2024 saw significant changes in Nigeria’s legal and regulatory landscape, with notable developments across various sectors including financial services, oil and gas, energy, transportation, etc.  Significant judicial decisions were also delivered by the courts which shaped the tax and gaming landscapes in Nigeria. This recap is divided into four parts representing the four quarters of the year, highlighting what we think are the most impactful laws and regulations, reforms, and judicial decisions in 2024.

1^st Quarter (January – March 2024)

Forex policy reforms were implemented by the Central Bank of Nigeria (CBN) with the aim of stabilizing the Naira, fostering economic growth and the provision of agricultural funding to support food production. Financial policy and regulations were revised by the CBN to ensure the financial industry players operate within a well-regulated environment ensuring the integrity of the financial services sector.

• On 5 January 2024, the Supreme Court of Nigeria delivered a judgment in the case of National Inland Waterways Authority (NIWA) v. The Lagos State Waterways Authority (LASWA). The Supreme Court reaffirmed the power of the Federal Government through the National Inland Waterways Authority (NIWA) to control the activities on the country’s waterways. The decision of the court settled the dispute between NIWA and Lagos State over the appropriate party with regulatory rights over the country’s waterways with the decision of the court in favour of NIWA.
• On 18 January 2024, the National Agency for Food and Drug Administration and Control (NAFDAC) launched the Narcotic Drugs Serialisation Pilot Project, in a bid to strengthen the quality and security of medical products in the country’s drug distribution network. NAFDAC disclosed that the initiative was aimed at combatting the proliferation of substandard and falsified medicines by implementing a traceability system, addressing challenges posed by unscrupulous elements in the pharmaceutical supply chain.
• On 29 January 2024, the CBN issued the Financial Market Price Transparency circular requiring all Authorized Dealers that the CBN has permitted financial markets transactions to be conducted on a ‘’willing buyer will seller’’ basis and therefore expects prices to be quoted and displayed in a transparent manner.
• On 31 January 2024, the CBN issued the Reviewed Guidelines on International Money Transfer Services in Nigeria. The Guidelines stipulate the regulatory requirements that must be met to process and obtain license to provide international money transfer services in Nigeria. The Guidelines revised upward the application fees, capital requirements, etc.
• On 31 January 2024, the CBN issued the Harmonising of Reporting Requirements on Foreign Currency Exposure of Banks to address the growth in foreign currency exposures of banks through their Net Open Position (NOP). Therefore, to ensure the risks are well managed and avoid losses, the CBN issued the guidelines to address it.
• On 2 February 2024, the CBN issued the Cash Reserve Requirement Framework Implementation Guidelines which stated the implementation of a significant policy change by revising the Cash Reserve Ratio (CRR) framework. This update included a reduction in the Loan-to-Deposit Ratio (LDR) compliance requirement from 65% to 50%, aiming to address lending shortfalls among deposit money banks. The revised framework requires banks falling short of this new LDR threshold to allocate 50% of the shortfall as part of their CRR with the CBN.
• On 27 March 2024, the Nigerian president issued a directive titled Implementation of a Single-Digit Tax System which aims to streamline Nigeria’s tax structure by reducing the number of taxes to a maximum of nine. This initiative seeks to simplify the tax code, alleviate the tax burden, and foster a more business-friendly environment. The directive will take effect following the completion of the Presidential Committee on Fiscal Policy and Tax Reforms’ work.
• On 28 March 2024 the CBN issued the Review of Minimum Capital Requirements for Commercial, Merchants and Non-Interest Banks in Nigeria which stipulated new minimum capital requirements for banks. It sets the minimum capital base for commercial banks with international authorisation at N500 billion. The minimum capital base for commercial banks with national authorisation is now N200 billion, while the requirement for those with regional authorisation is N50 billion. Merchant banks are required to have a minimum capital base of N50 billion, while non-interest banks with national and regional authorisations must meet minimum requirements of N20 billion and N10 billion, respectively. All banks are required to meet these requirements within 24 months starting from 1 April 2024 and ending on 31 March 2026.

2^nd Quarter (April – June 2024)

The second quarter saw the enactment of laws and the issuance and revision of key financial regulations by the CBN. The Student Loans Access to Higher Education (Repeal and Re-enactment) Bill, 2024 was enacted. The Cybersecurity levy was set for implementation by the CBN but was eventually suspended due to public outcry over the announcement and the proposed implementation of the levy. The electricity market is also gradually being deregulated by states with some states receiving the approval of the NERC to regulate electricity market within their respective states.

