In Nigeria, the principal forms of corporate and business organisations are governed mainly by the Companies and Allied Matters Act 2020 (CAMA). These structures differ in legal personality, liability exposure, regulatory requirements, ownership flexibility and operational complexity.

Companies

Companies are the most structured form of business organisation in Nigeria. They have separate legal personality, perpetual succession and the capacity to own property, enter contracts and sue or be sued in their own name. Members’ liability is determined by the type of company and is generally limited. CAMA recognises the following principal company forms.

• A private company limited by shares is a corporate entity separate from its owner or owners, with perpetual succession and the capacity to sue and be sued in its own name. Members’ liability is limited to the amount unpaid on their shares, and the company is restricted from offering its shares to the public unless authorised by law. It is the most commonly used corporate structure in Nigeria due to its flexibility and suitability for profitmaking activities.
• A public company limited by shares also has a separate legal personality distinct from its shareholders and enjoys perpetual succession. There is no restriction on the number of shareholders, and it may invite the public to subscribe for its shares, subject to compliance with applicable securities and listing regulations. It is a corporate entity designed for broader ownership participation and large-scale capital mobilisation from the public.
• A company limited by guarantee is incorporated primarily for non-profit purposes, including the promotion of commerce, art, science, religion, culture, education, research, sports, charity or similar objects. It has no share capital, and members undertake to contribute a specified amount to the company’s assets in the event of winding up.
• An unlimited company is a corporate entity in which members have unlimited liability for the company’s debts and obligations in the event of winding up, although the company retains separate legal personality during its existence. This form is uncommon in practice and is typically adopted where members are willing to assume full financial exposure.

Partnerships

Partnerships involve two or more persons carrying on business with a view to profit. While traditional partnerships are governed by state partnership laws, CAMA recognises enhanced partnership structures that provide greater flexibility and liability protection.

• A limited liability partnership (LLP) is a hybrid structure combining partnership flexibility with separate legal personality. It must have at least two partners, and partners’ liability is limited to their agreed contributions. LLPs are commonly used by professional and advisory firms.
• A limited partnership (LP) consists of at least one general partner with unlimited liability and one or more limited partners whose liability is restricted to their capital contribution. Limited partners do not participate in management, and typically act as investors.

Business Names

A business name is the simplest form of business registration under CAMA and is commonly used by sole proprietors. It does not create a separate legal personality, and the proprietor bears unlimited personal liability for business debts and obligations. Regulatory requirements are minimal, making this structure suitable for small-scale enterprises.

Incorporated Trustees

Incorporated trustees are non-profit corporate bodies formed for purposes such as religion, education, culture, charity, sports or social development. Upon registration under CAMA, the trustees become a body corporate with perpetual succession. These entities do not have shareholders or share capital, and are prohibited from distributing profits, making them suitable for associations and public interest organisations.

Corporate governance in Nigeria is shaped by statute, national codes, capital market rules and sector-specific regulations. CAMA is the primary statutory source and governs directors’ duties, shareholder rights, meetings, disclosures and internal controls. This is complemented by the Nigerian Code of Corporate Governance (NCCG 2018), issued by the Financial Reporting Council of Nigeria (FRCN), which provides best-practice principles on an “apply and explain” basis. Public companies are further regulated by the Securities and Exchange Commission Nigeria (SEC) and the listing and disclosure rules of Nigerian Exchange Limited (NGX), while sector regulators like the Central Bank of Nigeria (CBN), National Insurance Commission (NAICOM) and National Pension Commission impose additional industry-specific standards.

Companies with publicly traded shares in Nigeria are subject to mandatory corporate governance obligations designed to promote transparency, accountability and investor protection. These requirements are primarily enforced through the SEC Corporate Governance Guidelines, the Investments and Securities Act 2025 (ISA 2025), the NCCG 2018 and the NGX Continuing Obligations Rules.

Key Requirements

• Board composition and independence: public companies must have a minimum of five directors, including at least one Independent Non-Executive Director (INED). The roles of Chairperson and Chief Executive Officer (CEO) must be separate, to ensure effective checks and balances. The SEC also discourages excessive cross-directorships and interlocking family relationships, and restricts the movement of INEDs into executive roles within the same group.
• Board committees: companies are required to establish a statutory Audit Committee to support financial oversight, regulatory compliance and the protection of shareholders’ interests. The committee is typically composed of two non-executive directors and three shareholders’ representatives, ensuring a balance between director oversight and shareholder participation.
• Disclosure and transparency: public companies must publish periodic financial and governance disclosures on their websites, in line with filings to the SEC and NGX. They are also required to disclose shareholders with 5% or more control or voting rights, to ensure transparency of ownership.
• Listing obligations (NGX): listed companies must comply with ongoing requirements, including quarterly, semi-annual and annual financial reporting, immediate disclosure of price-sensitive information, and annual certification of compliance with governance standards.
• Governance framework compliance: public companies must comply with both the NCCG 2018 and the SEC Corporate Governance Guidelines, including disclosure of governance practices and adherence to the “apply and explain” approach.

Corporate governance compliance for publicly traded companies in Nigeria is mandatory and enforceable. Non-compliance may attract regulatory sanctions, director liability, suspension or delisting, and significant reputational damage.

