President Bola Tinubu has intervened in the controversial cybersecurity levy policy, directing the Central Bank of Nigeria (CBN) to suspend its implementation and ordering a review. This comes after the House of Representatives asked the CBN to withdraw its circular mandating a 0.5% cybersecurity levy on all electronic transactions in the country.
The CBN had issued a circular on May 6, 2024, requiring all banks, mobile money operators, and payment service providers to implement the new cybersecurity levy. The levy, as stipulated in the Cybercrime (Prohibition, Prevention, etc) (Amendment) Act 2024, amounts to 0.5% of the value of all electronic transactions. The collected funds are to be remitted to the National Cybersecurity Fund, overseen by the Office of the National Security Adviser.
Financial institutions are mandated to apply the levy at the point of electronic transfer origination, explicitly noting it in customer accounts under the descriptor “Cybersecurity Levy.” The implementation was initially set to begin on May 20, 2024. However, financial institutions are required to make bulk remittances to the NCF account domiciled at the CBN by the fifth business day of each subsequent month.
The circular also outlines timeframes for financial institutions to reconfigure their systems to ensure timely submission of remittance files to the Nigeria Interbank Settlement Systems Plc. While the Act imposes severe penalties for non-compliance, the exemption list includes specific transactions to avoid multiple applications of the levy.
