Nigeria: Financial Institutions Race to Meet CBN Deadline On New Cyber-Security Standard

18 May 2026
Vanguard (Lagos)
By Emeka Anaeto

Nigeria's financial institutions are fighting to meet the deadline of June 10, 2026 set by the Central Bank of Nigeria, CBN, for onboarding to a new cyber-security baseline.

But industry sources told Financial Vanguard that though most of the commercial banks are already on track to the deadline almost all operators below them are not ready yet and this situation exposes the entire system to the risk the new baseline was set to prevent.

Financial Vanguard learnt that only tier-1 banks and a few others are likely to meet the deadline, but smaller institutions are lagging due to non existence of Chief Information Security Officers, CISOs.

The new cyber-security standard was meant to check Anti-Money Laundering (AML), Combating Financial Terrorism (CFT) and Counter-Proliferation Financing (CPF) solutions.

Follow us on WhatsApp | LinkedIn for the latest headlines

On 10 March 2026, the CBN issued Circular, BSD/DIR/PUB/LAB/019/002, directing a mandatory baseline standard for automated AML/CFT/CPF systems across all regulated financial institutions.

By the circular every regulated financial institution must submit an implementation roadmap to the CBN by June 10, 2026.

Speaking to Financial Vanguard on the situation, a subject matter expert in cybersecurity, Ms Seun Runsewe, said "the circular covers 12 functional areas, and every one of them requires not just a system purchase but a "governance architecture".

Explaining further, she said "realistically, most of the leading banks would meet the deadline because they have CISOs, internal teams, and vendors already lined up".

However, she expressed concern that "the categories of financial institutions below the banks including roughly 900 microfinance banks, more than 100 finance houses, and the primary mortgage banks, is where the majority of regulated institutions in this country actually sit".

She added, "most don't have a CISO, let alone a functioning automated AML solution. Many are starting from near zero with the deadline already on top of them".

On the consequences of this gap, Runsewe stated: "It isn't only their problem. These institutions sit on the same shared rails as everyone else - NIBSS, BVN, the agency banking networks. One under-instrumented microfinance bank is a door. That is how ecosystem-wide breaches actually unfold: through the smallest, weakest connected node. The big banks inherit whatever happens at the bottom".

Read the original article on Vanguard.

Tagged:
Copyright © 2026 Vanguard. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 600 reports a day from more than 90 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.