Deji Elumoye, Chuks Okocha, Michael Olugbode, Emmanuel Addeh and Sunday Aborisade in Abuja
President Bola Ahmed Tinubu, at the weekend, directed suspension of the implementation of the cybersecurity levy, as provided for in the Cybersecurity Act 2015 recently unveiled by the Central Bank of Nigeria (CBN), to avoid overburdening citizens who were already battling economic hardship.
KPMG, a global firm that provides audit, tax and advisory services, also raised issues with the timing of the 0.5 per cent cybersecurity levy by the federal government, saying it is ill-timed under the current economic realities.
But Chairman of the Senate Committee on National Security and Intelligence, Senator Shehu Buba, yesterday, said the cybersecurity levy was not targeted at individuals, but meant for financial institutions and telecoms firms, among others.
Relatedly, Director General, World Trade Organisation (WTO), Dr. Ngozi Okonjo-Iweala, asked the federal government to streamline its taxes and levies, arguing that though higher taxes may not be bad, they should not constitute an undue burden on the people.
That was as Socio-Economic Rights and Accountability Project (SERAP), BudgIT, and other concerned Nigerians filed a lawsuit against the CBN "over its failure to withdraw the patently unlawful 'circular' directing all banks and other financial institutions to deduct from customers' accounts a cybersecurity levy."
CBN had issued an implementation guideline to all commercial, merchant, non-interest and payment service banks, other financial institutions, mobile money operators, and payment service providers on the collection and remittance of the national cybersecurity levy.
The guidance, pursuant to the provisions of Section 44 (2) of the Cybercrime (Prohibition, Prevention, etc.) Act 2015, it said, was in line with recent developments and aimed to bolster cybersecurity measures in Nigeria.
It mandated the imposition of a levy on electronic transactions, with the proceeds paid into the National Cybersecurity Fund (NCF) under the administration of the Office of the National Security Adviser (ONSA).
Presidency sources told THISDAY last night that contrary to a report yesterday, the president did not order the CBN to stop the implementation of the cybersecurity levy.
Rather, Tinubu, who believed in the rule of law, and recognised the independence of the CBN and its autonomy, the source claimed, only directed the National Security Adviser (NSA) to suspend the implementation.
According to the source, who pleaded anonymity, "The cybersecurity levy is not a CBN action. CBN only issued circular to banks to commence implementation as a regulator. It is an action of the NSA.
"The directive to stop implementation is to ONSA. There will be internal communication between ONSA on how to carry out the presidential directive."
The source said Tinubu was not insensitive to public opinion, "which informed why he does not want to overburden businesses and citizens with extra levy.
"Though the intendment of the law is good and what it seeks to achieve with heightened cybersecurity threats, it is important as a country we have capability to build strong firewalls around the nation's database and government and corporate organisations' online infrastructure against hackers.
"The levy is also designed to fund counterterrorism efforts of the federal government."
But in a commentary on the levy, KPMG stated that although the idea was not new, it was unjustified under the prevailing economic conditions, given the squeezing effect the current reforms were already having.
KPMG said no country could tax itself to prosperity. It stressed that higher taxes did not lead to sustainable growth. He also warned against unintended consequences of the policy.
KPMG disclosed that the levy was not limited to financial institutions but also payable by GSM service providers and all telecommunication companies, internet service providers, insurance companies and the Nigerian Stock Exchange.
It hinted that the regulators of these other businesses might issue their implementation guidelines soon.
KPMG stated, "Undoubtedly, Nigeria faces significant revenue challenge. This has, therefore, constrained, and continues to constrain, the country's capacity for achieving sustainable growth. Given this context, government may go to any length to mobilise the required revenue.
"However, research has shown that higher taxes do not lead to sustainable growth. In fact, no country can tax itself to prosperity. Perhaps, it is in recognition of this that the current administration and the Presidential Committee on Fiscal Reforms have often emphasised that the government will not introduce new taxes.
"Though the cybercrime levy is not new as it has been in existence since 2015, the question is why implement it now given the prevailing economic challenges? The timing of any reforms is essential to the success of such reforms. This underscores the current public resistance to the implementation of the levy.