Regulatory reforms introduced under the ISA 2025, together with related SEC circulars and NGX guidelines, have significantly tightened listing standards and corporate governance obligations for publicly traded companies and capital market operators (CMOs) in Nigeria. These reforms reflect a regulatory focus on accountability, transparency, board effectiveness and enhanced investor protection.

Board Structure and Composition

• Heightened director accountability: under ISA 2025, directors are now subject to enhanced personal civil and criminal liability for disclosure failures and regulatory breaches. Directors are required to exercise individual due diligence and can no longer rely solely on collective board decisions or board approvals as a shield against liability.
• Director tenure limits: new tenure limits have been introduced for directors of significant public interest entities, providing that directors may serve a maximum of ten consecutive years on the same board and a cumulative maximum of 12 years within the same corporate group. These limits are designed to curb entrenchment and promote board refreshment.
• Cross-directorship restrictions: membership on the boards of competing companies is now strictly prohibited, strengthening conflict-of-interest safeguards and protecting competitive integrity.
• Prohibition of INED transmutation: a key SEC circular issued in June 2025 expressly prohibits the conversion of INEDs into executive directors or CEOs within the same company or group. This measure reinforces INED independence and preserves objective oversight.
• Cooling-off period for leadership roles: former CEOs or executive directors are prohibited from assuming the role of Board Chair until after a mandatory three-year cooling-off period.
• Mandatory AI oversight: boards are increasingly expected to oversee responsible use of AI, supported by formal AI governance frameworks, board-level policies and director training. While still emerging, this expectation signals regulators’ intent to treat AI risk as a core governance issue.

Disclosure Obligations

• Expanded shareholding disclosure: directors are now required to disclose all shareholdings, including direct and indirect interests, and proprietary, nominee and fiduciary holdings. These disclosures must be made prior to appointment and updated in annual reports, enhancing transparency around control and related-party interests.
• ESG and sustainability reporting: regulators are embedding ESG considerations into board-level oversight. A phased implementation of sustainability reporting is underway, with a voluntary adoption period for IFRS Sustainability Disclosure Standards from 2024–2027, and mandatory sustainability reporting expected to commence from 2028.Boards are therefore expected to begin integrating ESG governance structures ahead of full regulatory enforcement.
• Real-time market disclosure: listed companies are now required to make real-time disclosure of price-sensitive information, marking a shift away from deferred or periodic disclosure models. This enhances market integrity and reduces information asymmetry.

Shareholders and Market Participants

• Review of free-float requirements: regulators are actively reviewing free-float thresholds to improve market liquidity, particularly in large issuers where founding or controlling shareholders retain the majority of shares. This reform aims to expand public participation and deepen capital market activity.
• Recapitalisation of CMOs: a major recapitalisation exercise for CMOs is ongoing, with a compliance deadline of 30 June 2027. The initiative is intended to strengthen systemic resilience, improve operational capacity and protect minority investors from market failures.
• Enhanced minority shareholder protection: ISA 2025 places stronger emphasis on minority investor protection, including proposals for mandatory tender offer requirements in acquisition and change-of-control transactions. These measures aim to ensure fair exit opportunities and equitable treatment of minority shareholders.

The principal bodies involved in the governance and management of a company are as follows.

• The board of directors is responsible for the strategic direction of the company and for appointing and supervising management. Under CAMA, it is vested with broad managerial powers but must act in good faith and in the best interests of the company and its stakeholders. To promote independence, CAMA prohibits one person from serving as both Chair and CEO.
• Executive management handles the day-to-day operations of the company and implements its strategic plans. They are accountable to the board and must act in the best interests of the company.
• Board committees support the board by providing focused oversight and making informed recommendations on key areas such as audit, risk, governance and remuneration.
• he company secretary provides governance and administrative support, advises on legal and regulatory compliance, facilitates communication between the board and management, and ensures proper conduct of meetings and maintenance of statutory records.
• Internal auditors assess internal controls, risk management systems and compliance, helping to detect inefficiencies and operational risks.
• External auditors independently review the company’s financial statements and express an opinion on their accuracy and fairness.
• Regulatory authorities are government agencies that oversee corporate activities to ensure compliance with applicable laws and corporate governance standards.
• The general meeting is the ultimate decision-making body of the company. Under CAMA, members exercise key powers such as appointing and removing directors, approving dividends, appointing auditors, and altering the company’s capital structure or constitutional documents.

Together, these bodies create a balanced governance framework built on accountability, transparency and effective control.

The primary decision-making authority in a corporate entity rests with the board of directors, although decision-making responsibilities are distributed across different governance bodies depending on their roles. Importantly, some governance bodies do not have independent decision-making power but instead exist to support effective oversight, compliance and sound governance.