• On 3 April 2024, the Nigerian president signed the Student Loans Access to Higher Education (Repeal and Re-enactment) Bill, 2024 into law. This revised legislation aims to provide financial assistance to indigent Nigerian students by offering interest-free loans through the Nigerian Education Loan Fund. The law is intended to promote accessible higher education and functional skill development for students across the country.
• On 22^nd April 2024, the Federal Government launched a ₦200 billion Intervention Fund Aimed at Supporting Micro, Small, and Medium Enterprises (MSMEs) and Manufacturers. This initiative, introduced by the Bank of Industry, is designed to stimulate local production, reduce import dependency, and enhance Nigeria’s industrial growth. Eligible businesses can access loans under favourable terms, including single-digit interest rates and flexible repayment conditions, to improve capacity, expand operations, and create jobs.
• On 2 May 2024, the Federal Inland Revenue Service (FIRS) issued a directive titled Implementation of Stamp Duty on Mortgage-Backed Loans and Bonds. The Nigerian government directed banks to deduct stamp duty charges on mortgages. This directive is aimed at improving revenue generation from the stamp duty on financial transactions. The charge is applicable to all mortgage transactions and is expected to support government revenue collection. It introduced a 0.375% stamp duty on mortgage-backed bonds. This charge applies to various types of mortgage and legal instruments as specified under the Stamp Duties Act (SDA).
• On 6 May 2024, the CBN issued the Cybercrimes (Prohibition, Prevention, etc) (Amendment) Act 2024 – Implementation Guidance on the Collection and Remittance of the National Cybersecurity Levy. The Guidance required the deduction of 0.5% cybersecurity levy on all electronic transactions. The Guidance exempted certain transactions including loan disbursements and repayment, salary payments, letters of credits, cheques clearing and settlement, etc. The implementation of the Guidance has now been temporarily suspended following protests by the public
• On 7 May 2024, the Corporate Affairs Commission (CAC) issued a public notice titled CAC and Fintech Operators which mandated all Point of Sale (POS) operators in Nigeria to complete their business registration with the CAC by 7 July 2024 which was eventually extended by 60 days to 5 September 2024. This directive by the CAC aligned with the Companies and Allied Matters Act (CAMA) 2020 and the Central Bank of Nigeria’s (CBN) agent banking guidelines which aim to safeguard the operations of FinTechs, improve accountability, and strengthen the economy.
• On 22 May 2024, the CBN issued the Revised Regulatory and Supervisory Guidelines for Bureau De Change Operations in Nigeria. The Guidelines required existing Bureau De Change (BDC) operators to re-apply for a new license in accordance with any of the license categories and meet the minimum capital requirements within six months. New applicants are also required to comply with the Guidelines which supersedes the Revised Operational Guidelines for Bureau De Change in Nigeria dated November 2015. It also categorizes BDC license into tier 1 with permission to operate in any state and tier 2 with permission to operate in only one state.
• On 14 June 2024, the SEC issued a circular titled Implementation of Enterprise Risk Management, it provides that all Capital Market Operators (CMOs) are required to implement an Enterprise Risk Management (ERM) framework that conforms to international standards such as the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the International Organization for Standardization (ISO 31000), Financial Action Task Force (FATF) Recommendations and any other internationally recognized risk management standards. The adoption of comprehensive risk management practices is important in minimizing systemic impact and safeguarding the interests of all stakeholders.
• On 24 June 2024, The Securities and Exchange Commission released a circular titled Revamped E-Dividend Mandate Management System Portal which launched the revamped e-Dividend Mandate Management System (e-DMMS) Portal. This is noted to be an important step towards curbing the growth of unclaimed dividend and generally improving investor experience in the Nigerian Capital market. The revamped e-DMMS Portal introduces a “self-service interface” that allows investors apply to mandate their accounts for e-dividend virtually, without having to visit a Registrar or a Bank.
• On 28 June 2024, the Nigerian president signed an executive order eliminating tariffs, excise duties, and VAT on imported pharmaceutical inputs. This is part of a broader initiative to support local drug manufacturers and improve the availability of essential medicines in Nigeria. The executive order is intended to make local pharmaceutical producers more competitive by reducing costs, thereby ensuring more affordable healthcare for Nigerians.

3^rd Quarter (July – September 2024)

The third quarter of 2024 saw a lot of regulatory activities by regulators in Nigeria. The CBN, SEC and NCC were all very active as they issued regulations and initiated reforms applicable to operators in the various sectors which they regulate.  The Federal Government introduced the Deduction of Tax at Source Regulations 2024, aligning with the National Tax Policy and exempting certain sectors like telecommunications. Significant judicial decisions were also handed down as in the case of the Federal High Court allowing companies to have single shareholder regardless of the incorporation date.

