The Nigerian Fintech Landscape in 2025

Nigeria began 2025 as Africa’s most active fintech hub by deal count. While the country continued to host the largest concentration of fintech companies on the continent, the funding landscape shifted in ways that signalled both resilience and structural vulnerability. According to the Central Bank of Nigeria’s (CBN) 2025 Fintech Strategy Report, titled “Shaping the Future of Fintech in Nigeria: Innovation, Inclusion, and Integrity” (the CBN Fintech Strategy Report or the Report), the Nigerian fintech industry expanded by approximately 70% in 2025.

Nigeria witnessed several landmark transactions in 2025:

• LemFi recorded a USD53 million Series B raise in January, and now serves over one million users across the US, UK, Canada and Europe;
• Moniepoint completed its USD200 million Series C round and achieved unicorn status;
• Raenest raised USD11 million in Series A funding to expand its services for remote workers across Africa;
• Kredete raised USD22 million in its Series A round to support credit access and stablecoin transfers across over 40 African countries; and
• Payaza obtained Securities and Exchange Commission (SEC) approval to issue up to NGN20 billion under its NGN50 billion commercial paper programme, signalling the growing sophistication of local capital markets as a funding source for fintechs.

Consolidations were rampant in 2025, with examples including:

• Moniepoint’s acquisition of a 78% stake in Kenya’s Sumac Microfinance Bank to facilitate its East African expansion;
• Uber-backed Moove’s acquisition of Brazilian car rental startup Kovi;
• LemFi’s acquisition of Irish currency exchange platform Bureau Buttercrane, and then UK-based credit card issuer Pillar;
• C-One Ventures’ acquisition of Nigerian fintech Bankly;
• BAS Group’s acquisition of a majority stake in Zuvy Technologies; and
• Flutterwave’s acquisition of Mono, Nigeria’s leading open banking Application Programming Interface (API) provider.

Several new investment funds were established in 2025 with specific focus on Nigerian and African technology space, such as:

• the USD150 million Opportunity Growth Fund created by Nigerian Capital Development Fund (NCDF) alongside the National Board for Technology Incubation;
• Fund II (VP II) launched by Ventures Platform GP Limited;
• the USD28 million Impact Innovation Fund launched by Nigeria Sovereign Investment Authority (NSIA) alongside the Japan International Cooperation Agency;
• the USD4 million Africa Blockchain Fund launched by StarkWare; and
• the iDICE programme launched by the Nigerian government.

Regulatory Developments in 2025

Investments and Securities Act (ISA) 2025

The ISA repealed and replaced the Investment and Securities Act 2007, and introduced various changes to the landscape, particularly with the codification of the SEC’s regulatory powers over digital and virtual assets. It explicitly designated virtual and digital assets as securities, and broadened the scope of “securities exchanges” to include Digital Asset Exchanges (DAXs) and Digital Asset Offering Platforms (DAOPs).

Relatedly, the ISA significantly expands the powers of the SEC, including by providing a clearer mandate to regulate the derivatives market and commodities ecosystem. The Act explicitly criminalises Ponzi schemes, mandates the use of Legal Entity Identifiers (LEIs) for capital market transactions and introduces enhanced whistle-blower protection mechanisms.

Nigerian Insurance Industry Reform Act (NIIRA) 2025

The NIIRA repealed and replaced the Insurance Act of 2003, significantly overhauling the existing regulatory landscape for insurance operations by consolidating foundational insurance legal frameworks, raising capital thresholds and effectively bringing insurtech under its framework.

Nigeria Tax Act (NTA) 2025 and Nigeria Tax Administration Act (NTAA) 2025

There was an overhaul of the tax framework in Nigeria in 2025, effective in 2026. Relevant key overhauls include the statutory classification of digital and virtual assets as chargeable assets, and subjecting profits or gains from transactions in digital or virtual assets to income tax (chargeable gains). The NTAA mandates Virtual Asset Service Providers (VASPs) to file monthly returns with the Nigeria Revenue Service (NRS), with accompanying penalties for default.

SEC Framework for Virtual Asset Service Providers and Digital Assets

The Accelerated Regulatory Incubation Program (ARIP) Framework was launched by the SEC in June 2024 to onboard VASPs and Digital Investment Service Providers (DISPs) in cohorts, and continued to apply in 2025 in the absence of the implementation of the SEC Rules for Issuance, Offering and Custody of Digital Assets 2022 (the Digital Assets Rules). However, the SEC did not issue an approval in principle nor admit any VASP to the programme in 2025, despite pending applications by various VASPs. Also, amended Digital Assets Rules were issued in 2024, introducing several notable provisions, including higher fees and capital requirements, and were expected to take effect from 30 June 2025, but it now appears that they have been postponed for the foreseeable future.

Interestingly, In January 2026, the SEC issued Circular No 26-1 revising minimum capital requirements for all categories of regulated capital market entities, including VASPs. The revised framework stipulates that compliance is required by 30 June 2027.

Federal Competition and Consumer Protection Commission (FCCPC) Digital, Electronic, Online or Non-Traditional Consumer Lending Regulations (DEON Regulations) 2025

The DEON Regulations establish a comprehensive framework for regulating digital and non-traditional consumer lending in Nigeria, replacing the Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending 2022.

The DEON Regulations ban predatory practices, including harassing customers or their contacts, sending defamatory messages, and gaining unauthorised access to sensitive data such as contact lists. They have a very broad scope and state that FCCPC approval should be procured prior to engaging in digital or non-traditional consumer lending. Notably, the DEON Regulations expressly specify that banks or financial institutions licensed pursuant to the Banks and Other Financial Institutions Act (BOFIA) 2020 are not considered lenders or service providers under the Regulations. Similarly, they specify that entities that are licensed by the CBN as microfinance banks may apply to the FCCPC for a waiver from registration.

The foregoing carveouts are likely results of the provisions of Section 65(1) of BOFIA, which stipulates that the provisions of the FCCPA (and by extension regulations and guidelines made pursuant thereof) are not applicable to any function, act, financial product, financial services issued or undertaking, or transaction howsoever described by a bank or other financial institutions licensed by the CBN. However, this does not imply that such entities have no obligations on consumer protection: rather, the CBN has fashioned industry-specific consumer protection frameworks, regulations and bills of rights that will govern such entities, including digital lending.

The FCCPC also issued the Digital, Electronic, Online or Non-Traditional Consumer Lending Guidelines 2025 (the DEON Guidelines), which became effective on 18 November 2025, to contextualise, clarify and supplement the provisions of the DEON Regulations.

NAICOM Insurtech Guidelines

In July 2025, the National Insurance Commission (NAICOM) issued the Guidelines for Insurtech Operations in Nigeria (the Insurtech Guidelines), which recognise two categories of insurtechs:

• standalone insurtech, which operate independently but are precluded from certain insurance operations; and
• partnering insurtech, which collaborate with insurance institutions to improve or complement existing operations.