"This is certainly not the right time to implement this levy. Hopefully, the National Insurance Commission (NAICOM) and the Nigerian Communications Commission (NCC) will consider this before introducing their own guidelines with respect to those businesses under their purview."
KPMG reckoned that the key objective of the cybercrime levy was to ensure that there was dedicated and adequate funding available to address the growing threats of cyber-attacks. This, it said, explained why some countries had implemented various forms of cybersecurity levies to fund cyber security initiatives.
It emphasised that consideration must be given to the country's prevailing economic conditions.
KPMG stated, "The current economic climate does not justify its implementation now."
It added that although various reports had indicated that the government would raise about N3 trillion annually from the levy, there was no formal presentation to the public of the cost and benefit analysis.
KPMG observed that it was always critical that the enactment of any tax or levy be accompanied by the tax expenditure statement to provide information as to whether the benefits of such tax or levy outweighed its cost.
The firm stated, "It is not sufficient to provide only the revenue projection, which is not certain as no details have been provided with respect to this; albeit there have been reports on how the money would be spent.
"Under the enabling Act, the Office of the National Security Adviser will be responsible for administering the fund. Though the Act provides that the fund shall be audited in accordance with guidelines issued by the Auditor General of the Federation, this does not provide enough comfort.
"There are many government agencies that have not been audited for years and nothing has happened. It is, therefore, critical that practical measures be put in place to ensure transparency and accountability."
One key question that the implementation of the levy triggered, the firm said, was whether Nigeria was back to the era of cheque transactions since they dd not qualify as electronic transfers under the enabling Act.
According to KPMG, businesses may resort to any measures to avoid the payment of the levy.
The global tax advisory firm said, "This is why unintended consequences of any measure must be adequately evaluated before implementation. A related question is how the implementation of this levy will contribute to financial inclusion in the light of the financial burden that customers of financial institutions will experience.
"Hopefully, government will reconsider delaying the implementation of the levy, which has been in the books since 2015! Government should focus on tax reforms that address revenue leakages and be financially prudent in the utilisation of public fund.
"Combining revenue-raising initiatives with responsible spending practices is essential for fiscal sustainability. It is also important that government considers phasing in tax reforms on a gradual basis to minimise potential shocks to the economy."
Senate Panel: Cybersecurity Levy Meant for Financial Institutions, Telecoms Firms
Chairman of the Senate Committee on National Security and Intelligence, Senator Shehu Buba, said the recently announced cybersecurity levy was not targeted at individuals operating bank accounts.
Rather, Buba, who sponsored the amendment bill, in a statement in Abuja, explained that the levy was aimed explicitly at financial institutions and telecommunication companies.
He said the financial institutions and telecommunication firms were most vulnerable sectors to financial crimes and cyber fraud, the levy was to enhance cybersecurity measures and national security in the country.
He stated, "The relevant section of the Cybercrime Act is very clear about the businesses that are required to pay the levy, not the citizens.
"The Act is very explicit about who is responsible for the payment, not Nigerian citizens or individuals.
"The relevant Section of the Cybercrime Act 2015 listed the businesses required to pay the levy: telecommunications companies, Internet Service Providers, Banks, Insurance Companies, the Nigerian Stock Exchange, and other Financial Institutions.
"The organisations in the sectors have been listed in previous circulars by the Central Bank of Nigeria, especially in 2018. The new circular by the CBN further provided many exemptions."
Explaining the amount payable as a cybersecurity levy, Buba said, "It is either 0.005 or 0.5 per cent arithmetically. The figure in the principal act was 0.005 as a fraction, which was converted to the percentage that became 0.5 per cent in the amendment.
"Therefore, the statistics in fractions and percentages are the same."
The legislator highlighted that the passage of the amendment bill was a collaborative effort of various stakeholders.
He stated, "The passage of the amendment bill was a collaborative effort involving the government, industry players, civil society, and academia.
"They expressed their contributions and actively participated in the public hearing before the endorsement by the two chambers of the National Assembly.
"After rigorous processes, President Bola Ahmed Tinubu signed the bill into law in February 2024."
The senator acknowledged the concerns of Nigerians, civil groups, and other stakeholders about the current economic situation, and reassured them that the cybersecurity law was not meant to punish citizens.
