Header background of newspaper

Newsletters

Stay current and updated
with our rich newsletters
and articles

CYBER SECURITY LEVY: IMPLICATIONS FOR CONSUMERS AND FINANCIAL INSTITUTIONS

newsletter/article cover image

INTRODUCTION
By a circular dated the 6th day of May, 2024 the Central Bank of Nigeria issued a circular to all commercial, merchant, non-interest and payment service banks; as well as to financial institutions, mobile money operators and payment service providers (PSP).

This circular was sequel to the directive from the National Security Adviser; Malam Nuhu Ribadu, for the full implementation of the Cybercrimes (Prohibition, Prevention, Etc) Amendment Act 2024.

The circular, while referring to the recent enactment of the aforestated Cybercrime (Prohibition, Prevention, etc) (Amendment) Act, 2024 enforced implementation guidelines on the collection and remittance of the national cybersecurity levy.

REVIEW OF THE LEVY
The Circular placed reliance on this Cybercrime (Prohibition, Prevention, etc) (Amendment) Act, 2024, particularly, the provisions of Section 44(2)(a) therein which states:

“a levy of 0.5% (0.005) equivalent to a half percent of all electronic transactions value by the business specified in the Second Schedule of the Act”

The said levy shall be applied at the point of electronic transfer origination, then deducted and remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser. This form parts of ongoing initiatives to strengthen the country’s defenses against cyber threats.


COMMENCEMENT & EXEMPTIONS

The deductions of the levy shall commence within two (2) weeks from the date of the circular for all financial institutions. To avoid multiple applications of the levy on the same transaction, the following transactions are exempted from the levy:

1. Loan disbursements and repayments
2. Salary payments
3. Intra-account transfers within the same bank or between different banks for the same customer
4. Intra-bank transfers between customers of the same bank
5. Other Financial Institutions (OFls) instructions to their correspondent banks
6. Interbank placements
7. Banks’ transfers to CBN and vice-versa
8. Inter-branch transfers within a bank
9. Cheques clearing and settlements 10. Letters of Credits (LCs)
11. Banks’ recapitalization related funding - only bulk funds movement from collection accounts
12. Savings and deposits including transactions involving long-term investments such as Treasury Bills, Bonds, and Commercial Papers.
13. Government Social Welfare Programs transactions e.g. Pension payments
14. Non-profit and charitable transactions including donations to registered nonprofit organisations or charities.
15. Educational Institutions transactions, including tuition payments and other transaction involving schools, universities, or other educational institutions.
16. Transactions involving bank’s internal accounts such as suspense accounts, clearing accounts, profit and loss accounts, inter-branch accounts, reserve accounts, nostro and vostro accounts, and escrow accounts.

IMPLICATION OF THE LEVY ON FINANCIAL INSTITUTIONS

The implementation of this levy imposes additional responsibilities on the institutions which are expected to remit levies collected to the National Cybersecurity Fund (NCF) account domiciled with the CBN by the 5th business day of every subsequent month.

Additionally, they are to ensure the completion of system reconfigurations towards ensuring complete and timely submission of remittance files to the Nigeria Interbank Settlement System (NIBSS). Such configurations are to be completed within four (4) weeks of the issuance of the circular for commercial, merchant, non-interest and payment service banks; and within eight (8) weeks of the issuance of the circular for all other financial institutions.

Institutions that fail to remit the levy are liable (on conviction) to a fine of not less than 2% of the annual turnover of the defaulting institution, amongst others.


IMPLICATION OF THE LEVY ON CONSUMERS

In addition to typical bank charges or such other charges incurred on banking transactions (e.g VAT), the Levy imposes a 0.5% deduction of the value of any transfer or transaction made that does not fall under the exemptions. This raises a financial burden on individuals and businesses.

PUBLIC SENTIMENTS ON THE CYBER SECURITY LEVY
Unsurprisingly, the public has not taken kindly to the new cybersecurity levy. It has generally been appraised as an unnecessary financial burden imposed on the masses; and there have been calls championing for its suspension.

In reaction to this view of the levy being an additional tax burden, The House of Representatives has asked the Central Bank of Nigeria (CBN) to suspend the proposed introduction of a cybersecurity levy on electronic transactions. On the other hand, the Senate Committee on National Security, despite widespread public outcry, has supported the 0.5 percent cybersecurity levy stating that the benefits outweigh the drawbacks.

There is a clear diversity of opinions even within the National Assembly regarding this levy. Thus, it remains to be determined whether the public outcry will be enough of a deterrent for the implementation of this levy.


CONCLUSION

Whilst the efforts of the Office of the National Security Adviser (ONSA) in conjunction with the Central Bank of Nigeria in implementing cybersecurity initiatives to improve cyber security can be applauded, the implications of the imposition of a levy in the attainment of such objectives cannot be ignored. Balancing the economic considerations as well as the regulatory compliance complexities of the imposition of this levy reveals additional burdens to consumers and financial institutions alike, which derails from the cybersecurity efforts being made.


Click to read the full article