The guidelines are aimed at providing standards for the establishment and operations of insurtech in Nigeria, facilitating innovation while protecting consumers from potential risks, and supporting Nigeria’s digital ecosystem, business and economy.

Importantly, the Insurtech Guidelines mandate that all insurance institutions and insurtech firms operating under any agreement, whether called insurtech business or otherwise, must comply with the provisions of the Insurtech Guidelines within 30 days of them coming into effect.

CBN Agent Banking, POS and payments infrastructure

The CBN issued the revised Guidelines for the Operations of Agent Banking in Nigeria in October 2025, repealing the 2013 guidelines and, among other things, introducing an exclusivity regime under which each agent may operate only under a single principal and within the network of one super-agent at any given time.

In August 2025, the CBN directed all licensed payment operators to migrate to the ISO 20022 payment and settlement messaging standard, by 21 October 2025. It also introduced mandatory geo-tagging for all POS terminals, and prohibited merchants and agents operating POS terminals from carrying out transactions beyond a radius of ten metres from their registered business locations. The CBN subsequently issued a further circular mandating dual connectivity for all acquirers, processors and payment terminal service providers – ie, connection to the two licensed Payment Terminal Service Aggregators (PTSAs), the Nigeria Inter-Bank Settlement System (NIBSS) and Unified Payments Services Limited (UPSL), to ensure automatic failover in the event of downtime or service disruptions.

NDPC General Application and Implementation Directive 2025

In March 2025, the Nigeria Data Protection Commission (NDPC) issued the Nigeria Data Protection Act (NDPA) 2023: General Application and Implementation Directive (GAID), which took effect on 19 September 2025, after a six-month transition period.

The GAID establishes a comprehensive operational framework for the application, interpretation and enforcement of the NDPA, and provides further guidance on various matters, such as:

• the designation and credentialing of Data Protection Officers (DPOs);
• mandatory compliance audits;
• the conduct of Data Protection Impact Assessments;
• breach notification protocols; and
• cross-border data transfer requirements.

The GAID introduces a tiered categorisation system for data controllers and processors of major importance (DCPMI), classifying them into Ultra-High Level (UHL), Extra-High Level (EHL) and Ordinary-High Level (OHL) categories, with registration and filing obligations varying accordingly.

Nigerian Fintech Regulatory Commission Bill 2025

Under this proposed Bill, the Nigerian Fintech Regulatory Commission (NFRC) would serve as a single gateway for authorisation and compliance. Fintech operators would be required to obtain individual or class licences from the NFRC, depending on their core activity, and the NFRC could take enforcement steps for non-compliance with the provisions of the Bill. A key concern with the Bill lies in the practical question of enforcement, particularly in light of the existing multiplicity of regulatory frameworks and overlapping mandates within Nigeria’s financial services landscape.

CBN Fintech Strategy Report

In February 2026, the CBN published its landmark Fintech Strategy Report, based on a quantitative fintech survey, a June 2025 closed-door stakeholder workshop, and an October 2025 CBN Fintech Roundtable. The Report’s key proposals include the establishment of:

• a Standing Fintech Engagement Forum modelled on the Bankers’ Committee;
• a Single Regulatory Window to co-ordinate licensing across multiple agencies; and
• a Compliance-as-a-Service (CaaS) utility shared platform that would allow fintechs to meet reporting obligations centrally.

It also called for expansion of the CBN’s regulatory sandbox to cover artificial intelligence (AI), cross-border payments and embedded finance, with a “test-then-codify” approach that converts sandbox learnings into formal rules.

CBN letter on compliance with regulatory provisions on advertisement and immediate withdrawal of non-compliant advertisements

In November 2025, the CBN issued a circular introducing enhanced compliance requirements governing advertising and promotional practices. The circular reiterated that all advertisements must be notified to the CBN (albeit no specific approval is required), and set out the standards to be met by advertisements.

All institutions are required to immediately withdraw any existing advertisement that does not comply with the stipulated standards and, within 30 days of the circular, submit a compliance attestation jointly signed by the Managing Director or Chief Executive Officer, the Executive Compliance Officer and the Chief Compliance Officer, confirming full alignment of all advertising and promotional practices with applicable laws, regulations and internal governance protocols.

CBN circular on mandatory dual connectivity to the PTSAs

In December 2025, the CBN issued a circular mandating all acquirers, processors and PTSPs (collectively, the Mandatory Stakeholders) to connect to the two licensed PTSAs – NIBSS and UPSL. Mandatory Stakeholders were to establish and maintain active connectivity with and configure all POS transaction routing systems to the two PTSAs. The implementation timeline was fixed as one month from the date of the circular.

Forecasting Nigeria’s Fintech Market Growth in 2026

Recapitalisation

The Nigerian fintech space in 2026 will largely be dominated by recapitalisation exercises across its banking, capital market, pension and insurance industries.

In March 2024, the CBN issued a circular increasing minimum capital requirements for banks, with a compliance deadline of 31 March 2026. Under the revised framework, commercial banks with international authorisation are required to maintain minimum paid-up capital (comprising paid-up share capital and share premium only) of NGN500 billion, while national and regional commercial banks must meet thresholds of NGN200 billion and NGN50 billion, respectively. Merchant banks are required to maintain a minimum paid-up capital of NGN50 billion, while non-interest banks must meet minimum capital thresholds of NGN20 billion (national) and NGN10 billion (regional).

The recapitalisation is expected to enhance risk absorption capacity, and is already positioning Nigerian banks to better support large-scale financing transactions.

Similarly, the SEC issued Circular No 26-1 in January 2026, increasing minimum capital requirements across a range of SEC-regulated entities, with a compliance deadline of 30 June 2027. Notable requirements include the increase in minimum capital for brokers (client execution only) from NGN200 million to NGN600 million, for dealers (proprietary trading) from NGN100 million to NGN1 billion, and for broker-dealers from NGN300 million to NGN2 billion.

In September 2025, the National Pension Commission (PenCom) issued a circular (PenCom Circular) prescribing revised minimum capital requirements, with a compliance deadline of 31 December 2026, which was subsequently extended to June 2027. The PenCom Circular stipulates that the revised minimum capital requirement for Pension Fund Administrators (PFAs) will be calculated based on Shareholders’ Fund unimpaired by losses, minus the Statutory Reserve Fund, and is stratified as follows:

• Category A, consisting of PFAs with Assets Under Management (AUM) of NGN500 billion and above, are required to maintain a minimum capital of NGN20 billion + 1% of (AUM – NGN500 billion);
• Category B, consisting of PFAs with AUM below NGN500 billion, are required to maintain a minimum capital of NGN20 billion; and
• Category C consists of the NPF Pensions Limited, which is required to maintain a minimum capital of NGN30 billion, and the Nigerian University Pension Management Company Limited, which is required to maintain a minimum capital of NGN20 billion.

