The National Security Adviser would supervise the cyber security levy deduction process, according to the Central Bank of Nigeria (CBN)

The apex bank’s Director of payments system management, Chibuzor Efobi, and Director of financial policy and regulation, Haruna.B. Mustafa, issued a circular to banks, mobile money operators, payment service providers, and others. 

According to the statement, the cybersecurity levy is being collected because of the 2024 cybercrime (prohibition, prevention, etc.) Amendment Act. This law says that 0.5% of the value of all electronic transactions should be taken out and put into the National Cyber Security Fund, which the NSA office will run. 

Read also: Experts discuss cloud computing, Cybersecurity at Africa Cloud and Security Summit

The memo also said that the deduction would be called a “Cybersecurity levy” and that the relevant financial institutions should start making the deduction two weeks after the secular.

According to Section 44 (2)(a) of the Cybercrime (Prohibition, Prevention, etc.) (Amendment) Act 2024, the Office of the National Security Adviser (ONSA) shall administer the National Cybersecurity Fund (NCF), which shall receive a levy of 0.5% (0.005) equivalent to a half per cent of all electronic transactions value by the business specified in the Second Schedule of the Act.

“Accordingly, all Banks, Other Financial Institutions and Payments Service Providers are at this moment required to implement the above provision of the Act as follows:”

“Calculate the levy based on the total electronic transfer origination, then deduct and remit by the financial institution.”

“The deducted amount shall be reflected in the customer’s account with the narration: ‘Cybersecurity Levy’.”

Failure to comply with the cybersecurity levy: What happens?

In addition, the apex banks warned that businesses that don’t pay their bills on time would face fines of at least 2% of their annual sales, as set out in the updated Cyber Crime Prohibition and Prevention Act. 

“Penalties for Not Following Through” According to Section 44(8) of the Act, failing to pay the tax is a crime that can lead to a fine of at least 2% of the business’s annual turnover, among other things. 

What changes will the CBN’s cybersecurity levy bring to financial institutions 

It’s a significant change in the rules for Nigeria’s digital economy that the Central Bank of Nigeria recently told financial institutions they need to place a cybersecurity fee.

All electronic transfers must have 0.5% of the value taken away by banks, mobile money operators, and payment service providers. This money must then be sent to the National Cyber Security Fund.

In our increasingly connected digital world, cyber threats are becoming more common. This fund, run by the Office of the National Security Adviser, is meant to strengthen the country’s defences against these threats.

Read also: Lagos sets up Cyber Security Advisory Board

The government’s action shows that it is serious about protecting digital assets and keeping financial activities safe from possible cybercrime. However, this new tax also comes with problems and effects for both companies and consumers.

The transaction fee may raise worries about the rising cost of digital services for ordinary consumers, affecting consumer behaviour and digital adoption.

On the business side, companies have to change their financial plans to account for the levy. That’s to ensure they follow the rules while keeping their running costs low.

The strategy is essential, and the harsh punishment for not following it—at least 2% of the annual turnover for companies that don’t—makes that point even more apparent. As this regulation takes effect, its implementation and players’ response will likely shape Nigeria’s digital finance ecosystem.