuable tool for resolving commercial disputes efficiently and effectively.

Parties’ Role in the Arbitration Process

In resolving disputes outside the courtroom, the disputing parties play a central and proactive role, exercising significant control over various aspects of the process. Their key responsibilities and rights include:

1. Initiating the Process: A party seeking to begin proceedings must file a “Notice of Arbitration” or “Demand for Arbitration,” formally initiating the proceedings and outlining the dispute and desired remedies.
2. Selecting Arbitrators: Parties have the autonomy to choose arbitrators with relevant expertise and impartiality, ensuring a knowledgeable and unbiased tribunal.
3. Determining Procedural Rules: Through mutual agreement, parties can establish the rules governing the proceedings, including timelines, confidentiality measures, and specific procedures, tailoring the process to their specific needs.
4. Presenting Evidence and Arguments: Parties through their lawyers are responsible for presenting their case, including submitting evidence, calling witnesses, and making legal arguments to support their positions.
5. Maintaining Confidentiality: Given that this form of dispute resolution is a private process, parties are expected to uphold the confidentiality of the proceedings, safeguarding sensitive information and the integrity of the process.
6. Complying with the Arbitral Award: Once a decision is rendered, parties are obligated to adhere to the terms of the arbitral award, which is binding and enforceable. It can be contested on specific grounds including misconduct, fraud or error in judgement.

By actively engaging in these roles, parties can ensure a fair, efficient, and tailored resolution to their commercial disputes.

Contract Clauses and Pending Court Proceedings

When a commercial contract includes an alternative dispute resolution clause specifying that disputes should be resolved through a private adjudication process, and a party initiates court proceedings instead, the legal framework provides mechanisms to address this situation.

Under the Arbitration and Mediation Act 2023 (AMA), if a lawsuit is filed concerning a matter covered by such an agreement, the defendant can request the court to refer the parties to the agreed procedure. Section 5(1) of the AMA mandates that courts must redirect the matter unless the agreement is found to be “null and void, inoperative, or incapable of being performed.” This provision underscores the judiciary’s commitment to upholding parties’ agreements to arbitrate disputes.

To enforce the private dispute resolution clause, the defendant should promptly file an application for a stay of proceedings before submitting any pleadings or taking further steps in the court process. Timeliness is crucial; any delay or participation in the court proceedings may be interpreted as a waiver of the right to arbitrate. The court, upon receiving such an application, is obligated to halt its proceedings and direct the parties to follow the agreed path,  provided the agreement is valid and applicable to the dispute at hand.

The enactment of the AMA has further solidified the legal framework supporting private dispute resolution in Nigeria. By aligning with international standards, the AMA enhances the enforceability of such agreements and awards, providing parties with greater confidence in choosing this method as their preferred dispute resolution mechanism.

Conclusion

Arbitration plays a crucial role in resolving commercial disputes by offering parties a flexible, efficient, and enforceable alternative to litigation. As an ADR mechanism, it provides confidentiality, expert decision-making, international enforceability and cost-effectiveness, making it a preferred choice for businesses seeking to protect their commercial interests.

By including well-drafted dispute resolution clauses in commercial agreements, parties can ensure that disputes are resolved in a structured manner, avoiding the delays, costs and uncertainties of court litigation.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

In Nigeria, it is possible to apply for the cancellation of a registered trademark based on any of the grounds provided by law and upon satisfaction of some conditions as outlined by the Nigerian Industrial Property Office (NIPO). The main grounds for applying to revoke a trademark in Nigeria are usually for non-use and non-renewal of the trademark.

Section 31(1) of the Trademarks Act of Nigeria, 2004 (the Act) states that a registered trademark can be removed from the Register of Trademarks in relation to specific goods for which it is registered. This removal can be initiated through an application made by any person who establishes sufficient interest to the satisfaction of the Registrar or the court. The Act stipulates various grounds for applying to the Registrar of Trademarks for the removal of a registered trademark.

Grounds for Revocation of a Trademark in Nigeria

The grounds for removal of a registered trademark include non-use, non-renewal, failure to observe a condition precedent, where the registration was obtained by fraud, etc.

1. Non-use:

   The Act allows a trademark to be revoked if it has not been used. One ground for cancellation is when the trademark was registered without any genuine intention to use it. In this case, no real use of the trademark should have occurred up to one month before the revocation application.

   The person seeking revocation must prove that the owner never intended to use the trademark and that it has not been used during that time.

   Another ground for removal is when the trademark has not been used for a continuous period of at least five years, up to one month before the application date. Even if there was an initial genuine intention to use the mark, it can still be revoked if it remains unused for five years and one month in relation to the registered goods or services.