PenCom further directed that the minimum capital requirement for a new PFA Licence shall be NGN20 billion, effective from the date of the PenCom Circular.

The PenCom Circular also prescribes a new capital threshold for Pension Fund Custodians (PFCs), calculated based on Shareholders’ Fund, unimpaired by losses, determined as follows: NGN25 billion + 0.1% of Assets Under Custody (AUC) for existing PFCs and NGN25 billion for new PFCs.

The NIIRA also mandates higher minimum capital requirements for insurance companies:

• life insurance companies must now have a risk-based capital (RBC) determined by NAICOM or NGN10 billion;
• non-life insurance companies must have NGN15 billion; and
• reinsurance companies must have NGN35 billion, with a compliance deadline of 30 July 2026.

NAICOM also issued Guidelines on Minimum Capital Requirement for Insurance and Reinsurance Companies in Nigeria 2025 (MCR Guidelines), to provide guidance. As a preliminary step, operators were required to submit their recapitalisation plan and relevant information to NAICOM by 30 September 2025.

Inflation rate and FX

The macroeconomic outlook improved significantly in 2025 compared to 2024. Nigeria’s annual inflation rate declined steadily: headline inflation fell to 14.45% in November and rose to 15.15% in December 2025.

The foreign exchange market also strengthened compared to 2024. The naira appreciated by approximately 5.23% against the US dollar in 2025. Relatedly, in July 2025, major banks announced that the practice of using naira cards for international web transactions, which was suspended in 2022, would be resumed going forward, thereby rendering fintechs that offered workarounds redundant.

Consolidation

The Nigerian fintech ecosystem is heading toward aggressive consolidation, especially in light of the anticipated recapitalisations. The nine leading Nigerian fintech firms are valued at a combined USD10.6 billion as of early 2026, with Flutterwave at USD3 billion, OPay at USD2.75 billion, and Moniepoint at approximately USD1 billion. However, various fintechs face likely consolidation or acquisition.

The most prevalent fintech business models in Nigeria are:

• payments and remittances;
• lending and financing services;
• investech; and
• personal finance.

Payments and Remittances

The payments subsector continues to attract significant investor and regulatory interest. In Q1 2025 alone, electronic payment transactions reached NGN284.99 trillion, reflecting 17.7% year-on-year growth. POS transactions rose to NGN10.51 trillion, representing a 301.67% increase from Q1 2024.

Remittance products continue to expand. International Money Transfer Operators (IMTOs) now support not only personal remittances but also inbound business-to-person and business-to-business transfers under the Reviewed Guidelines for International Money Transfer Services (Reviewed IMTS Guidelines). Diaspora inflows rose to approximately USD23 billion in 2025, driven by competitive exchange rates and the introduction of the non-resident BVN platform.

In April 2025, the CBN released documentation requirements for Pan-African Payment and Settlement System (PAPSS) transactions, permitting individuals to send up to USD2,000 and corporates up to USD5,000 with basic KYC and AML documentation.

Fintech innovation also accelerated, with Moniepoint launching MonieWorld for UK–Nigeria transfers, Kuda relaunching its multi-currency wallet, and Flutterwave enabling stablecoin-based merchant settlement through its partnership with Polygon.

Lending and Financing

Digital lending services continue to proliferate the Nigerian fintech space. The ability to provide quicker loans through a simplified lending process (mostly without collateral) gives this model a competitive advantage/risk-point over traditional lending. A significant regulatory development in 2025 was the issuance of the DEON Regulations (see 1.1 Evolution of the Fintech Market).

Investech

Investech start-ups continue to leverage technology to allow Nigerians to invest their funds across local and foreign asset classes. The operations of investech have been affected by the emergence of the ISA and the SEC’s Circular No 26-1 (see 1.1 Evolution of the Fintech Market).

Personal Finance

Personal finance applications remain popular, with fintech offering savings, bill management, account aggregation and credit management solutions. The anticipated introduction of open banking, while delayed from its August 2025 target to early 2026, is expected to significantly enhance the capabilities of personal finance applications by enabling access to bank transaction data through standardised APIs.

Nigeria operates a three-tier federal system of government, with powers shared among the federal, state and local governments by the Constitution of the Federal Republic of Nigeria, 1999 (as amended). Banking regulation falls within the exclusive jurisdiction of the federal government, and federal laws govern most fintech operations. However, state laws and local government by-laws regulate certain activities, including money lending, pawn-broking, co-operative societies and matters such as rates, outdoor advertising, and the operation of shops and kiosks, respectively.

Fintech companies are generally subject to the regime applicable to other companies operating similar businesses or models in a particular sector.

Payments

This subsector is principally regulated by BOFIA, supplemented by guidelines issued by the CBN. In 2025, the CBN issued significant new regulations affecting the payments subsector, including:

• the Guidelines for the Operations of Agent Banking in Nigeria (October 2025);
• the circular mandating migration to the ISO 20022 payment messaging standard and mandatory geo-tagging of all POS terminals (August 2025);
• the circular mandating dual connectivity to licensed PTSAs; and
• the exposure draft Guidelines on the Operations of ATMs in Nigeria (October 2025) (see 1.1 Evolution of the Fintech Market).

Separately, in June 2025, NIBSS introduced the National Payment Switch (NPS) to complement the NIBSS Instant Payment (NIP) and enhance innovation within the payments ecosystem.

Lending and Financing

In order to simultaneously hold deposits and engage in lending or financing operations in Nigeria, fintech companies require a commercial banking licence (national or regional), a merchant banking licence, or a specialised banking or microfinance bank (MFB) licence (national, state or unit). Fintech companies seeking to provide lending services across the country without holding deposits may procure a finance company licence from the CBN. Alternatively, fintech companies that intend neither to hold deposits nor provide lending services across the entire country may operate with a Money Lender’s licence pursuant to the money lender laws of the relevant state(s) in which they operate.

A critical new layer of regulation was added in 2025 when the FCCPC issued the DEON Regulations (see 1.1 Evolution of the Fintech Market).

Investech

Entities engaged in the provision of investment services must register with the SEC as capital market operators. The ISA significantly strengthened the SEC’s regulatory powers over the capital market, including formal recognition of virtual and digital assets as securities, enhanced oversight of derivatives markets, and new provisions for commodities exchanges. The SEC subsequently issued Circular No 26-1 in January 2026, revising minimum capital requirements for all categories of regulated capital market entities, with compliance required by 30 June 2027.