• On July 2024, some states including Imo, Enugu, Ekiti, and Ondo received the approval of the Nigerian Electricity Regulatory Commission (NERC) to regulate their electricity markets in line with the provisions of the Electricity Act, 2023. This allows the states to oversee power generation, transmission, and distribution within their jurisdictions, marking a significant step towards decentralizing electricity regulation in Nigeria.
• On 11 July 2024, the Supreme Court of Nigeria delivered judgment in the case between the Attorney General of the Federation v. Attorney General of Abia State & 35 Others. This landmark decision reinforced the financial autonomy of local governments, declaring it unconstitutional for state governors to withhold funds allocated to local governments, dissolve local government councils, or appoint caretaker committees. The court mandated that funds meant for local governments be paid directly into their accounts, ensuring their independence and strengthening democratic governance at the grassroots level.
• On 19 July 2024, the CBN issued the Guidelines on Management of Dormant Accounts, Unclaimed Balances and Other Financial Assets in Banks and Other Financial Institutions in Nigeria. The Guidelines revised the 2015 guidelines on the subject matter. The Guidelines aim to reunite beneficial owners with unclaimed balances and financial assets, holding funds in trust for beneficial owners, etc. It also states the roles of key stakeholders including the CBN, Nigeria Deposit Insurance Commission (NDIC), financial institutions, account owners and beneficial owners, etc.
• The Nigerian Communications (Consumer Code of Practice) Regulations, 2024 with a commencement date of 29 July 2024 was issued by the Nigerian Communications Commission (NCC). The Regulations aim to prescribe the procedures to be followed by licensees in determining the contents and features of a consumer code of practice and preparing same for approval.
• The NCC issued the Nigerian Communications (Type Approval) Regulations, 2024 with a commencement date of 29 July 2024. The regulations apply to every person providing communication services, manufactures or supplies communications equipment. It also prescribes the processes for the type of approval of communications equipment and identify applicable technical standards while ensuring that communications equipment used in communications networks are safe and do not compromise national security.
• On 29 July 2024, the Nigerian president signed the National Minimum Wage Act 2019 (Amendment) Bill into law, raising Nigeria’s national minimum wage from ₦30,000 to ₦70,000 per month, following extensive negotiations between the Federal Government, labour unions, and the private sector.
• On 30 July 2024, the Federal High Court ruled in Primetech Design and Engineering Nigeria Limited v. The Corporate Affairs Commission (CAC) in favour of allowing all private companies in Nigeria regardless of their incorporation date, to have a single shareholder under the Companies and Allied Matters Act 2020 (CAMA 2020). This decision clarifies that section 18(2) of CAMA 2020 applies universally to both new and older private companies. Previously, there was uncertainty about whether this provision applied only to companies incorporated before the enactment of CAMA 2020. The ruling is significant as it removes restrictions on private companies transitioning to a single shareholder structure without the risk of being wound up by the regulator, offering greater flexibility for business growth.
• On 2 September 2024, the Nigerian Investment Promotion Commission (NIPC) the Revised Service Fee Schedule for Business Registration and Pioneer Status Incentives (PSI) Applications. This increased the fees for applying for business registration and obtaining pioneer status incentives, conducting due diligence, introduced an annual business registration renewal fee, etc.
• On 3 September 2024, the Securities and Exchange Commission (SEC) introduced an electronic filing system to improve the efficiency of the Nigerian capital market. This system aims to reduce listing time for securities and enhance liquidity, enabling quicker access to capital for companies. This is expected to streamline approvals, increase transparency, boost investors’ confidence, and ultimately contributing to the growth of the Nigerian economy.
• On 30 September 2024, the Federal Government introduced the Deduction of Tax at Source (Withholding) Regulations, 2024 which was published in the official gazette and followed by a public notice issued by the FIRS on 2^nd October 2024. These regulations, set to take effect on 1 January 2025 exempt items such as telephone charges, internet data, airline tickets, and out-of-pocket supplier expenses from withholding tax, aligning with the National Tax Policy.

4^th Quarter (October – December 2024)

The final quarter of 2024 witnessed a series of landmark judicial decisions, regulatory developments, and advancements in Nigeria’s economic and financial landscape. Landmark court decisions signalling a shift toward greater accountability and adherence to the rule of law. Regulatory agencies introduced policies aimed at fostering transparency. These developments collectively highlight Nigeria’s strides toward modernization, sustainable growth, and global competitiveness.

