In a significant move to bolster national cybersecurity, the Central Bank of Nigeria (CBN) has issued a directive to all banks and financial institutions to implement a cybersecurity levy on banking transactions.
This new levy, set at 0.5% of the value of all electronic transactions, was in response to the escalating concerns over cyber threats and follows the guidelines of the recently enacted Cybercrime (Prohibition, Prevention, etc.) (Amendment) Act 2024.
According to the CBN, this measure was crucial for enhancing the security framework of financial operations across the country.
Hereunder are the five important things you need to know about the ‘Cybersecurity Levy’:
1. Levy Amount: The levy is set at 0.5% of the value of electronic transactions, intended to strengthen cybersecurity infrastructure.
2. Collection Method: Financial institutions will deduct the levy directly from transactions, visible in customers’ account statements as ‘Cybersecurity Levy’.
3. Administration and Remittance: Institutions are tasked with collecting and remitting the cybersecurity levy to the National Cybersecurity Fund administered by Office of NSA (ONSA) monthly by the fifth business day of the following month.
4. Implementation Timeline: The directive takes effect within two weeks from the circular’s issuance date, May 20, 2024, prompting banks to promptly adjust their systems.
5. Penalties for Non-compliance: Failure to remit the cybersecurity levy may result in penalties, including fines of up to 2% of the institution’s annual turnover.