Personal Finance

In order to accept deposits from customers, fintech companies are required to obtain any of the banking licences discussed under Lending and Financing, above. In practice, however, fintech companies offering personal finance services in Nigeria typically operate through partnerships with established MFBs or other deposit money banks. Fintech companies have also begun to acquire MFB licences to deliver such products.

Financial Services Through Telecommunications Infrastructure

Under the Licence Framework for Value Added Services, the Nigerian Communications Commission (NCC) is responsible for the regulation of businesses that offer financial services by leveraging mobile phones or other telecommunications infrastructure.

Compensation models for industry participants vary depending on the business model.

For payment services, the compensation model is highly regulated. Companies in this subsector profit by receiving a percentage of the transaction fees that are typically charged when making payments in accordance with the Electronic Payment Guidelines and the CBN Circular on the Implementation of Interchange Fee (the Interchange Guidelines).

For online lending, the money lender laws of various states prescribe limitations on the interest on loans that money lenders may impose.

In Nigeria, most fintech companies are regulated under the same framework as legacy financial institutions. BOFIA explicitly recognises payment service providers (PSPs) and IMTOs as financial institutions, subject to the same regulatory requirements as traditional players such as finance companies. The distinction between fintechs and legacy institutions is further blurred as legacy players increasingly develop products to compete with fintech offerings.

The CBN Sandbox Regulations released in January 2021 set out the requirements for conducting live tests on innovative products, services and other solutions in a controlled environment, and CBN admitted selected applicants into its regulatory sandbox programme in 2023. The CBN’s Fintech Strategy Report proposes expanding the CBN sandbox to cover AI, cross-border payments and embedded finance, with a “test-then-codify” approach that converts sandbox learnings into formal rules.

The SEC also operates a Regulatory Incubation Program, aimed at targeting individuals and businesses planning to launch an innovative product or process in the Nigerian capital market. The SEC also introduced the ARIP as an interim sandbox specifically for VASPs, and admitted entities into its first and only cohort thus far in 2024.

NAICOM has also introduced a regulatory sandbox programme for eligible applicants, and in 2025 issued the Guidelines for Insurtech Operators in Nigeria, creating a specific licensing framework for insurtechs.

The legislation establishing various regulators specifies the jurisdiction of such regulators.

• The CBN is the apex monetary authority in Nigeria and is responsible for the regulation of all banks and other financial institutions operating in Nigeria, as defined in BOFIA. The bulk of fintech companies in Nigeria deal in payment/financial services and, as such, squarely come within the regulatory purview of the CBN. Instructively, the provisions of BOFIA are, pursuant to Section 53 of the Act, applicable to a matter or issue notwithstanding the provisions of all other applicable laws on that matter or issue, insofar as they relate to banks, other financial institutions and specialised banks; where any provisions of the other applicable laws are inconsistent with any of the provisions of BOFIA, the provisions of BOFIA shall prevail.
• Nigeria’s primary regulatory body for investments and capital markets transactions is the SEC, which largely regulates fintech companies that provide investments solutions, equity crowdfunding and VASPs. In the same vein, certain fintech companies that offer the option of pooling together capital from individual investors towards investment in certain asset classes (collective investment schemes) must be registered with the SEC.
• NAICOM regulates the insurance industry in Nigeria. Its jurisdiction extends to insurtech companies that carry on insurance businesses.
• The NDPC oversees the implementation of the NDPA, and regulates the processing of personal information, along with related matters. The NDPC’s purview over fintech is hinged on the processing of personal data by fintechs.
• The NCC is empowered by the Nigerian Communications Act 2003 to regulate the telecommunications industry in Nigeria. Thus, fintech companies offering services that involve the use of mobile networks or mobile phones, such as mobile money, are subject to the NCC’s regulatory purview and must obtain operating licences from the NCC.
• Finally, the FCCPC is Nigeria’s apex regulator for consumer protection and competition matters. Acting as the regulatory authority with responsibility for implementing the FCCPA, the FCCPC regulates the activities of fintech companies, aiming to protect the rights of consumers under the FCCPA.

Fintech regulators in Nigeria do not traditionally issue “No-Action” letters in the same way as regulators in some other countries do, such as the US Securities and Exchange Commission. However, Nigerian regulators do provide regulatory clarity and approvals through mechanisms such as approvals-in-principle, “No-Objection” letters and guidelines, circulars or exemptions to provide regulatory clarity on specific fintech activities that fall within their jurisdiction.

Generally, powers conferred by financial services licences cannot be transferred or assigned without regulatory approval. However, exceptions exist. For example, pursuant to the CBN Guidelines for the Regulation of Agent Banking and Agent Banking Relationships in Nigeria, certain financial services may be provided by a third party (agent) to customers on behalf of deposit money banks or mobile money operators (as vendors). Vendors must seek CBN approval, outlining the scope of agent banking activities, responsibilities, risk management, internal controls and operational procedures. Parties must also execute service level agreements and agent banking contracts acceptable to the CBN.

BOFIA imposes an obligation on financial institutions (including fintech companies operating as digital banks, IMTOs, PSPs and fintech companies whose objectives include investment management) to adopt policies committing to compliance with AML/CFT obligations, and to implement controls to prevent transactions linked to criminal activity, money laundering or terrorism.

More specifically, the CBN AML/CFT Regulations 2022 require financial institutions to, among other things:

• adopt customer due diligence measures to identify and verify their customers; and
• monitor and report transactions that may be deemed suspicious.

2025 saw a shift from policy formulation to active enforcement by several regulators.

On data protection, the NDPC fined Meta Platforms USD32.8 million, Multichoice NGN766.2 million, and Fidelity Bank NGN555.8 million for NDPA violations. In August 2025, it published a compliance list of 1,369 non-compliant organisations.

On AML, the CBN fined 29 banks a total of approximately NGN15 billion in late 2024, setting a strong enforcement tone for 2025. In April 2025, the CBN issued a circular reminding banks and PSPs of their AML/CFT obligations, and warning of sanctions for non-compliance. In May 2025, it released an exposure draft of Baseline Standards for Automated AML Solutions, which was finalised in March 2026, reflecting a move toward technology-driven compliance.

In December 2025, the Economic and Financial Crimes Commission (EFCC) arraigned the manager of Bill Interserve Global for failing to appoint a Compliance Desk Officer and implement AML measures under the Money Laundering (Prevention and Prohibition) Act 2022, highlighting officer-level liability.

The FCCPC began phased enforcement in January 2026 against digital money lending operators that had not regularised their status under the DEON Regulations by the 5 January 2026 deadline.

The issuance of non-financial services regulations has significant implications for both fintech companies and legacy financial institutions. The issuance of the GAID in 2025, for example, significantly raised the bar for data protection compliance, introducing:

• a tiered categorisation system for data controllers and processors of major importance;
• mandatory compliance audits;
• specific requirements for Data Protection Impact Assessments; and
• provisions for emerging technologies, including AI, IoT and blockchain.

