The Central Bank of Nigeria released a circular on Monday, May 6th, instructing all banks to commence deducting a 0.5% cybersecurity levy on all electronic transactions processed from accounts domiciled with them. The directive will take effect two weeks from Monday, May 20th, 2024, and will affect all commercial, merchant, non-interest, and payment service financial institutions.
Quoting the CBN’s declaration,
The levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution. The deducted amount shall be reflected in the customer’s account with the narration, ‘Cybersecurity Levy.
While the banks are expected to deduct the levies on all transactions as they occur, the money will be remitted in monthly payments to the NCF account with CBN. The deadline for the monthly remittances is the fifth business day of every month. Failure to comply with the directive is an offence punishable with a fine of 2% of the defaulting institution’s annual turnover.
The new directive comes as an enforcement of the policies of the newly amended Cybercrime Act 2024 under the provision of Section 44(2)(a) of the Act, which states that levy of half a percent (0.5%)of all electronic transactions valued by the business specified in the Second Schedule of the Act is to be remitted to the National Cybersecurity Fund administered by the office of the National Security Adviser.
While this announcement might shock many Nigerians, it is not an entirely new development, albeit a delayed one. According to the circular, the policy consideration dates back to 2018 when two letters dated June 25, 2018, and October 8, 2018, were sent out by the Central Bank of Nigeria with regards to the Cybercrimes Act 2015.
However, this regulation doesn’t apply to all financial transactions. In a separate circular, the CBN identified 16 exemptions to the new regulation. These include
- Loan disbursements and repayments
- Salary payments
- Intra-account transfers within the same bank or between different banks for the same customer
- Intra-bank transfers between customers of the same bank
- Other Financial Institutions instructions to their correspondent banks
- Interbank placements
- Banks’ transfers to CBN and vice-versa
- Inter-branch transfers within a bank
- Cheque clearing and settlements
- Letters of Credits
- Banks’ recapitalisation-related funding
- Savings and deposits,
- Bonds, and Commercial Papers.
- Government Social Welfare Programmes transactions
- Non-profit and charitable transactions, including donations to registered non-profit organizations or charities
- Educational institutions’ transactions, including tuition payments and other transactions involving schools, universities, or other educational institutions
- Transactions involving the bank’s internal accounts such as suspense accounts, clearing accounts, profit and loss accounts, inter-branch accounts, reserve accounts, nostro and vostro accounts, and escrow accounts.
What The New Directive Means for the Masses
The 0.5% charge means that every individual processing an electronic transaction will have the total amount they are transferring multiplied by 0.005, the resultant amount will then be deducted from their balance. For example, when you transfer N10,000 from your account, you’ll be charged an additional N10,000 * 0.005, which is N50.
The new cybersecurity levy doesn’t affect any of the other fees the banks were already deducting from transactions. This means that for the average individual, everyday transactions such as purchases, bill payments, and investments will now incur a slight increase due to the cybersecurity levy.
This new policy is the latest among the numerous puzzling policies the Nigerian Federal Government and CBN recently introduced. Late last year, the apex bank lifted the ban on crypto transactions for commercial banks. But the recent news swirling around the crypto space suggests that the ban may soon be reinstated.
As a result, popular financial service providers Opay, Moniepoint, and Paga have notified customers to refrain from conducting crypto transactions from their accounts, warning that defaulting accounts will be blocked. This follows the CBN’s directive to these companies to hold off on onboarding new customers.
What The People Think
Popular opinion gathered from social media interactions, recorded interviews, and news outlets shows that many Nigerians are not impressed by the new policy with many believing that it’s another ploy by the current administration to increase taxes.
There’s also another trending opinion that the new levy would hurt several businesses as they would start incurring significant costs on all transactions including capital expenses. It will also require them to revisit their financial strategies to reduce the impact of the added expense.
Nevertheless, a positive from the new development is the heightened awareness of the need for better cybersecurity and threat vigilance for financial organizations. As technology keeps advancing with the development of AI and other advanced technology, cybersecurity risks are also growing, creating a need for advanced measures to safeguard financial systems.
While the introduction of the cybersecurity levy by the Central Bank of Nigeria reflects a proactive approach towards enhancing cybersecurity infrastructure in the digital age, it comes as an unexpected and undesirable development for many Nigerians who would be forced to incur additional costs on every transaction they conduct.