• On 2^nd October 2024, the Federal High Court sitting in Abuja ruled in the case between Abubakar Marshal v. Vehicle Inspection Officers (VIO) that VIOs lack statutory authority to stop private vehicles, demand roadworthiness certificates, impound vehicles, or impose fines on motorists. The court clarified that the requirement for roadworthiness certificates applies exclusively to commercial vehicles under existing laws. The court described the actions of the VIOs, including the imposition of fines and confiscation of private vehicles as oppressive, unlawful, and without legal foundation.
• Value Added Tax Modification Order 2024 and Notice of Tax Incentives for Deep Offshore Oil & Gas Production in accordance with the Oil & Gas Companies (Tax Incentives, Exemption, Remission, etc.) Order 2024 were issued by the Federal Government. The VAT Modification Order 2024 exempts energy products including diesel, LPG, CNG and clean energy infrastructures from VAT while the Notice of Tax Incentives introduces new tax reliefs to attract investments into Nigeria’s deep offshore Oil & Gas projects.
• On 3 October 2024, the Federal Inland Revenue Service (FIRS) issued a public notice notifying taxpayers that The Deduction of Tax at Source Withholding (WHT) Regulations, 2024 would take effect from 1^st January 2025 ending the current withholding tax regime contained in the Companies Income Tax Act.
• The FIRS launched an Unstructured Supplementary Service Data (USSD) Code on 9 October 2024 for the purpose of improving taxpayers’ satisfaction. The USSD enables taxpayers to retrieve their Taxpayers Identification Number (TIN) verify Tax Clearance Certificate (TCC), etc.
• On 7 October 2024, the Federal High Court, Lagos struck out the suit commenced by the Manufacturers Association of Nigeria (MAN) v. National Electricity Regulatory Commission (NERC) & 11 Others which challenged the implementation of electricity tariff review on the grounds of the suit being an abuse of court process having not being commenced in accordance with due process and no disclosure of reasonable cause of action.
• In October 2024, Moniepoint, a Nigerian FinTech startup became a unicorn by getting a $1 billion valuation after raising $110 million in Series C funding which highlights the rapid growth and importance of FinTech payment providers in Nigeria.
• In November 2024, the Federal Government announced its plan to establish a national data bank to serve as a centralized platform for the collection, analysis and dissemination of transport-related data for the purpose of informed decision-making and policy formulation.
• On 15 November 2024, the Supreme Court of Nigeria declined to declare the Economic and Financial Crimes Commission (EFCC), Nigerian Financial Intelligence Unit (NFIU) and Independent Corrupt Practices and Other related offences Commission (ICPC) as illegal and unconstitutional in the suit between Attorney General of Kogi State & 18 Ors v. Attorney General of Federation suit No: SC/CV/178/2023).
• On 22 November 2024, the Supreme Court of Nigeria in the case between Lagos State Government & Ors v. Attorney General of Federation & Anor suit No SC/1/2008 nullified the National Lottery Act, 2005 and limited its application to only the Federal Capital Territory (FCT). The National Lottery Act, before the decision of the Supreme Court, applied in the entire country to sports betting and lottery licensing.
• On 29 November 2024, the Central Bank of Nigeria (CBN) released Revised Guidelines for The Nigerian Foreign Exchange Market (NFEM), marking a significant overhaul of the country’s FX operations. The new framework consolidates all FX windows, redefines the roles of market participants, and introduces stricter compliance and transparency measures. Key provisions address the roles of Authorized Dealers, Bureaux de Change (BDCs), pricing mechanisms, interbank trading, compliance, and reporting standards. The guidelines mandates that all BDC transactions comply with licensing terms and be reported in real time. Furthermore, all FX transactions must now be priced through the Electronic Foreign Exchange Matching System (EFEMS), a centralized platform that also publishes daily FX rates for public access, underscoring a strong emphasis on pricing transparency and rigorous reporting requirements.
• On 3 December 2024, the Lagos State Governor signed the Lagos Electricity Bill 2024 into law, marking a significant step toward energy independence for Lagos State. This legislation establishes the Lagos State Electricity Regulatory Commission to oversee the electricity market, regulate power generation, and set tariffs. It also created the Lagos State Electrification Agency to promote off-grid solutions and enhance electricity access in underserved areas. Additionally, the bill introduces the Lagos Electrification Fund to finance the state’s grid expansion and off-grid projects with a focus on renewable energy, energy efficiency, and decarbonization.
• On 11 December 2024, the Central Bank of Nigeria (CBN) imposed a fine of ₦1 billion each on Moniepoint and OPay for regulatory non-compliance. These penalties were part of the CBN’s routine audits of the activities of FinTechs which identified compliance issues within these companies. The fines underscore the CBN’s commitment to enforcing strict regulatory standards in Nigeria’s rapidly expanding digital financial services industry. On 16 December 2024, the Federal Competition and Consumer Protection Commission (FCCPC) rejected Coca-Cola Nigeria Limited’s appeal against a N186 million fine. The fine was imposed due to deceptive branding practices, including misleading product descriptions and unfair marketing tactics. The FCCPC’s decision underscores its commitment to protecting consumers and ensuring fair and honest practices in the Nigerian market.
• On 16 December 2024, the Securities and Exchange Commission published the Re-exposure of Amendments to Rules on Digital Assets Issuance, Offering Platforms, Exchange and Custody. The proposed amendment is to extend the rules to cover new virtual assets activities and business models such as cross chain transfer services, on/off-chain transmission orders, advisory on virtual assets investment, placing and distribution of virtual assets, etc.

Conclusion

2024 has been a year of significant changes and reforms in Nigeria’s legal and regulatory landscape. The government introduced impactful rules and regulations including policy changes in areas such as tax, financial services sector, capital markets, electricity, minimum wage, with regulations like the Deduction of Tax at Source (Withholding) Regulations 2024, Lagos Electricity Law 2024 and the National Minimum Wage Act reflecting efforts to improve economic conditions. The Central Bank of Nigeria, the Securities Exchange Commission and Federal Inland Revenue, the Nigerian Communications Commission, etc. also issued new and amended guidelines and regulations to provide updated regulatory requirements and obligations of players in the regulated industries. The judiciary also delivered impactful decisions such as the Federal High Court’s ruling on the issue of single shareholder pursuant to the Companies and Allied Matters Act, 2020 and the decision of the Supreme Court nullifying the application of the National Lottery Act in the federating 36 states of the country.  As we approach the new year, we extend our sincere gratitude to all our clients for their continued trust in us and wish you a Merry Christmas and a prosperous New Year 2025.

Please note that the contents of this Article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post Goldsmiths Solicitors – Legal Recap for the Year 2024 first appeared on Goldsmiths Solicitors.

Following the emergence of online betting, the Nigerian gambling industry has experienced extraordinary growth in the past few years. This also followed the legalization of some forms of gambling in the Nigerian Criminal Code Act, 1990. The industry has therefore continued to attract both local and international investors due to its huge potentials.

Gambling activities in Nigeria broadly include sports betting, lottery, gaming, casinos, lotto, etc. In order to legitimately operate any type of gambling activity in Nigeria, an operator must first obtain the appropriate licenses from the regulatory authorities. Using Lagos State as a case study, this article explains the regulatory requirements and processes involved in obtaining sports betting license in Lagos State.