The NTA and NTAA introduced significant provisions for the taxation of digital and virtual assets, classifying them as chargeable assets and mandating VASPs to file monthly returns with the tax authority.

Intellectual property laws such as the Nigeria Copyright Act, the Trade Marks Act and the Patents and Designs Act also require compliance with patent and copyright provisions and the assurance that any third-party software used is appropriately licensed. Both fintechs and legacy players must navigate these regulations to ensure legal compliance and maintain consumer trust in a rapidly evolving digital financial environment.

Provisions of the Companies and Allied Matters Act 2020 and Business Facilitation Act 2022 also affect the operations of fintech companies as distinct entities.

NIBSS continues to initiate and develop an integrated nationwide network for electronic or paperless payments, funds transfer and transaction settlement. In June 2025, NIBSS introduced the NPS to complement the NIP platform and enhance innovation within the payments ecosystem (see 2.2 Regulatory Regime).

Generally, it is not permissible for licensed/registered companies offering regulated products to offer unregulated products and services. Regulated entities in the financial services industry submit annual returns in respect of their operations/businesses and undergo an annual examination that will expose unregulated products/services. Nonetheless, certain participants offer regulated and unregulated products and services through the same legal entity.

The main legislation prohibiting money laundering in Nigeria is the Money Laundering (Prevention and Prohibition) Act 2022 (MLPA). The CBN’s AML/CFT Regulations regulate financial institutions under the CBN’s regulatory purview, and the SEC’s AML/CFT Regulations regulate institutions under the SEC’s regulatory purview. In 2025, the CBN issued the draft Baseline Standard for Automated AML and CFT Solutions, which establishes functional and technical requirements for AML systems in alignment with FATF recommendations.

Nigeria’s anti-money laundering and sanctions regulations are designed to align with the standards set by the FATF. Nigeria is a member of the Inter-Governmental Action Group against Money Laundering in West Africa (GIABA), a specialised institution of ECOWAS and the FATF Style Regulatory Body in West Africa.

The FATF added Nigeria to its “Grey List” in February 2023, citing significant deficiencies in the country’s AML/CFT framework. Following two years of intensive reforms addressing a 19-point action plan, the FATF Plenary in Paris officially removed Nigeria from the Grey List on 24 October 2025. The FATF commended Nigeria’s “significant progress in strengthening its AML/CFT regime”, and confirmed that all strategic deficiencies had been addressed.

Reverse solicitation is not a recognised concept under Nigerian law; instead, the key consideration is whether an entity is deemed to be “doing business” in Nigeria. This is determined by assessing the nature, manner, frequency and duration of its activities, and whether they create a real and substantial connection to Nigeria, such as targeting Nigerian customers, marketing in Nigeria, providing services through a fixed base or agents within Nigeria, or engaging in such activities on a continuous or repetitive basis (as opposed to isolated or preparatory activities). Where an entity does not meet this threshold, it will generally not be subject to Nigerian law, and its operations will instead be governed by the laws of the jurisdiction from which it conducts its business.

Robo-advisers for cryptocurrencies are classified as DISPs under the ARIP framework and are regulated accordingly. In contrast, robo-advisers dealing with other securities may fall under the Rules on Robo-Advisory Services issued by the SEC, which were introduced to govern the use of automated advisory services within the Nigerian capital market. While neither the ARIP nor the Rules prescribe specific business models, the Rules acknowledge that robo-advisory services may be fully automated, with no human intervention across the advisory process.

Robo-advisory solutions have been sparsely deployed in providing financial advisory services in Nigeria, as traditional (human) models remain popular. Nevertheless, numerous investech solutions (such as RiseVest and Cowrywise) use robo-advisory-based interfaces (ie, the process of gathering information from a client/user through surveys and questionnaires, then investing or providing investment recommendations based on such data). Predominantly, legacy asset management/stockbroking firms have implemented automated solutions more often for first-link interfaces with customers.

In July 2018, the Nigerian Exchange Group Plc (then the Nigerian Stock Exchange, or NSE) issued the Rules on Order Handling and Best Execution (NGX Order Handling Rules), with which stockbrokers/dealing members are required to comply in the execution of customer trades, whether they utilise technology solutions in their service offerings or not. In addition, the Robo-Advisory Rules set out compliance requirements and standards that robo-advisers in Nigeria are required to adhere to.

In Nigeria, there are differences in the business or regulation of loans based on the nature of the lender. Loans are typically provided under a banking or finance company licence issued by the CBN or a money lending registration issued by the money lending authority of the relevant state. Online or digital lenders continue to collaborate with MFBs or obtain MFB licences, thanks to relaxed application and compliance processes compared with traditional banks. For example, in February 2025, Nomba obtained an MFB licence to facilitate deposit-taking and loan issuance.

The most significant regulatory development for online lenders in 2025 was the issuance of the DEON Regulations (see 1.1 Evolution of the Fintech Market), which apply to all forms of digital lending, extending to service providers, partners and collaborators. They require registration with the FCCPC, ban predatory recovery practices, mandate full upfront disclosure of loan terms, and prohibit automatic or pre-approved lending. Penalties include fines of up to NGN100 million or 1% of annual turnover and a potential five-year director ban.

Online lenders use deep-learning algorithms to process vast amounts of data and, more accurately, quantify the risk of default to improve underwriting processes. The 2017 enactment of the Credit Reporting Act, which facilitates credit reporting and gathering, appears to strengthen the underwriting process, as the loans availed through these platforms are mostly provided without collateral. Separately, the Global Standing Instruction mandate of the CBN, effective since August 2020, facilitates loan recovery by banks from individual borrowers across the financial system.

However, no specific regulations provide for a particular underwriting process for online lenders in Nigeria. Thus, general requirements applicable to traditional players will apply to online lenders.

There is no specific source of funds unique to fintech companies for online lending in Nigeria. The most common source is equity raised by lenders. Other funding sources include loans from shareholders or third parties, deposit-taking activities, instruments from the debt capital markets, peer-to-peer bilateral funding, and securitisation. In 2025, Payaza’s successful NGN20 billion commercial paper raise demonstrated the growing use of local capital market instruments as a funding alternative for fintechs.

Loan syndications are common in Nigeria, primarily among traditional banking institutions, as opposed to online lenders, given that the value of loans typically disbursed through online lending platforms tends to be significantly smaller compared to the value of loans disbursed by traditional banking institutions.

Payment processors and payment gateways in Nigeria continue to operate within CBN established rails, including the Real Time Gross Settlement System. As discussed in 2.2 Regulatory Regime, NIBSS introduced the NPS to complement the NIP platform, enhancing processing efficiency and supporting open banking use cases such as Request to Pay, Direct Debits and improved merchant settlements. Furthermore, the CBN’s August 2025 circular mandating migration to the ISO 20022 messaging standard and its December 2025 circular requiring dual connectivity to both PTSAs (NIBSS and UPSL) reflect ongoing efforts to strengthen resilience and standardisation.