• The board of directors is the central decision-making organ of the company. It determines and oversees strategy, risk management, internal controls, corporate governance standards, performance management and overall corporate direction. It also shapes policies on structure, composition and remuneration, while ensuring transparency and accountability in line with CAMA.
• Executive management is responsible for implementing board decisions and handling daily operations. Its authority is delegated by the board and exercised within approved policies and strategic frameworks.
• Statutory and board committees focus on specialised technical areas, such as audit, risk and remuneration. They do not make final decisions but provide analysis and recommendations to support board decision-making.
• As the owners of the company, shareholders retain control over fundamental decisions reserved to them by law or the company’s articles of association. These typically include the appointment and removal of directors, the appointment of external auditors, changes to share capital or business objectives, winding up, etc.
• Regulators and government agencies influence corporate decision-making externally by enforcing compliance with laws, issuing guidelines and setting governance standards that companies must follow.

The decision-making processes of key corporate bodies are structured and governed primarily by the company’s articles of association and the provisions of CAMA.

• Board decisions are usually made at formally convened board meetings through resolutions after deliberation. Voting procedures are typically set out in the articles of association and are commonly based on a simple majority. Where urgency prevents a meeting, decisions may be taken by written resolution, including electronic signatures of all directors, where permitted.
• Shareholder decisions are made at general meetings of the company. Voting procedures depend on the articles of association and the nature of the resolution. In some companies, voting rights are proportionate to shareholding, while in others each share carries equal voting power.
• Executive management operates within the authority delegated by the board. Its decision-making is focused on implementing board resolutions and making operational decisions necessary to achieve approved strategic objectives.
• Other governance bodies (supporting structures), such as board committees, auditors, the company secretary and regulatory bodies, do not typically make binding corporate decisions. Instead, they follow structured processes such as committee deliberations, audits, compliance reviews and regulatory enforcement procedures. Their outputs – such as reports, recommendations and approvals – support and influence the decision-making of the board and shareholders, ensuring that decisions are informed, compliant and properly executed.

Overall, while the board and shareholders make formal corporate decisions, executive management ensures execution within the defined limits of authority, maintaining alignment with the company’s strategic direction.

In Nigeria, board structures are guided by CAMA and the NCCG 2018. A typical board comprises executive, non-executive and independent non-executive directors, ensuring a balance between management and oversight.

It is typically headed by a Chair, who leads the board, while the CEO manages the day-to-day operations, with both roles usually separated to ensure checks and balances. The board also operates through specialised committees such as the audit, risk management, remuneration and nomination committees, which handle specific governance responsibilities.

The roles of board members are typically set out in the company’s board charter and are structured to ensure clear governance and accountability.

• The board chair provides overall leadership to the board, ensures effective functioning and promotes cohesion in support of the company’s strategic objectives. Under the NCCG 2018, the Chair should not sit on any board committee, in order to preserve independence.
• Non-executive directors provide independent oversight by monitoring management’s execution of strategy, constructively challenging decisions, and ensuring alignment with the board’s governance framework and risk appetite.
• INEDs perform similar roles to non-executive directors, with the key distinction being that they have no material interest in the company and provide objective judgement, enhancing transparency and impartiality.
• Executive directors/management typically include the CEO and other senior executives (such as the CFO and COO), and are responsible for day-to-day operations and the implementation of board-approved strategies.

Board composition in Nigeria refers to the mix of directors in terms of number, independence, skills, experience and diversity. Under CAMA, private companies (except small companies) must have at least two directors, while public companies must have a minimum of three directors, including at least one INED. Boards are typically composed of executive directors and non-executive directors, including independent non-executive directors who provide objective oversight. Best practice, as reflected in the NCCG 2018, recommends that non-executive directors form the majority of the board. There is also growing emphasis on diversity in skills, experience and gender, to strengthen board effectiveness and decision-making.

The appointment, rotation and removal of directors in Nigeria are governed primarily by CAMA and the company’s internal governance documents.

• Appointment: the first directors are appointed by the promoters at incorporation, while subsequent directors are appointed by shareholders through an ordinary resolution at a general meeting. Where a casual vacancy arises (eg, death, resignation or removal), the board may appoint a replacement, subject to shareholder ratification at the next general meeting.
• Disqualification: persons disqualified from acting as directors include minors (under 18), persons of unsound mind, individuals removed or disqualified for insolvency, fraud or bankruptcy, and corporate bodies (except through a nominated representative).
• Retirement and re-election: unless otherwise provided in the articles, all directors retire at the first AGM, and thereafter one third retire annually by rotation. Retiring directors may be reappointed.

Removal of a Director Under CAMA in Nigeria

Unless otherwise provided in a company’s articles of association or board charter, the removal of a director in Nigeria is governed by CAMA. The process begins with the issuance of a special notice of the resolution to the company at least 28 days before the meeting.

Upon receipt, the company secretary must send a copy of the notice to the affected director and issue notice of the meeting to members at least 21 days before the meeting, including any representations made by the director. The director has the right to be heard at the meeting and may present his or her case, following which the company may pass an ordinary resolution to remove the director or otherwise.

CAMA establishes directors as fiduciaries, requiring them to act in good faith and in the best interests of the company. Directors must avoid conflicts of interest and disclose any direct or indirect interests, including personal or related-party dealings. CAMA also promotes board independence through the inclusion of INEDs and the separation of the roles of Chair and CEO.

