The Central Bank of Nigeria (CBN) has announced the reintroduction of the cybercrime levy at 0.005% on all electronic transactions.
This decision, effective for the 2024-2025 fiscal year, was confirmed in new policy guidelines issued on September 17, 2024.
The levy, initially introduced in May 2024 and then suspended due to public backlash, is mandated by the Cybercrime (Prohibition, Prevention, etc.) Act of 2015.
“The CBN shall continue to enforce the payment of the mandatory levy of 0.005 per cent on all electronic transactions by banks and other financial institutions, by the Cybercrime (Prohibition, Prevention, etc.) Act, 2015,” the circular partly reads.
CBN says the funds collected will be allocated to a cybersecurity fund to enhance electronic transaction security.
Under the new guidelines, CBN reiterates the requirement for banks and financial institutions to adhere to cybersecurity standards and appoint Chief Information Security Officers.
This move aligns with the 2022 risk-based cybersecurity framework, ensuring compliance with minimum cybersecurity baselines.
In addition to reintroducing the levy, the CBN has clarified its application, specifying exemptions for certain transactions such as loan disbursements, salary payments, and educational fees. Transactions related to internal bank accounts and government social welfare programmes are also exempt.
The CBN’s decision follows previous plans to implement a 0.5% levy, which faced criticism and was subsequently withdrawn in May 2024.
The reintroduced 0.005% cybercrime levy is intended to support national efforts against cybercrime. Failure to remit the levy as required will result in penalties, including fines based on annual turnover.
The CBN’s guidelines ensure that the levy will be deducted at the point of electronic transfer and reflected in account statements with a specific narration.
Financial institutions are required to comply with the updated guidelines and the provisions
of the Cybercrime Act.