The CBN regulates cross-border payments and remittances, and also issues licences to organisations seeking to provide such services in Nigeria. The most relevant regulations for this sector are the PAPPS Guidelines, the Reviewed IMTS Guidelines and the Guidelines on International Mobile Money Remittance Services (IMMRS Guidelines).

The Reviewed IMTS Guidelines provide minimum standards for IMTOs, including permissible delivery channels and operational processes for international transfers. The IMMRS Guidelines complement this framework by enabling foreign exchange transactions via mobile applications.

The PAPSS Guidelines were issued with the objective of regulating cross-border payments within the African Continental Free Trade Agreement framework. They contain various limitations, such as transaction limits, which only apply to trade-backed and inward transactions.

In 2025, the CBN further reduced barriers to cross-border transactions through its circular dated 28 April 2025, which simplified documentation requirements for PAPSS transactions. Individuals may transfer up to USD2,000 and corporates up to USD5,000 using basic KYC and AML documentation, with full foreign exchange documentation required only above these thresholds.

In addition, the Non-Resident Nigerian Ordinary Account (NRNOA) and Non-Resident Nigerian Investment Account (NRNIA) schemes, introduced in January 2025, enable Nigerians abroad to remit and manage funds in both foreign and local currencies, thereby supporting remittance platforms and cross-border payment services.

The permissible platforms for trading securities in Nigeria depend on the type of security to be listed. The current permissible trading platforms for debt securities are the NGX and the FMDQ Securities Exchange Limited (FMDQ). Equity securities can be traded publicly on the NASD Plc (NASD OTC Securities Exchange) and NGX, whereas commodities can be traded on the AFEX Commodities Exchange Limited, the Lagos Commodities and Futures Exchange, the Nigeria Commodity Exchange and the FMDQ. Quidax and Busha are also recognised by the SEC as digital asset exchanges in Nigeria.

The NGX is responsible for listing, trading, technology, market data and other core exchange functions. The main regulation for listing on the NGX is the NGX Rulebook of 2015. The regulations for listing securities on the FMDQ include:

• the FMDQ Bond Listing and Quotation Rules December 2014;
• the FMDQ Short-Term Bonds Registration Process and Listing Rules 2016;
• the Sukuk Listing Rules 2017; and
• the FMDQ Commercial Paper Registration and Quotation Rules April 2021.

The regulation for listing on the NASD is the NASD OTC Market Rules.

FMDQ Private Markets Limited (a subsidiary of FMDQ Group Plc) offers a platform for the registration of instruments issued by private companies in the capital markets. This platform facilitates the disclosure of activities of private companies in the Nigerian capital markets by serving as an information repository – the information is recorded via a restricted access portal called the Private Companies’ Securities Information and Distribution Portal.

In addition, FMDQ Private Markets features three boards for private company bonds: the Private Companies’ Bonds (PCB) Main Board, the Growth Board, and the Cradle Board. The specific board on which a company is listed depends on the nature of the issuer and its ability to meet the relevant requirements.

The rules and regulations applicable to each asset class extend to securities listing, transaction monitoring, and compliance by members with the ISA, the SEC Rules and the various rules of the applicable exchanges and trade points.

The ISA grants the SEC the powers to regulate the derivatives market. In December 2019, the SEC approved and published rules that regulate both exchange-traded and OTC derivatives, as specified. Notwithstanding the foregoing and in line with the Digital Assets Rules and the ARIP, cryptocurrency-related transactions will likely be regulated under the foregoing rather than the broader rules on derivative trading.

The regulatory landscape for cryptocurrency underwent a transformative shift in 2025, moving from fragmented oversight to comprehensive statutory recognition with the issuance of the ISA 2025. Section 357 of the ISA 2025 formally classifies virtual and digital assets as securities and broadens the scope of “securities exchanges” to include DAXs and DAOPs. This provides a definitive statutory basis for regulation, placing all crypto operators under the mandatory oversight of the SEC. Relatedly, the NTA and NTAA statutorily introduced a clear tax regime for digital assets.

In terms of market developments, Flutterwave partnered with Polygon in October 2025 to enable stablecoin-based merchant settlement for cross-border payments. Kredete raised USD22 million to power credit access and stablecoin transfers across over 40 African countries. The SEC, CBN and EFCC have announced plans to track and freeze illicit digital wallets used for financial crimes using blockchain analytics and AI.

Companies seeking to list on the NGX must comply with its listing rules in the NGX Rulebook, and with the relevant provisions of the Companies and Allied Matters Act (CAMA), the ISA and the SEC Rules. Companies may be listed on the Main, Premium, Technology or Growth Boards, with the Main Board comprising three listing standards. Additional requirements apply to listings on the Premium, Growth and Technology Boards.

The FMDQ Securities Exchange Limited Bond Listing and Quotation Rules govern the quotation of securities – including bonds, mutual funds, exchange-traded funds and asset-backed securities – while the NASD OTC Securities Exchange Rules set out requirements for admission to the NASD OTC market.

In addition, the Business Facilitation Act introduced a regulated framework for bond issuances by private companies into the SEC’s New Rules and Sundry Amendments of 24 April 2025. Under this framework, private companies may issue bonds, debentures or sukuk to qualified investors, subject to SEC registration, a minimum three-year track record, an investment-grade rating and an issuance cap of NGN15 billion within any one-year period. The amendments also tightened requirements for public company bond issuances by mandating ratings for both the issuer and the instrument and, where the issuer is an SPV, requiring the sponsor’s rating or, absent a track record, a guarantee from an AAA-rated institution.

Private companies seeking to note securities on the FMDQ Private Companies’ Securities Information and Distribution Portal must also comply with applicable rules issued by FMDQ Private Markets, depending on the security type. The applicable guidelines include:

• Private Companies’ Bonds Noting Guidelines;
• Private Companies’ Notes Noting Guidelines;
• Sukuk Noting Guidelines;
• Private Companies’ Equities Noting Guidelines; and
• New Rules and Sundry Amendments to the Rules and Regulations of the SEC 2024.

No general order handling rules apply to dealers in the Nigerian capital markets regulatory sphere, as each exchange is expected to issue its own order handling rules. By way of example, the NGX Order Handling Rules regulate order handling and execution for dealing members.

Peer-to-peer trading platforms are subject to the same regulatory regime as centralised trading platforms. However, decentralised peer-to-peer trading platforms have emerged as an alternative to traditional platforms, especially when the regulatory environment prevents traditional platforms from effectively participating. A good example is the use of peer-to-peer trading platforms to fund and withdraw from accounts held with cryptocurrency exchange platforms following the “crypto ban” in 2021.