The NCCG 2018 further defines independence as freedom from relationships that may impair objective judgement, and recommends a majority of non-executive and independent directors on the board. The SEC has reinforced these standards with rules on tenure limits and cooling-off periods, and restrictions on transitioning independent directors into executive roles.

In practice, conflicts are managed through disclosure, transparency and recusal where necessary.

Directors’ duties extend to company officers and are statutorily defined under CAMA. They include the obligation to:

• act in good faith and in the best interests of the company, preserving its assets and advancing its objectives;
• exercise due care, skill and diligence, having regard to what a reasonably competent director would do, including consideration of environmental impacts;
• consider the interests of employees and members when making decisions;
• use powers only for proper purposes, and not for collateral or personal aims;
• exercise independent judgement, without being bound to vote in a predetermined way;
• delegate powers responsibly, without abdicating oversight or accountability;
• avoid conflicts of interest, whether actual or potential; and
• refrain from making secret profits, and account fully to the company for any improper gain.

Under Nigerian law, directors owe their primary duties to the company as a separate legal entity, not to individual shareholders or other stakeholders. They must act in good faith to promote the company’s objectives and long-term success.

However, in fulfilling this duty, directors are expected to consider broader stakeholder interests, including those of employees and shareholders, and the impact of the company’s activities on the environment and society. They must also consider the long-term consequences of their decisions.

While these considerations do not override the duty owed to the company, they help to define what acting in the company’s best interests means in practice, reflecting a more stakeholder-aware and sustainability-focused approach to corporate governance in Nigeria.

Under Nigerian law, particularly CAMA, directors owe their duties primarily to the company as a separate legal entity, meaning the company is the main party entitled to sue for breaches. Remedies available include injunctions, damages and rescission of contracts. However, shareholders may bring actions (typically derivative suits) where the company is unwilling or unable to act, such as in cases of illegal or ultra vires acts, fraud, infringement of personal rights or misuse of resolutions, or where directors profit from breaches. Regulatory oversight is also exercised by bodies like the FRCN, the SEC and the CBN, which may impose sanctions for non-compliance with governance rules. Consequences for breach can include removal from office, personal liability for losses, regulatory fines and clawback of improperly earned incentives.

Directors and officers of companies in Nigeria are subject to a range of legal and regulatory obligations designed to ensure accountability, transparency and sound corporate governance. Where these obligations are breached, liability may arise from several legal and regulatory frameworks, depending on the nature and severity of the misconduct.

• Statutory and regulatory framework: Nigerian companies operate within a robust statutory environment governed by laws and regulatory institutions. Directors and officers are required to comply strictly with applicable laws, regulations and corporate governance codes. Failure to do so may result in regulatory investigations, sanctions, penalties or other enforcement actions.
• Common law principles: under common law, directors owe fiduciary duties to the company, including duties of care, skill, diligence and loyalty. A breach of these duties – such as negligence, abuse of power or breach of trust – may expose directors to personal liability. Courts may hold directors accountable where their conduct falls below the standard expected of a reasonably diligent director acting in good faith.
• Shareholder remedies: shareholders may initiate legal proceedings against directors through derivative actions (on behalf of the company) or direct claims where their personal rights have been affected. These actions typically arise in cases of misconduct, mismanagement or breaches of fiduciary duty that harm the company or its shareholders.
• Criminal liability: in addition to civil liability, directors and officers may face criminal prosecution under Nigerian law for offences such as fraud, insider trading, misappropriation of funds or other financial crimes. Convictions may result in fines, imprisonment or both, depending on the nature and gravity of the offence.
• Tortious liability: directors may also be liable in tort for wrongful acts that cause harm to third parties or the company, including negligence, misrepresentation and defamation. Such liability is independent of contractual or fiduciary obligations, and may arise where a duty of care is breached.
• Regulatory enforcement actions: regulatory bodies such as the SEC, the Corporate Affairs Commission (CAC), the NGX and the FRCN, etc, are empowered to enforce compliance with relevant laws and regulations. These institutions may impose sanctions, issue directives, suspend trading privileges or take other disciplinary actions against companies and their directors for non-compliance.

Limitation of Directors’ Liability

Generally, directors are protected from personal liability for decisions made in the ordinary course of business, provided such decisions are taken in good faith, with due care, and in the best interests of the company. However, this protection is not absolute. Where misconduct, fraud, gross negligence or breach of fiduciary duty is established, courts and regulators may “lift the corporate veil”, thereby holding directors personally accountable for their actions.

The remuneration of non-executive directors is determined by the company in a general meeting. In practice, the board typically submits a proposed remuneration package to shareholders based on the recommendation of the committee responsible for nomination, governance and remuneration. In formulating such proposals, consideration is usually given to prevailing industry standards, the expected time commitment of directors, and the financial capacity of the company.

The remuneration structure for non-executive directors is generally limited to directors’ fees and sitting allowances. These payments are required to be disclosed in the company’s annual report in line with applicable corporate governance and financial reporting requirements. Importantly, non-executive directors are not permitted to receive performance-based compensation, to preserve their independence and objectivity in oversight functions.

Executive directors, who are also employees of the company, typically have their remuneration set out in their employment contracts or letters of appointment. The Remuneration Committee is responsible for designing these packages to align with the company’s long-term objectives and ensuring they are structured to attract and retain competent leadership, without the involvement of executive directors in determining their own pay.

