The Central Bank of Nigeria (CBN) has retracted its directive that mandated banks and payment service providers (PSPs) to collect and remit a cybersecurity levy. This mandate was initially proposed under the Cybercrime Prevention and Prohibition Amendment Act of 2024.
The withdrawal was communicated in a revised circular dated May 17, 2024, signed by CBN officials Chibuzor Efobi and Haruna Mustafa, and addressed to commercial banks, PSPs, non-interest banks, and other financial institutions.
The revised circular indicated that the earlier directive, issued on May 6, 2024, has been officially withdrawn. The CBN had previously instructed various financial entities, including commercial, merchant, and non-interest banks, as well as mobile money operators, to comply with the cybersecurity levy collection and remittance.
This change follows the Federal Executive Council’s decision to suspend the implementation of the cybersecurity levy provisions, highlighting the need for further review and assessment.