There are no rules or regulations expressly permitting or prohibiting payment for order flow. However, the NGX Order Handling Rules provide that each dealing member must execute its client’s specific instructions and take all reasonable steps to obtain the best possible result for a client while executing an order or a specific aspect of an order. In addition, the NGX Rules on the Registration of Market Makers provide that every applicant who intends to be a market maker must ensure that they have a proper supervisory programme in place and a system to ensure proper management of conflicts of interest.

The NGX maintains a market surveillance and investigation department that is responsible for protecting market integrity by detecting fraud, manipulation and abusive practices, and ensuring a fair and orderly market. It also operates X-Whistle, a whistle-blowing portal that enables anonymous reporting of unethical or unlawful conduct by market participants. In 2020, the NGX (then NSE) upgraded the platform to enhance investor protection, introducing a centralised repository for complaints, tips and referrals, alongside reporting and analytics tools for effective tracking.

Similarly, the FMDQ monitors trading activities through its market surveillance function to promote transparency and credibility. It enforces compliance by sanctioning rule breaches and publishing periodic reports of disciplinary actions. The FMDQ also operates a whistle-blowing framework through which stakeholders may report concerns relating to activities within its markets.

There are currently no regulations in relation to high-frequency and algorithmic trading in Nigeria.

The SEC Rules and the ISA do not specifically provide for the registration of market makers in high-frequency and algorithmic trading when they are functioning in a principal capacity.

Under the ISA and the SEC Rules, funds (collective investment schemes) and dealers (dealing members) occupy distinct licensing categories with different regulatory obligations, fiduciary structures, and conduct requirements.

There are currently no regulations for high-frequency and algorithmic trading and programmers in Nigeria.

As discussed in 1.1 Evolution of the Fintech Market, the Insurtech Guidelines created two classes of insurtechs: standalone insurtech and partnering insurtech.

Standalone insurtechs have significantly lower capital requirements and related obligations than traditional insurers. They appear to be similar to traditional insurance companies in that they are NAICOM-licensed risk carriers, may underwrite approved insurance business, and are subject to core prudential requirements such as governance, reporting and reinsurance. However, standalone insurtechs have more technology-focused requirements and are precluded from special risk products such as oil and gas, marine and aviation, retiree life annuity, and insurance of government assets and liabilities for ministries, departments and agencies.

Partnering insurtechs are underwritten by licensed insurers, and are suited to technology-led insurance functions such as distribution, onboarding, policy administration, claims support, aggregation and related enablement services, while the insurer retains the underwriting role.

Notably, the Insurtech Guidelines prohibit insurtechs from:

• accepting premiums or settling claims in cryptocurrency without NAICOM’s prior approval;
• declining claims solely on the basis of AI assessments;
• engaging in cross-border insurance sales without requisite approval; and
• undertaking restricted insurance businesses such as oil and gas, maritime, aviation and insurance of government assets.

Under Nigerian law, insurance operations are bifurcated into two primary categories: life insurance business and non-life insurance business.

• Life insurance under the NIIRA is organised into four distinct classes: individual life assurance, group life assurance, annuity, and health insurance businesses.
• Non-life insurance covers eight classes, addressing industrial, commercial and personal property risks:
1. fire;
2. general accident;
3. motor vehicle;
4. marine and aviation;
5. energy (oil, gas and power);
6. engineering;
7. agricultural; and
8. a composite class for bonds, credit guarantees and suretyship.
• Reinsurance remains the secondary pillar of risk management in the Nigerian insurance market, providing primary insurers with the capacity to underwrite risks beyond their individual capital limits. The NIIRA stipulates that the reinsurance of liabilities under any policy shall be treated as insurance business of the class to which the original policy belongs.
• Specialised Insurance Models – Section 3(4) of the NIIRA provides for “financial inclusion insurance business” as a class of insurance, providing a statutory foundation for specialised insurance models, such as Takaful, an Islamic insurance system where members contribute to a shared pool of funds to mutually guarantee one another against loss or damage.

The NIIRA has abolished composite insurance as a standalone licensing category; insurers may now only be licensed as either life or non-life companies. Existing composite insurers are required to restructure their operations within five years of the commencement of the Act (ie, by August 2030) to comply with this specialisation mandate. Notably, the prohibition does not extend to reinsurers as composite reinsurance licences remain permissible under the Act.

There is no substantive law that regulates regtech providers in Nigeria. However, depending on the nature of the tools adopted and the services provided, the activities of regtech companies may be regulated by cross-sectorial laws and/or regulations.

Generally, the nature and terms of the contract between financial services firms and regtech providers are governed predominantly by the general principles of the Law of Contract and the terms agreed by parties during negotiation.

Notwithstanding the existence of such contracts, financial services firms have a duty to ensure that specific contractual terms/clauses are inserted in service contracts to make the services consistent with regulatory provisions. Such terms include:

• AML/CFT compliance obligations;
• cybersecurity standards and third-party risk management;
• data breach notification and incident reporting;
• data protection clauses; and
• data localisation and cross-border transfer restrictions, to mention a few.

Legal frameworks, including the Consumer Protection Framework 2016, the Insurtech Guidelines 2025 and the Digital Lending Regulations 2025, impose a duty on financial services institutions to ensure that they adopt effective consumer risk management frameworks to protect consumers’ information and assets. Consequently, when contracting with regtech providers, financial services firms insist on assurances that the regtechs accurately process and adequately protect consumer details.

The application of blockchain technology in the Nigerian financial services industry continued to gain momentum in 2025, with notable developments moving beyond exploratory discussions into live deployment. In 2025, Flutterwave partnered with Polygon to enable stablecoin-based merchant settlement for cross-border payments, representing one of the most prominent integrations of blockchain infrastructure into mainstream payments. The SEC, CBN and EFCC also announced plans to deploy blockchain analytics and AI to track and freeze illicit digital wallets used for financial crimes, signalling a shift towards blockchain as a regulatory and enforcement tool rather than merely a commercial one.

The most significant blockchain-related development in 2025, however, was the official launch of the cNGN (compliant Naira) stablecoin in February 2025. The cNGN is a Naira-pegged stablecoin issued by Wrapped CBDC Limited, an affiliate of the African Stablecoin Consortium (ASC), and is designed to maintain a 1:1 peg with the Naira. It is widely described as Africa’s first regulated stablecoin. The cNGN is available on licensed Nigerian digital asset exchanges, with Busha and Quidax being among the first to list the token.