Exceptions to Revocation on the Ground of Non-Use

The Act provides for exceptions or defenses to the cancellation of trademarks on the ground of non-use.

1. Bona fide Use:

   If the trademark has been used in good faith by the proprietor for the goods it is registered for, it is exempt from removal due to non-use. This use must fall within the relevant period before a revocation application can be made.

   However, this exemption does not apply if the applicant seeking revocation has been allowed under Section 13(2) of the Act to register an identical or similar mark for the goods, or if the tribunal permits such registration despite prior use.

2. Special Circumstances:

   Special circumstances that prevented the proprietor from using the trademark also protect against revocation for non-use. Non-use caused by factors beyond the proprietor’s control, rather than an intentional decision to abandon the trademark, is a valid defense.

   For example, if a government ban restricts an industry such as cryptocurrency, the trademark for that business may be unusable during the ban. This situation is considered a valid exception since the trademark was not deliberately abandoned.

3. Protection for Well-Known Marks:

   Well-known trademarks registered across various goods classes cannot be revoked for non-use in Nigeria because of their popular status. This protection applies even if the mark isn’t used for all registered classes.

   A highly popular mark may be exempt from removal if the proprietor applies and the Registry acknowledges it as a well-known mark. This ensures genuine trademark rights are preserved fairly.

4. Failure to Observe a Condition Precedent:

   A registered trademark can be revoked if it is shown that the proprietor of the relevant mark or goods failed to comply or observe a condition precedent in relation to the trademark.

   In defense, a proprietor can provide evidence of compliance or fulfilment of the stipulated conditions to avoid removal of the trademark.

5. Non-Renewal of Trademark:

   The registration of a trademark in the Register of Trademarks does not guarantee perpetual protection of the mark. Registration is valid for an initial period of seven years in Nigeria, with the possibility of renewal for subsequent fourteen-year periods.

   The non-renewal of an expired trademark may lead to the cancellation of the mark upon the application of an interested party.

   A defense to an alleged non-renewal is proof that the Registrar did not issue the required statutory notice for renewal.

Other grounds for removal include giving inaccurate or misleading information regarding a trademark when obtaining or maintaining a trademark registration, where the trademark registration was obtained by fraud, where the trademark is likely to cause confusion, where it is scandalous or contrary to law and morality and where the trademark is found to be infringing on the rights of another party.

Procedure for Revocation of a Trademark in Nigeria

An application for the cancellation of a trademark in Nigeria can be made to either the Registrar of Trademarks or to the Federal High Court.

Where it is made to the Registrar, it shall be in the prescribed form and accompanied by a statement of the applicant’s interest, relevant facts upon which the case is founded, and reliefs sought.

Where the applicant is not the registered proprietor of the trademark in question, copies of the application will be provided by the applicant and sent by the Registrar to the registered proprietor.

The defendant is entitled to file a Counter-Statement or Defense to the applicant’s claims. The applicant may file a Reply if necessary.

In revocation proceedings before the Registrar, evidence is typically provided through statutory declarations unless the Registrar directs otherwise. In any case where the Registrar thinks it right to do so, he may take oral testimony instead of or in addition to evidence by statutory declaration.

After reviewing the evidence, the Registrar will determine the question between parties, subject to appeal to the Federal High Court. It is important to note that the Registrar may at any stage of the proceedings refer the application for cancellation to the court.

An application for removal is made to the Federal High Court in the prescribed form where a matter is pending before the court regarding a particular trademark. An appeal from a decision on removal of trademark by the Registrar lies firstly with the Federal High Court, then with the Court of Appeal and finally with the Supreme Court.

In the case of non-renewal of trademark, the Registrar may revoke an expired trademark where the proprietor fails to pay the renewal fee prior to the expiration date or fails to pay the renewal fee with the appropriate surcharge after the expiration date, after the necessary notice of impending expiration has been sent by the Registrar.

The Registrar is statutorily required to notify the registered proprietor of the trademark of the impending expiration not less than one month and not more than two months to the expiration date in the first instance and not less than 14 days but not more than one month to the expiration date in the second instance.

Where the proprietor fails to pay the necessary fee before the expiration date, the Registrar shall advertise the expiration of the trademark in the Trademarks Journal and shall be free to remove the trademark from the Register where the proprietor fails to pay the renewal fee with any surcharge for late renewal within one month after the advertisement.

Conclusion

Nigerian law allows for cancellation of trademark on a variety of grounds. These include non-use, non-renewal, obtaining registration by fraud, etc. An application for revocation can be made by an interested party to the Registrar of Trademarks or to the Federal High Court.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact: