CBN Directs Banks, Other Financial Institutions To Implement National Cybersecurity Levy On Electronic Transactions
May 6, (THEWILL) – Following the enactment of the Cybercrime (Prohibition, Prevention, etc) (Amendment) Act 2024 and pursuant to the provision of Section 44 (2)(a) of the Act, the Central Bank of Nigeria (CBN) has directed all banks, as well as other financial institutions and payments service providers in the country, to collect and remit 0.5% of all electronic transactions as National Cybersecurity Levy.
The apex bank announced the directives in a circular jointly signed by its Director, Payments System Management Department, Chibuzo A. Efobi and Director, Financial Policy and Regulation Department, Haruna B. Mustafa.
Addressed to all commercial, merchant, non-interest and payment services banks as well as other financial institutions, mobile money operators and payment service providers in the country, the circular dated May 6, 2024, said the levy is to be remitted to the National Cybersecurity Fund (NCF), which is administered by the Office of the National Security Adviser (ONSA).
Titled, “RE: CYBERCRIMES (PROHIBITION, PREVENTION, ETC) (AMENDMENT) ACT 2024-IMPLEMENTATION GUIDANCE ON THE COLLECTION AND REMITTANCE OF THE NATIONAL CYBERSECURITY LEVY,” the circular reads in part:
“The earlier Central Bank of Nigeria (CBN) circular and letter to all Banks dated June 25, 2018, (Ref: BPS/DIRIGEN/CIR/05/008) and October 5, 2018, (Ref: BSD/DIRIGEN/LAB/11/023) respectively on compliance with the Cybercrimes (Prohibition, Prevention, Etc.) Act 2015 refer.
“The recent public engagements by the Office of the National Security Adviser (ONSA) on the above subject, also refers.
“Following the enactment of the Cybercrime (Prohibition, Prevention, etc) (Amendment) Act 2024 and pursuant to the provision of Section 44 (2)(a) of the Act, ‘a levy of 0.5% (0.005) equivalent to a half percent of all electronic transactions value by the business specified in the Second Schedule of the Act’ is to be remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser (ONSA).
“Accordingly, all Banks, Other Financial Institutions and Payments Service Providers are hereby required to implement the above provision of the Act as follows:
1. The levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution.
2. The deducted amount shall be reflected in the customer’s account with the narration: “Cybersecurity Levy.
3. Deductions shall commence within two (2) weeks from the date of this circular for all financial institutions and the monthly remittance of the levies collected in bulk to the NCF account domiciled at the CBN by the 5h business day of every subsequent month.
4. System reconfigurations towards ensuring complete and timely submission of remittance files to the Nigeria Inter-Bank Settlement System (NIBSS) Plc shall be completed as follows:
a. Within four (4) weeks of this circular – Commercial, Merchant, Non-Interest and Payment Service Banks; and Mobile Money Operators.
b. Within eight (8) weeks of this circular – all Other Financial Institutions (Microfinance banks, Primary Mortgage banks, Development Finance Institutions).
5. Exemptions – To avoid multiple applications of the levy on the same transaction/transfer, Appendix 1 (attached) captures transactions currently deemed eligible and are exempted from the application of the levy.
6. Penalties for Non-compliance – Section 44 (8) of the Act prescribes that failure to remit the levy is an offence and is liable on conviction to a fine of not less than 2% of the annual turnover of the defaulting business, amongst others.
“Finally, all institutions under the regulatory purview of the CBN are hereby directed to note and comply with the provisions of the Act and this circular.
“Please be guided accordingly.”