It is important to note that the cNGN is intended to complement, not substitute, the eNaira, which is the CBN’s central bank digital currency launched in 2021. Unlike the eNaira, which is issued and controlled solely by the CBN, the cNGN is managed by a private entity and its blockchain nodes are distributed across members of the ASC. The eNaira has struggled with adoption, with less than 0.5% of Nigerians reportedly using it regularly in its early years due to limited utility, technical issues and low public trust. Whether the cNGN can achieve broader adoption remains to be seen, though its blockchain-native design and integration with licensed fintech infrastructure give it a different pathway to market.

Blockchain technology is generally unregulated in the Nigerian financial services industry. However, the adoption of blockchain technology via digital or virtual assets is now regulated in certain respects, particularly following the introduction of the Digital Assets Rules and the ARIP (see 1.1 Evolution of the Fintech Market).

Pursuant to the SEC’s Digital Assets Rules, blockchain assets may be divided into digital assets and virtual assets. Digital assets are digital tokens representing assets such as debt or equity claims on the issuer, whereas virtual assets are digital representations of value that can be transferred, digitally traded, and used for payment or investment purposes. Virtual assets do not include digital representation of fiat currencies, securities and other financial assets.

The Digital Assets Rules require all promoters/entities/businesses proposing to conduct initial digital asset offerings within Nigeria (or targeting Nigerians) to submit an assessment form, a draft White Paper, and a legal opinion on whether or not the tokens are securities. The SEC will review the submission, and where the SEC concludes that the assets are securities, the issuer will be required to register such assets. The SEC is yet to issue any licence under these rules but has issued some approvals under the ARIP.

Blockchain asset trading platforms are regulated under Part D – Rules on VASPs and Part E – Rules on Digital Asset Exchange (DAX) of the Digital Assets Rules.

VASPs are required to register by filing the appropriate SEC forms and submitting all required documents. VASPs have various obligations, including monitoring and ensuring compliance with its rules, ensuring fair treatment of its users, and obtaining and retaining self-declared risk acknowledgement forms from users before their investment.

DAX operators must comply with general requirements for VASPs and seek registration as DAX operators under Part E. There are various regulatory restrictions/obligations for DAX operators, including reporting obligations and the submission of rules to the SEC. Perhaps the most prominent restriction is the prohibition of DAX operators from facilitating the trading of any virtual/digital asset unless the SEC has issued a no-objection to the trading of the virtual digital asset.

Staking services are regulated under the broad framework for digital assets and VASPs, and fall under the regulatory framework established by the SEC and the CBN.

The SEC regulates the provision of lending services relating to cryptocurrencies under its Digital Assets Rules and the ARIP Framework. These rules broadly define virtual assets as digital representations of value used for payment, trading or investment purposes, and establish the framework for regulating VASPs.

Lending services involving cryptocurrencies fall within the broader scope of VASPs, subject to licensing and registration requirements under the SEC’s framework. This includes compliance with AML and KYC standards, reporting obligations and other operational guidelines.

Crypto-related lending services may also trigger obligations under the FCCPC DEON Regulations, so long as such transaction occurs by digital, electronic, online or non-traditional means.

The offering of cryptocurrency derivatives is regulated in Nigeria under the Digital Assets Rules. Entities involved in offering cryptocurrency derivatives (perpetuals) must register with the SEC and comply with the regulatory framework outlined in the Digital Assets Rules/ARIP Framework. This includes adherence to AML and KYC requirements, as well as other operational and reporting obligations.

There are currently no specific laws or regulations governing DeFi in Nigeria. However, since the VASP provisions of the Digital Assets Rules apply to all persons whose activities involve any aspect of distributed ledger technology (DLT) related and virtual digital asset services, then, to the extent that DeFi involves DLT, the operations of DeFi platforms are likely to be treated as those of a VASP under the Digital Assets Rules. The rules explain that the services captured include the receipt, transmission and execution of orders on behalf of other persons.

The Digital Assets Rules impose limits on funds to be raised by an issuer. Specifically, the maximum amount of funds an issuer may raise within any 12-month period is NGN10 billion or 20 times the issuer’s shareholders’ funds (whichever is lower). The issuer is also required to demonstrate that the gross proceeds to be raised would be sufficient to undertake the project as proposed in the White Paper.

In addition, market intermediaries and market operators dealing in such fund derivatives and collective investment will likely need to be registered or approved by the SEC, given the general purview of the SEC over derivatives and collective investment schemes under the ISA.

The e-Naira and the cNGN are the key virtual currencies currently recognised in Nigeria. It is unlikely that virtual currencies will be deemed virtual or digital assets under the Digital Assets Rules.

NFTs may be regarded as virtual or digital assets under the Digital Assets Rules.

No content provided in this jurisdiction.

The CBN issued the Regulatory Framework for Open Banking in Nigeria in 2021, and the Operational Guidelines for Open Banking in collaboration with industry stakeholders in 2023. In April 2025, the CBN approved the launch of open banking, positioning Nigeria as the first African country to formally implement the framework. Under the approved model, customers can consent to allow regulated financial institutions to access their data, including account balances, transaction histories and spending patterns, through standardised APIs.

A central registry (the Open Banking Registry, maintained by NIBSS) will identify and authenticate all participants, while a consent management framework tied to customers’ BVNs (the Open Banking Consent Management System) will ensure customers’ control over data sharing.

However, the initial go-live date of August 2025 was not met. The CBN paused implementation and postponed commencement to early 2026, citing the need for a fully automated system that adequately protects customer data.

The ease of accessibility to data occasioned by open banking continues to raise confidentiality and privacy concerns. The Open Banking Framework and Operational Guidelines require participants to comply with all data privacy laws and regulations, including the NDPA and the GAID.

Under Nigerian law, the elements of fraud – otherwise known as “obtaining by false pretence” – are that:

• there was a pretence that emanated from the accused person;
• the pretence was false, and the accused person either knew of its falsity or did not believe in the truth of the pretence;
• there was an intention to defraud;
• the item in question is a thing capable of being stolen; and
• the accused person induced the owner/victim to transfer their whole interest in the property.

This also applies to financial services and fintechs in Nigeria. Such entities must file returns on incidents and fraud attempts recorded within the reporting period.

Regulators in Nigeria are focused on combating all areas of fraud in the financial industry. However, the key focus areas are money laundering and advance fee fraud, as well as other related offences.

Pursuant to extant laws, including Section 37(3) of the Cybercrimes Act, 2015, and Paragraph 2.6.1(5) of the CBN Consumer Protection Framework, financial institutions are obligated to bear responsibility for unauthorised debit and sums lost to fraud, unless the loss occurred due to the customer’s negligence or fraudulent behaviour. This position cannot be altered by contractual terms. Indeed, provisions of the CBN’s Consumer Protection Regulations, 2019 and the FCCPA would invalidate contractual provisions that attempt to alter said position.

***

The authors utilised AI-assisted tools in the course of preparing this article, but independently verified all AI-assisted content, and all final interpretations, analyses and conclusions are solely those of the authors or clearly cited.