Their remuneration generally includes a fixed annual salary and benefits such as healthcare, housing, car, travel and telephone allowances, as well as performance-based incentives. These packages are subject to board approval and must be disclosed to shareholders in line with regulatory requirements. Executive directors are not entitled to directors’ fees or sitting allowances.

In line with the NCCG 2018, companies are also required to implement clawback provisions, enabling the recovery of performance-based pay where financial results are later found to be materially mis-stated.

The relationship between a shareholder and a company is fundamentally contractual in nature. It is governed by the company’s constitutional documents (primarily the shareholders’ agreement and the memorandum and articles of association), which operate as binding covenants between the company and its members. Accordingly, shareholders are required to comply with the provisions contained in these governing instruments.

Shareholding confers a right of participation in the company rather than a direct proprietary interest in its underlying assets. While shareholders do not own the company’s assets, they are entitled, in proportion to their shareholding, to dividends from distributable profits and, upon winding-up, to any surplus assets remaining after all creditors have been fully satisfied.

Generally, shareholders enjoy limited liability and are not responsible for the acts or obligations of the company. However, in exceptional circumstances, the corporate veil may be pierced, thereby imposing personal liability on shareholders where the company structure is abused or used for fraudulent or improper purposes.

Information on a company’s shareholders and their respective shareholdings can typically be obtained from the company’s records, including its profile on the CAC portal.

Role of Shareholders and Matters Reserved for Their Approval

Shareholders are generally not involved in the day-to-day management of a company; this responsibility is vested in the board of directors in accordance with applicable law and the company’s articles of association. However, certain fundamental decisions are reserved exclusively for shareholder approval, typically including but not limited to:

• the appointment and removal of directors;
• the determination of directors’ remuneration;
• the appointment and remuneration of auditors;
• alteration of the company’s share capital;
• amendment of the memorandum and articles of association;
• conversion of the company (eg, private to public, limited to unlimited, and vice versa);
• change of the company’s name;
• making the liability of directors unlimited;
• the appointment of a director over 70 years of age in a public company;
• the sale or transfer of major company assets;
• the winding up of the company;
• an application for striking the company from the CAC register; and
• the declaration of dividends.

Shareholders exercise these powers through resolutions passed at general meetings. However, under CAMA, private companies may also pass written resolutions without convening a meeting, provided such resolutions are signed by all shareholders.

CAMA provides for two principal types of shareholders’ meetings: the Statutory Meeting and the Annual General Meeting (AGM). A Statutory Meeting is required to be held within six months of incorporation and applies only to public companies. The AGM, however, is mandatory for all companies except small companies and single-member companies, and must be held annually unless otherwise exempted by law.

Under CAMA, no more than 15 months should elapse between one AGM and the next. The CAC may grant an extension for holding an AGM, provided such extension does not exceed three months. Notice of an AGM must be given at least 21 days in advance, although shorter notice is permissible where all shareholders entitled to attend and vote so consent.

Statutory and Annual General Meetings are generally required to be held within Nigeria. However, they may be conducted electronically, provided such arrangements are consistent with the company’s articles of association.

Business transacted at AGMs is classified into ordinary and special business. Ordinary business includes the declaration of dividends, the presentation of financial statements, directors’ and auditors’ reports, the election of directors in place of those retiring, and the appointment, remuneration or removal of auditors and directors. Special business refers to any matters outside the scope of ordinary business.

At general meetings, resolutions are ordinarily decided by a show of hands, unless a poll is demanded by the chair, at least three members present in person or by proxy, or members representing not less than one-tenth of the total voting rights of those present and entitled to vote.

In addition, private companies may pass written resolutions without convening a meeting, provided all members entitled to vote sign the resolution. The mechanism offers greater flexibility in corporate decision-making while maintaining full shareholder consent.

As a general rule, only the company itself is entitled to institute proceedings in respect of any breach of duty or wrongdoing committed against it by its directors. The rule reflects the principle of separate legal personality and majority rule in corporate governance.

However, CAMA provides a structured set of exceptions that allow shareholders to bring claims against the company or its directors in appropriate circumstances, particularly to protect minority interests and prevent the abuse of power.

Injunctive and Declaratory Relief

Shareholders may apply to court for an injunction or declaration to restrain the company from:

• entering into illegal or ultra vires transactions;
• carrying out by ordinary resolution actions that require a special resolution under the articles or the law;
• infringing on a shareholder’s rights as a member;
• committing fraud against the company or minority shareholders where directors fail to act;
• proceeding where it is impracticable to convene a meeting in time to remedy a wrong; or
• actions where directors have benefited, or are likely to benefit, from negligence or breach of duty.

Personal Actions

A shareholder may bring a personal action where their individual rights as a member are infringed. These rights include entitlement to notice of meetings, voting rights, receipt of declared dividends, and attendance at meetings.

Derivative Actions

CAMA also permits shareholders to bring derivative actions on behalf of the company where directors are in breach of fiduciary duty and the board refuses or fails to act. To proceed, a shareholder must obtain leave of court and demonstrate that the action is brought in good faith and is in the best interest of the company.

