The Central Bank of Nigeria, CBN. [PHOTO CREDIT: Ehud Kaduna]

CBN to enforce 0.005% cybercrime levy on transactions

This rate is lower than the 0.5 per cent levy previously introduced by the CBN in May.

by · Premium Times

The Central Bank of Nigeria (CBN) has announced the enforcement of a 0.005 per cent levy on all electronic transactions conducted by banks and financial institutions.

According to the CBN’s monetary, credit, foreign trade, and exchange policy guidelines for the fiscal years 2024-2025, published on Tuesday, the measure is in compliance with the Cybercrime (Prohibition, Prevention, etc.) Act, 2015.

“The CBN shall continue to enforce the payment of the mandatory levy of 0.005 per cent on all electronic transactions by banks and other financial institutions, in accordance with the Cybercrime (Prohibition, Prevention, etc.) Act, 2015,” it said.

The new development comes against the backdrop of the controversial rate of 0.5 per cent previously introduced by the CBN in May.

The rate generated debate among Nigerians, prompting the House of Representatives to direct the CBN to suspend its implementation.

The levy, which applies to various forms of electronic transactions, is designed to support the development of a robust cybersecurity infrastructure in Nigeria.

The funds collected are expected to be allocated to enhance the nation’s capabilities in cyber intelligence, investigation, and prevention of cybercrimes.

According to a CBN guideline, banks and Payment Service Providers (PSPs) are required to adhere to cybersecurity guidelines issued earlier.

CBN issues new guidelines for payment service providersCBN outlined that acquirers must now route all PoS transactions from merchant and agent locations through a CBN-licensed PTSA.Ayodeji Adegboyega, 13 Sep 2024

“Pursuant to the circular titled “Issuance of Risk-based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Providers” referenced BSD/DIR/GEN/LAB/11/25, and dated October 10, 2018, issued by the CBN to combat the increasing cyber security threat in the banking industry, banks and Payment Service Providers (PSPs) are mandated to adhere to the guidelines on the risk-based cyber security framework.

“Similarly, another framework titled “Issuance of Risk-based Cybersecurity Framework and Guidelines for Other Financial Institutions (OFIs)”, referenced OFI/DOA/CON/ACT/004/155, was issued on June 29, 2022. The guidelines specified the minimum cyber security baseline to be implemented by banks, OFIs and PSPs, and mandated the appointment of a Chief Information Security Officer (CISO) to oversee cyber security issues,” it read.