Regulatory Framework

Previously, a sports betting company wishing to operate within Nigeria required both a federal license issued by the National Lottery Regulatory Commission (NLRC) and a state licence from the state in which it wishes to operate from. At the federal level, the NLRC, established under the National Lottery Act, 2005, served as the primary body overseeing gaming activities across the country. Concurrently, state governments regulated sports betting within their jurisdictions through their respective regulatory authorities. However, a recent landmark judgment in Lagos State Government & Ors v. Attorney General of Federation and Anor with suit number SC/1/2008 delivered by the Supreme Court of Nigeria in November 2024, has changed this position by nullifying the National Lottery Act, 2005 and declaring that the National Assembly lacks the jurisdiction to legislate on matters related to lotteries and games of chance, as such powers reside exclusively with state Houses of Assembly to legislate on lottery and gaming within their respective states. Thus, the import of the Supreme Court judgement is that the National Lottery Act, 2005 now applies only within the Federal Capital Territory (FCT) where the National Assembly has the legislative power to enact laws on lottery and gaming matters. Therefore, lottery and sports betting companies are now only required to obtain licenses solely from the state(s) in which they intend to operate.

In Lagos State, the regulatory body responsible for controlling and regulating sports betting activities is the Lagos State Lotteries and Gaming Authority (LSLGA). Sports betting companies must obtain the requisite license from LSLGA before commencing operations in the state.

With a large internet penetration and the rise of online betting, in practice, a sports betting company can obtain a license in one state and be accessible online in another state thereby avoiding the need to apply for licences in multiple states.

Requirements for Obtaining a Sports Betting License/Permit from Lagos State Lotteries and Gaming Authority (LSLGA):

As stated above, the regulatory body responsible for issuing sports betting license/permit in Lagos State is the Lagos State Lotteries and Gaming Authority (LSLGA). The requirements for obtaining a sports betting permit from the LSLGA include:

1. Company Incorporation: The first step towards obtaining a sports betting license from the LSLGA is the incorporation of a local company in Nigeria with the Corporate Affairs Commission (CAC) as mandated under the Companies and Allied Matters Act, 2020 (CAMA). This is a compulsory regulatory requirement for any company wishing to do any business in Nigeria.
2. Share Capital: The company must meet the minimum share capital requirement of N20,000,000.00 (Twenty Million Naira) as prescribed by the LSLGA. Please note however that the CAC now requires that any company with foreign participation must have a minimum share capital of N100,000,000 (One Hundred Million Naira). If the company being set up has foreign participation either by shareholding or directorship, the minimum share capital from a CAC point of view must therefore be N100,000,000. Also note that this amount is merely the minimum value of the company shares at the time of registration and the shares do not have to be fully paid up.
3. Financial and Technical Ability: The company must demonstrate the financial and technical ability to operate a sports betting business. The applicants must demonstrate financial stability and viability by submitting audited financial statements, proof of sufficient capital, and a detailed business plan. Regarding the technical ability, operators must invest in a robust technical infrastructure for their sports betting platform, including secure servers, data protection, and reliable payment processing systems. Compliance with international online security standards is also very essential.
4. Applicant companies cannot be wholly-owned by foreigners as Nigerians are required to hold at least fifteen percent (15%) of the shares in foreign-owned companies to fulfil local content requirement and promote local participation.
5. Payment of application and license/permit fees.

Procedures for Obtaining a Sports Betting License/Permit from LSLGA:

The procedure for obtaining a sports betting license from the LSLGA is divided into three stages as follows: the application stage, the approval in principle stage and the final or grant of license stage.

Application Stage:

At this stage, an application for a sports betting license/permit is to be submitted to LSLGA together with the following documents:

1. A letter of intent.
2. Evidence of payment of non-refundable application fee
3. Company incorporation documents issued by CAC (Certificate of Incorporation, status report showing details of directors, minimum share capital and registered address and MEMART).
4. Detailed business plan/proposal on the sports betting scheme which should provide information and documentation on the following:
   1. Business structure information such as address of the registered office, branches, outlets and planned locations, particulars, profile and relevant qualification(s) of directors and key personnel, Tax Clearance Certificate (“TCC”) of Director(s) in the last three (3) years, description of operations and management structure, a sports betting industry analysis that clearly demonstrates an understanding of the sports betting industry, marketing and distribution plans, address of planned location, branches and outlet(s). Please note that these must be lock-up shops – kiosks and mobile vendors are not allowed.
   2. Proposed sports betting operations including details of planned games, relevant sports activities, approximate odds to be used, Operator’s game rules and participants’ Code of Practice, Number and frequency of sports/games and prizes and price structure.
   3. Financial projections including management account, company’s bank statement of the preceding year to support financing plans, five years projected profit and loss account, balance sheet, cash flow analysis which should provide for the annual licence fee and monthly gaming tax, capital investments, etc.
   4. Hardware and software information including servers, routers, firewalls, operating systems and database application specification.
   5. General information on the architectural diagram clearly illustrating the technical operational flow, the proposed platform (whether self-host or cloud based) and the contact information of the hosting company if cloud based.
   6. Detailed information about the applicant’s bookmaker, betting sites and technical consultants, proposed technical topography including a schematic diagram clearly illustrating the technical operational flow.