Protection Against Oppression

A shareholder may also petition the court where the affairs of the company are conducted in a manner that is oppressive, unfairly prejudicial, discriminatory or contrary to public interest.

Interests of Justice

In addition to statutory remedies, courts may entertain shareholder claims where the circumstances are such that the interests of justice require judicial intervention.

In publicly traded companies, shareholders are subject to statutory disclosure obligations once they acquire a significant interest in the company. Under the ISA 2025 and SEC regulations, any person who acquires 5% or more of a company’s voting shares is required to notify both the company and the SEC within the prescribed timeframe – typically within ten business days.

Shareholders are also required to disclose any subsequent material changes in their shareholding, including further acquisitions or disposals that alter their ownership percentage. Upon receipt of such notifications, the company is obligated to inform the exchange and update its records accordingly. These requirements are designed to promote market transparency, deter insider dealing, and ensure that regulators and investors are fully informed of significant ownership changes in listed entities.

Beyond listed entities, the Persons with Significant Control (PSC) Regulations impose disclosure obligations on all companies, not only listed entities. A person is deemed to have significant control where they hold or control at least 5% of the company’s shares or voting rights, and such person must be a natural person.

Under this framework, a PSC is required to notify the company of their interest within seven days of acquiring significant control. The company must then notify the CAC within one month, update its register of members accordingly, and reflect the information in its annual returns.

Collectively, these disclosure requirements strengthen corporate transparency and enhance accountability in both listed and unlisted companies in Nigeria.

In Nigeria, companies are subject to mandatory annual and periodic financial reporting requirements designed to ensure transparency, accountability and regulatory compliance. These obligations vary depending on the nature of the company and the regulatory framework governing its operations, with additional sector-specific requirements imposed by relevant authorities.

• CAMA requirements: all companies are required to prepare and file their annual financial statements with the CAC within 42 days after the AGM.
• Publicly quoted companies: companies listed on the (NGX must submit annual financial statements, quarterly reports and corporate governance reports to the NGX in accordance with listing and disclosure requirements. They are also subject to continuous disclosure obligations, including the timely reporting of price-sensitive information, insider transactions and material changes in shareholding.
• All public companies (whether listed or unlisted) are required to file annual financial statements, quarterly reports and corporate governance reports with the SEC, in addition to meeting any other periodic reporting requirements prescribed by the SEC.
• Public interest entities are required to file annual financial statements and corporate governance reports with the FRCN.
• Insurance operators must submit annual audited financial statements, statutory returns and solvency-related reports to the NAICOM in accordance with sectoral regulatory requirements.
• Banks and other financial institutions are required to file annual financial statements, bi-annual reports and quarterly reports with the CBN.
• Special statutory returns (selected institutions): banks, insurance companies and deposit, provident or benefit societies are also required to file a Statement of Affairs (Fourteenth Schedule) with the CAC on the first Monday of February and the first Tuesday of August each year.

Companies in Nigeria are required to disclose their level of compliance with the NCCG 2018 on an annual basis. This disclosure must clearly outline the extent of compliance and, where applicable, provide explanations for any areas of non-compliance.

The NCCG compliance report is required to be filed with the FRCN on or before March 31st each year. For publicly listed companies, a governance report must also be submitted to the NGX within the same timeframe.

Furthermore, public companies are required to submit an annual corporate governance report in line with the SEC Corporate Governance Guidelines on or before January 31st each year.

Beyond regulatory filings, companies also typically include disclosures on their governance practices within their annual reports, providing stakeholders with broader insight into board structure, governance policies and oversight mechanisms.

In Nigeria, the CAC is the statutory body responsible for the incorporation and regulation of companies under CAMA. It serves as the central registry for corporate entities, ensuring that businesses operate within a structured legal and regulatory framework.

Statutory Filings with the CAC

Companies are required to make a range of statutory filings to maintain compliance and legal standing, including but not limited to:

• annual returns and audited financial statements;
• notices of the appointment, resignation or removal of directors;
• the appointment or change of company secretary and external auditors;
• the allotment or transfer of shares;
• an increase or reduction of share capital;
• an alteration of the memorandum or articles of association;
• a change of the registered office address; and
• changes in persons with significant control.

These filings are generally accessible to the public and may be inspected or obtained through the CAC portal. often upon the payment of prescribed fees.

Non-Compliance

Failure to comply with statutory filing obligations within the prescribed timelines may attract penalties, which may take the form of either one-off fines or daily default fines, depending on the nature of the breach. Failure to file annual returns as and when due may also result in the company being classified as inactive on the CAC portal. Continued non-compliance for a period of ten consecutive years may ultimately lead to the company being struck off the register.

Regulatory and Supervisory Powers of the CAC

The CAC exercises broad oversight functions, including the authority to:

• register and regulate companies;
• inspect corporate records for compliance with statutory requirements;
• investigate breaches of CAMA and impose sanctions or corrective measures; and
• strike off companies that are non-compliant or no longer in operation.

Digital Compliance Reforms

In recent years, the CAC has introduced digital reforms aimed at improving efficiency and transparency, with all statutory filings now processed electronically through its online portal.