Okonjo-Iweala: FG Should Streamline Taxes to Avoid Overburdening Citizens
Director General of World Trade Organisation (WTO), Dr. Ngozi Okonjo-Iweala, called on the federal government to streamline its taxes and levies, saying though higher taxes may not be bad, they must not constitute an undue burden to people.
Okonjo-Iweala spoke in Abuja at the weekend at a gathering of Women in Leadership Nigeria, hosted by her, with the Duchess of Sussex, Meghan Markle, the co-founder of the Archewell Foundation.
She said, "All taxes and levies are to increase government revenue, it depends on where and how you levy it. But our tax to Gross Domestic Product (GDP) ratio is quite low, it is about seven per cent or so of GDP.
"We need to push it up, may be this is why government is introducing some more taxes. But we have to be careful where the levies or the taxes are, so that they don't constitute an undue burden to people.
"At the same time, we need to bear with government because the tax to GDP ratio is low and we need to work hard to lift it.
"I don't want to comment on any specific level but would rather comment on the general, that trying to improve our tax administration and to improve our tax to GDP ratio is something we need to aim at doing.
"To do that we need to broaden the tax base, the base is presently narrow. The number of people that pay tax in the country are not really many. We need to find ways around this, but to do it we need to know that to tax people you have to offer them service.
"Otherwise, they would wonder why they are paying taxes. So, there is a whole lot of work that we need to do. The government needs to broaden the tax base but they need to be just thoughtful about which taxes and levies they put in."
SERAP, Other CSOs Want Court to Stop FG from Implementing Cybersecurity Levy
Socio-Economic Rights and Accountability Project (SERAP), BudgIT and and some concerned Nigerians filed a lawsuit against CBN over failure to withdraw circular directing banks and other financial institutions to deduct cybersecurity levy from customers' accounts.
In the suit number FHC/L/CS/822/2024 filed last Friday at the Federal High Court, Lagos, SERAP, BudgIT and the concerned Nigerians asked the court to determine "whether the CBN circular dated 6th May 2024, directing financial institutions to deduct from customers' accounts a cybersecurity levy is unlawful and therefore ultra vires the CBN."
They also asked the court to determine "whether the CBN circular dated 6th May 2024, directing financial institutions to deduct from customers' accounts a cybersecurity levy and section 44(2)(a) of the Cybercrimes Act were not in breach of sections 14(2), 44(1) and 162(1) of the Nigerian Constitution 1999 (as amended), and therefore unconstitutional, null, and void."
They demanded "a declaration that the CBN circular dated 6th May 2024 directing all banks and other financial institutions to deduct from customers' accounts a cybersecurity levy is contrary to the provisions of the Cybercrimes Act and ultra vires the CBN, and therefore is illegal null and void."
The plaintiffs further sought "an order of interim injunction restraining the CBN, its office, agents, privies, assigns, or any other persons acting on its instructions from enforcing the Circular dated 6th May 2024, pending the hearing and determination of the motion on notice filed contemporaneously in this suit."
The suit filed on behalf of the plaintiffs by their lawyer, Ebun-Olu Adegboruwa, SAN, read in par, "The CBN Circular is unlawful and an outright violation of the provisions of the Nigerian Constitution and the country's international obligations.
"Unless the reliefs sought are granted, the CBN will enforce its Circular directing banks to deduct from customers' accounts a cybersecurity levy. Millions of Nigerians with active bank accounts would suffer irreparable damage from the unlawful deduction of cybersecurity levies from their accounts.
"The provisions of the Cybercrimes Act on payment of cybersecurity levy strictly apply only to businesses listed in the Second Schedule to the Act. These provisions make no reference to bank customers, contrary to the CBN Circular to all banks and other financial institutions.
"The Nigerian government has a legal responsibility to ensure the security and welfare of the people, as provided for under section 14(2)(b) of the Nigerian Constitution and human rights treaties to which Nigeria is a state party.
"The CBN Circular is also a blatant violation of Nigerians' human rights including the right to property guaranteed under section 44 of the Nigerian Constitution and article 14 of the African Charter on Human and Peoples' Rights to which Nigeria is a state party.
"We urge the Honourable to grant the reliefs sought in the public interest and the interest of justice as well as to prevent arbitrariness and ensure the rule of law in the country."
No date has been fixed for the hearing of the suit.