Due diligence will be conducted on every application to determine the suitability of the applicant for the license within a period of 10 to 15 working days. The applicant will also be required to make a presentation before the LSLGA to justify the grant of the license as part of the application process. Upon the satisfactory fulfilment of the requirements of the application stage and payment of the license fee, an Approval in Principle (AIP) will be granted.

Approval-in-Principle (AIP):

After a successful presentation and upon a satisfactory fulfilment of the pre-approval requirements, the applicant must pay a license fee currently N50,000,000.00 (Fifty Million Naira). Once this payment is made, the applicant is issued an Approval in Principle (AIP). An AIP serves as a temporary licence allowing the company to operate for a period not exceeding three (3) months (90 days) during which the company will be excused from paying tax.  The AIP is typically granted with specific conditions that must be met before the issuance of a final or substantive license.

Grant of License:

Upon the expiration of the AIP and the applicant’s fulfilment of all stipulated conditions set on the AIP, a final license is issued to the applicant. This license is valid for one (1) year from the date of issuance and is renewable annually for a fee currently N10,000,000.00 (Ten Million Naira).

Post-Licensing Obligations

Following the issuance of the license and commencement of operations, licensed operators are required to fulfill certain post-license obligations, including the remittance of a monthly gaming tax of 2.5% of their sales revenue to the regulatory body. Additionally, licenses must be renewed annually upon expiration to maintain operational compliance. There are also other tax obligations for e.g. income tax, Value Added Tax (VAT), company income tax, etc. that are payable by the company either to the state revenue authority or the Federal Inland Revenue Services. The licensed operators are also required to make the filings of their annual returns with the CAC to ensure their regulatory compliance.

Conclusion

With the rise of online betting, the Nigerian gaming industry has experienced extraordinary growth in recent years. Previously, sports betting was regulated at both the federal and state levels in Nigeria. However, a recent landmark Supreme Court judgment in November 2024 clarified that sports betting companies are now only required to obtain licenses exclusively from the states where they intend to operate as the licensing and regulatory powers and oversight of the NLRC is now limited only to the Federal Capital Territory. Upon obtaining the license, operators must comply with all post-license obligations, including remittance of fees to the regulatory body, renewal of license, payment of taxes, filing of annual returns with the CAC, etc.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post Practical Tips on How to Obtain Sports Betting License in Lagos State, Nigeria first appeared on Goldsmiths Solicitors.

With Nigeria being a leading Fintech hub in Africa, we have in last few years witnessed a surge in online money lending service. The operation of money lending business in Nigeria is regulated by the Money Lenders Laws of the various states in Nigeria, the Federal Capital Territory (FCT) and the Federal Competition and Consumer Protection Commission (FCCPC). There are 36 states and a Federal Capital Territory (FCT) in Nigeria and an operator must obtain the money lenders license from the regulatory authority in the relevant state(s) in which they wish to operate or the FCT before commencing operations. It is important to note that where the money lending business is to be carried on in more than one state, a money lenders license must be obtained in each state in which the money lending business is to be carried on. It is a criminal offence to engage in the business of money lending without a money lenders license.

In Lagos State, the money lender’s license is granted by the Lagos State Ministry of Home Affairs. Using Lagos State as a case study, this article explains how to obtain the money lenders license in Lagos State and the digital money lenders registration with the FCCPC. The processes and procedures are similar in other states.

Requirements for Money Lenders License in Lagos State

The Lagos State Money Lenders Law is the principal law which regulates money lending in the state and the regulatory authority responsible for issuing licenses is the Lagos State Ministry of Home Affairs. Money lenders license can only be issued to corporate entities in Lagos state. Thus, any potential investor interested in money lending business is required to first incorporate a company in Nigeria.

The requirements for processing and obtaining a money lenders license in Lagos state are as follows:

1. Incorporation documents including company certificate of incorporation, Memorandum and Articles of Association, etc. of the applicant company issued by the Corporate Affairs Commission (CAC).
2. The minimum share capital of the applicant company is N20,000,000 (Twenty Million Naira). However, where the company has foreign participation, the minimum share capital requirement is N100,000,000 (One Hundred Million Naira).
3. Police Clearance Certificate of two directors of the applicant company.
4. Three (3) years Tax Clearance Certificate (TCC) for the company and for at least two (2) directors.
5. Reference letter from the applicant’s bankers in Nigeria.
6. Proof of payment of the application and processing fees.