Nigeria’s anti-money laundering (AML) regime is aligned with global standards set by the Financial Action Task Force (FATF) and implemented through local laws and regulators, including the Nigerian Financial Intelligence Unit (NFIU), CBN, SEC and Special Control Unit Against Money Laundering.

AML obligations vary by risk profile, with enhanced requirements for banks, fintechs, capital market operators, casinos, real estate businesses and other Designated Non-Financial Businesses and Professions (DNFBPs). Under the Money Laundering (Prevention and Prohibition) Act 2022, large and suspicious transactions must be promptly reported to the NFIU, detailed records retained for at least five years, and customer due diligence conducted, including disclosure of beneficial owners through the CAC register.

AML compliance is a board-level responsibility: regulators require boards to approve AML policies, oversee risk management, support independent compliance functions, and receive regular reports. Directors may face personal liability where AML breaches occur through their consent, connivance or neglect, including criminal exposure in serious cases, while companies risk fines, asset forfeiture or winding-up. The law nevertheless protects directors and employees who make AML reports in good faith from civil or criminal liability.

In accordance with CAMA, every company except a small company as defined under Section 394(3), or a company that has not commenced business since incorporation, is required to appoint an external auditor to audit its financial statements.

A fundamental requirement governing the auditor–company relationship is independence. To safeguard this, an auditor is generally not permitted to serve the same company for more than ten consecutive years, after which a seven-year cooling-off period must be observed before reappointment. The audit engagement partner is also required to rotate every five years. A cooling-off period is also expected before any member of the audit team may be employed by the company, to avoid conflicts of interest.

Companies are further expected to establish clear policies governing the appointment and independence of external auditors, including defining the permissible scope of any non-audit services that may be provided by the auditor.

In Nigeria, geopolitical risk is not governed by a single dedicated framework but is instead addressed through sector-specific regulatory requirements and enterprise risk management expectations set by regulators such as the CBN and SEC.

Under the NCCG 2018 and other sector-specific regulations, the board of directors has primary responsibility for risk management and internal controls, and is required to establish a robust risk management framework to identify, assess and mitigate risks, and ensure its integration into day-to-day operations. This oversight is typically exercised through the Board Audit and Risk Management Committee, which monitors risk exposures, reviews internal control effectiveness, and ensures regular updates in response to emerging risks.

Operational responsibility for managing geopolitical and other enterprise risks is delegated to management, particularly the Risk and Compliance functions, which report periodically to the board.

Sanctions compliance is also subject to board oversight, usually through the Audit or Risk Committee. Management is responsible for implementing sanctions screening and compliance controls to prevent dealings with sanctioned individuals, entities or jurisdictions, while the board ensures appropriate systems are in place and receives regular compliance updates.

ESG reporting in Nigeria is currently governed by a combination of corporate governance codes, capital market regulations, financial reporting standards and sector-specific requirements, with a gradual transition toward IFRS S1 and S2 adoption.

Companies are generally required to:

• disclose annual compliance with the NCCG 2018, including clear information on governance structures, policies and practices, and environmental and social risks and opportunities;
• file corporate governance and material ESG risk disclosures with the SEC, particularly for public companies;
• provide ESG-related disclosures under NGX listing rules, including material ESG risks;
• include governance and risk disclosures in financial reporting in line with FRCN requirements and applicable IFRS standards; and
• comply with sector-specific ESG requirements issued by regulators such as the CBN, NAICOM and others, depending on industry.

Nigeria’s corporate landscape is currently undergoing a significant transformation in relation to sustainability and ESG reporting. The federal government has formally endorsed the IFRS S1 (General Requirements for Disclosure of Sustainability-related Financial Information) and IFRS S2 (Climate-related Disclosures) standards, aligning Nigeria with globally recognised sustainability reporting frameworks.

In support of this transition, key regulators including the FRCN, SEC, NGX and CBN have developed a co-ordinated roadmap to progressively transition companies from voluntary to mandatory ESG disclosure.

The current phase is a voluntary adoption period, during which companies are expected to begin building internal capacity, strengthening data collection systems and integrating ESG considerations into governance, risk management and financial reporting processes. This transition period is intended to allow organisations to align their reporting frameworks with IFRS S1 and S2 requirements ahead of full implementation.

This voluntary phase runs until 31 December 2027, after which mandatory compliance will be phased in. From 1 January 2028, ESG reporting will become mandatory for all public interest entities in Nigeria. At that stage, affected entities will be required to provide structured, consistent and auditable sustainability disclosures, including climate-related risks and opportunities, governance oversight and impact on financial performance.

This regulatory shift represents a major evolution in Nigeria’s corporate reporting environment, moving from fragmented sustainability disclosures toward a standardised, globally aligned ESG reporting regime.

In Nigeria, board oversight of AI is currently governed by a combination of general corporate governance duties, data protection law, sector-specific regulation and emerging national AI policy, rather than a dedicated AI statute. Boards are not required to establish AI-specific committees nor appoint AI specialists, but are expected to actively oversee AI-related risks, controls and compliance as part of their fiduciary and governance responsibilities.

