• Saturday, June 15, 2024
businessday logo


CBN directs banks to stop 0.5% cybersecurity charges

‘Financial inclusion threatened by cybersecurity levy’

The Central Bank of Nigeria (CBN) has directed banks and other financial institutions to stop the implementation of 0.5 percent cybersecurity charges on electronic transactions.

This was disclosed in a circular to all commercial, merchant, non-interest, payment service banks, other financial institutions, mobile money operators and payment service providers.

The circular was jointly signed by Chibuzor Efobi, director of payments system management, and Haruna Mustafa, director of financial policy and regulation departments of the CBN.

The decision of the apex bank followed a directive from the House of Representatives and the federal government that the CBN should pause the implementation of the 0.5 percent cybersecurity levy on transactions.

The CBN’s earlier circular stated, Following the enactment of the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024 and under the provision of Section 44 (2)(a) of the Act, “a levy of 0.5 percent (0.005) equivalent to a half percent of all electronic transactions value by the business specified in the second schedule of the Act, is to be remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser (ONSA).”

The Act establishes a fund known as the National Cybersecurity Fund, referred to as “The Fund.” Under the provisions of the Act, various sources contribute to the Fund, which is held in the Central Bank of Nigeria. These include a levy imposed on specific businesses engaged in electronic transactions, grants from donor agencies, contributions from individuals and organizations, appropriations by the National Assembly, and other accruing assets.

The Act also ensures that all funds channeled into the National Cybersecurity Fund are exempted from income tax, encouraging contributions from stakeholders. Additionally, contributions made to the Fund are tax-deductible, providing further incentive for participation.

Businesses identified under the Act are required to remit the levy—set at 0.005 percent of electronic transactions—directly into the Fund within a stipulated period of 30 days. This direct contribution mechanism aims to streamline the funding process and ensure timely resource allocation.

Moreover, the Act stipulates that a portion of the Fund, not exceeding 40 percent, may be allocated towards programs addressing the pressing issue of countering violent extremism (CVE).

Cybersecurity refers to the practice of protecting computer systems, networks, programs, and data from digital attacks, unauthorized access, damage, or theft. It encompasses various technologies, processes, and practices designed to safeguard information and ensure the confidentiality, integrity, and availability of data.