The Procedure for Obtaining Money Lender’s License in Lagos State

The procedure for obtaining the money lenders license in Lagos State is initiated with an application to the Chief Magistrate of the Magistrates Court within the magisterial district where the lending company is located and ends with the issuance of a money lenders license to the applicant. The procedure for obtaining the license is highlighted below:

1. An application in the prescribed form is made to the Chief Magistrate of the Magisterial District where the applicant company is located.
2. The Chief Magistrate issues a Money Lenders Certificate (Form B) and a letter addressed to the Permanent Secretary of the Lagos State Ministry of Home Affairs to the applicant company confirming due diligence of the applicant company and recommending the issuance of a money lenders license.
3. An application is made to the Nigerian Police for the issuance of Police Clearance Certificates for two directors of the applicant company.
4. A formal application is made to the Lagos State Ministry of Home Affairs for money lender’s license accompanied with the following documents:
5. Form B and the Letter of Recommendation issued by the Chief Magistrate.
6. Incorporation documents of the applicant company.
7. Three years Tax Clearance Certificate (TCC) of the applicant company and of at least two directors.
8. Police Clearance Certificates for two directors of the applicant company.
9. A reference letter from a commercial bank being the bankers of the applicant company in Nigeria.
10. Proof of payment of the application and processing fees.
11. A physical inspection of the applicant company’s place of business will be carried out by the Lagos State Ministry of Home Affairs upon submission of the application.
12. A Money Lenders License is issued to the applicant company by the Lagos State Ministry of Home Affairs where it is satisfied that all the statutory requirements have been met and the applicant company is considered fit and proper to act as a money lender.

Validity and Renewal of Money Lender’s License in Lagos State

Money lenders license is valid in Lagos State for a period of one year and therefore subject to renewal every subsequent year. To process the renewal of the license, the licensed operator is required to obtain a new Money Lenders Certificate (Form B) from the Chief Magistrate accompanied with the expired license, updated tax clearance certificate and evidence of payment of the renewal fee. Upon being satisfied that the requirements continue to be met, a renewed license is issued.

Registration with the Federal Competition and Consumer Protection Commission (FCCPC)

In 2022, the Federal Competition and Consumer Protection Commission (FCCPC) issued the Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending, 2022 (“the Guidelines”). The Guidelines require digital money lenders to register with the FCCPC before the commencement of business operations. The process of registering with the FCCPC is summarized as follows:

1. The digital money lender is to obtain an Audit Trust Mark from the Nigerian Data Protection Commission.
2. Obtain a compliance Audit Report and Privacy Impact Assessment Report from a duly registered Data Protection Compliance Organisation (DPCO).
3. Obtain and complete the requisite digital money lender’s registration form from the FCCPC. The completed form is to be accompanied with some documents which include:
4. Incorporation documents of the applicant.
5. The company’s terms of use and privacy policy
6. The company’s code of conduct
7. Brief description of the business and details of its groups, subsidiaries and affiliates.
8. Evidence of feedback and complaint resolution mechanism
9. Evidence of payment of the registration fee
10. Obtain and complete the requisite declaration form from FCCPC.

The application is to be submitted to the FCCPC together with the required documents. In practice, the FCCPC allows some flexibility in the registration process by allowing applicants to begin the digital money lender’s registration process while waiting for the Audit Trust Mark and the Compliance Report and Privacy Impact Assessment Report.

Failure to register with the FCCPC may lead to the permanent blacklisting of the digital money lender’s business and the removal of its digital apps from online platforms such as Google Play Store and Apple Store, etc. which will make the money lender unable to transact its business in Nigeria.

Conclusion

With the growth of FinTechs in Nigeria, there has been tremendous growth in the Nigerian online money lending space in the last few years. The business of money lending is regulated in Nigeria by the state governments, the FCT and the FCCPC. An operator is required to obtain a money lenders license in any of the 36 states of Nigeria in which it wishes to carry on business. Individual licenses must be obtained in every state in which an operator seeks to do business. Any company desirous of providing money lending services through any digital platform is required to register with the FCCPC before commencing business in Nigeria failing which its business and digital apps could be permanently blacklisted.

Please note that the contents of this Article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post How to Obtain Money Lenders License in Lagos State, Nigeria first appeared on Goldsmiths Solicitors.

This article provides an overview of the new law, it considers the objectives, application, principles guiding the processing of personal data, cross-border transfer of personal data and other key provisions.

Application of the Nigeria Data Protection Act

The Act applies to data controllers or data processors domiciled, resident or operating in Nigeria and the processing of personal data that occurs within Nigeria. It also applies to situations where the data controllers or data processors are not domiciled, resident or operating in Nigeria but are processing the personal data of data subjects in Nigeria.

The Act does not apply to the processing of personal data which is done solely for personal or household purposes by one or two more persons. The Act also does not apply to the processing of personal data necessary for the investigation, detection or prosecution of crimes or the prevention or control of a public health emergency, etc.

Objectives of the Act

The Act seeks to achieve the following objectives:

1. Safeguard the fundamental rights, freedoms and interest of data subjects as guaranteed under the Constitution.
2. Regulate the processing of personal data and ensures that personal data is processed in a fair, lawful and accountable manner.
3. Protect data subjects’ rights and provide means of recourse and remedies in the event of breach.
4. Ensure that data controllers and data processors fulfill their obligations to data subjects.
5. Establish an impartial, independent and effective regulatory Commission to superintend over data protection and privacy issues and supervise data controllers and data processors.

Establishment and Functions of the Nigeria Data Protection Commission

The Act established the Nigeria Data Protection Commission (“the Commission”) for the purposes of achieving the objectives of the Act. Thus, the Commission has the core functions of regulating the deployment of technological and organizational measures to enhance personal data protection, accredit, licence, and register suitable persons to provide data protection compliance services, register data controllers and data processors, receiving complaints relating to violations of the Act or any subsidiary legislations.