Under CAMA, directors owe duties of care, skill and diligence, which extend to oversight of material risks arising from the deployment of AI systems. The Nigeria Data Protection Act 2023 further strengthens this obligation where AI involves personal data, requiring appropriate governance, accountability and, where applicable, data protection impact assessments for high-risk processing, such as automated decision-making and profiling.

Sector regulators (particularly in financial services and capital markets) also expect boards to oversee technology-driven risks, including algorithmic decision-making, model risk, cybersecurity and compliance failures. These responsibilities are typically discharged through existing Audit, Risk or Compliance Committees, rather than AI-specific structures.

In addition, Nigeria’s National Artificial Intelligence Strategy (2024–2030) and proposed AI legislation indicate a policy shift towards more formalised AI governance, including clearer expectations around ethical use, risk management and senior-level accountability.

Overall, while Nigeria does not yet impose explicit statutory requirements for AI-focused board structures, boards are already expected to ensure robust oversight of AI-related risks within existing governance, risk and compliance frameworks, with more prescriptive obligations likely to emerge as regulation evolves.

Nigeria does not yet have a dedicated AI statute, but AI-related risks including reputational, ethical, data protection and cybersecurity risks are addressed through a combination of existing governance frameworks, including internal policies. These frameworks require boards to oversee technology-driven risks, ensure adequate controls and protect stakeholder trust and corporate reputation.

Key developments in 2025 include the implementation phase of Nigeria’s National Artificial Intelligence Strategy (2024–2030), increased regulatory focus on automated systems in regulated sectors (especially finance), and continued legislative activity around proposed AI-specific bills. These developments signal a shift toward risk-based AI governance, greater accountability and clearer expectations for senior management and board oversight, even ahead of formal AI legislation.

In practice, AI strategy and oversight sit with the board, as part of its overall responsibility for strategy and risk. Day-to-day AI risk management is typically handled by management, supported by compliance, legal, IT and data protection functions. Oversight and assurance are commonly exercised through existing Risk, Audit or Compliance Committees, rather than standalone AI committees.

Although Nigeria does not yet have AI-specific liability legislation, boards and officers face significant potential liability exposure arising from the use of AI under existing corporate, regulatory, data protection and criminal law frameworks.

• Disclosure and governance failures: directors may be liable where AI materially affects business operations or risk profiles but is not adequately disclosed or properly overseen. This may constitute a breach of fiduciary duties under CAMA, particularly where boards fail to exercise reasonable care, skill and diligence in supervising AI-related risks.
• Unfair or discriminatory outcomes: AI-driven decisions (such as credit scoring, recruitment, pricing or profiling) may give rise to bias, unfairness or lack of transparency. This can trigger liability under the Nigeria Data Protection Act 2023, consumer protection principles, and directors’ general duties to act fairly and in good faith.
• Data protection and cybersecurity breaches: AI systems often process large volumes of personal data, increasing exposure to breaches, unlawful profiling or excessive processing. Boards may face regulatory sanctions or civil liability for inadequate oversight of data protection, security controls and incident response mechanisms.

• Operational and safety failures: where AI systems malfunction or are improperly deployed, particularly in regulated or safety-critical sectors, directors may be exposed for weak internal controls, inadequate risk management or failure of supervision.
• Intellectual property and confidentiality risks: AI use may result in IP infringement, leakage of confidential information or misuse of proprietary data. Liability may arise where governance and control over AI tools and data inputs are insufficient.
• Reputational harm: AI-related incidents (such as bias, misinformation or unethical deployment) can lead to significant reputational damage. Boards may face scrutiny or shareholder action where such risks were foreseeable but not properly managed.

Liability may arise through multiple channels, including:

• regulators (eg, NDPC, SEC, CBN and sector regulators) imposing administrative sanctions and compliance penalties;
• shareholders, through derivative or direct actions for breach of directors’ duties;
• affected individuals or counterparties, via civil claims such as negligence, misrepresentation or data protection breaches; and
• law enforcement agencies, where AI use involves fraud, cybercrime or other criminal conduct.

In Nigeria, while AI-specific liability rules are not yet codified, existing legal frameworks already create meaningful exposure for boards and officers. Liability primarily arises from failures in governance, oversight, disclosure and compliance rather than from AI use itself, making strong board-level supervision essential.

Nigeria does not currently impose AI-specific mandatory disclosure requirements. However, existing corporate, securities and data protection frameworks create indirect disclosure obligations where AI use is material to a company’s operations, risks or financial position.

Under CAMA, directors must ensure that annual reports fairly disclose material risks and governance matters, which may include AI-related risks and governance issues where relevant. For listed companies, SEC and NGX rules require disclosure of all material information relevant to investors, including AI-related risks, incidents or dependencies that could affect performance, compliance or reputation, even though AI is not explicitly referenced.

The Nigeria Data Protection Act 2023 further drives disclosure expectations for AI systems involving automated decision-making, profiling or high-risk data processing, particularly in the event of data breaches or significant incidents.

In practice, AI disclosures in Nigeria are principles-based rather than prescriptive, and typically appear within risk factor disclosures, internal control and governance sections, ESG narratives or prospectus risk disclosures where AI is central to the business model.