Principles of Processing Personal Data

Data controllers and data processors process personal data on the basis of care and accountability to data subjects. Accordingly, data controllers and data processors must act in a fair, lawful and transparent manner, collect data only for specified and legitimate purpose, hold and retain the data accurately, not longer than necessary, and generally ensure appropriate security measures are taken to secure the personal data.

Consent and Lawful Basis for the Processing of Personal Data

Consent of a data subject is very important for processing personal data. A data subject is a person whose information or data is being processed or sought to be processed. A data controller or data processor must obtain the consent of a data subject before processing his/her data, and it lies on the data controller or processor to prove that the data subject has given consent. The request for consent must be in a clear simple language and format with information that the data subject reserves the right to withdraw the consent at any time.  The consent must be freely and intentionally given either in writing, orally or through electronic means. Silence or inactivity does not amount to consent. In the case of a child, or person lacking legal capacity), the consent of a parent or guardian will suffice. The need to obtain consent of parent or guardian, may however not apply where the processing of personal data is necessary to protect the vital interests, or for the purpose of the education, medical or social care of such child or person lacking legal capacity, or where it is necessary for proceedings before a court.

The consent must be given for the specific purpose(s) for which personal data is processed, or where the processing is necessary for the following purposes:

1. For the performance of a contract to which the data subject is a party
2. For compliance with a legal obligation to which the data controller or data processor is subject
3. To protect the vital interest of the data subject or another person
4. For the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller or data processor
5. For the purposes of the legitimate interest pursued by the data controller or data processor, or by a third party to whom the data is disclosed.

Obligations of a Data Controller

• Obligation to Provide Information: A data controller has the obligation to provide certain necessary information to a data subject before collecting his personal data. The information which the data controller must provide to the data subject include the following:

1. Identity, residence or place of business and means of communication with the data controller and its representative.
2. Recipients or categories of recipients of the personal data
3. Existence of the rights of the data subject
4. Retention period for the personal data, etc.

The data controller shall make this information available by means of a privacy policy which should be expressed in a clear, concise, transparent, intelligible and easily accessible format.

• Data Privacy Impact Assessment Obligation: The assessment is a process designed to identify the risks and impact of processing personal data. A data controller is required to conduct a data privacy impact assessment where the processing of personal data may result in high risk to the rights and freedom of a data subject. This is to be conducted before the processing of personal data.
• Obligation to Erase Personal Data: A data controller has the obligation to erase the personal data of a data subject without undue delay where it is no longer necessary or where the data controller has no other lawful basis to retain the personal data.

Obligations of a Data Processor

Data controllers are engaged by data processors to process personal data. These data processors are also mandated to comply with the principles for the processing of personal data, assist the data controller to fulfill its obligation, implement appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of personal data. Where a data processor engaged by a data controller further engages another data processor, the data processor directly engaged by the data controller is obliged to notify the data controller of its engagement with another data processor.

Data Protection Officers

Data controllers that process significant personal data are required to designate a person as a Data Protection Officer (DPO). The DPO may be an employee of the data controller or a person engaged by a service contract and must possess expert knowledge on data protection laws and practices. A DPO advises data controller, monitors compliance with the Act and related data protection policies of the data controller. The DPO also act as the contact point for the Commission on data processing issues.

Rights of Data Subjects

A data subject has the following rights with respect to the processing of his personal data by a data controller.

1. Right to Confirmation from a Data Controller. A data subject has the right to obtain from a data controller without constraint or unreasonable delay, confirmation as to whether the data controller or a data processor operating on its behalf is storing or otherwise processing personal data relating to the data subject and if so, the purpose of the processing, the recipients or categories of recipients to whom the personal data have been disclosed or will be disclosed, etc.
2. Right to receive a copy of his personal data in a commonly used electronic format.
3. Right to correction or deletion of the data subject’s personal data where correction is not possible where the personal data is inaccurate, out of date, incomplete or misleading.
4. Erasure of personal data of the data subject without undue delay
5. Right to restrict the processing of personal data
6. Right to withdraw consent to the processing of personal data at any time.
7. Right to object to the processing of personal data relating to the data subject.
8. The right to reject being subject to a decision based solely on automated processing of personal data.
9. The right to receive personal data in a structured, commonly used and machine-readable format and be able to transmit it to another data controller without any hindrance.

Data Security

Data controllers and data processors are required to implement appropriate technical and organisational measures to ensure the security, integrity and confidentiality of personal data in the possession. They must ensure that personal data are protected against accidental or unlawful destruction, loss, misuse, alteration, unauthorized disclosure or access.

The security measures that may be implemented to ensure personal data security include encryption, periodic assessments of risks to processing systems and services, regular testing, assessing and evaluation of the effectiveness of the measures, regular updating of the measures and introducing new measures to address shortcomings, etc.

Personal Data Breaches

Personal data breach is the breach of the security of a data controller or data processor which leads to or may lead to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or processed.

Data processors are required to notify data controllers or engaging data processors of personal data breaches which the data processors store or process upon becoming aware of it by describing the nature of the personal data breach and the number of data subjects and personal data records concerned and also respond to all information requests from the data controllers or the engaging data processors.

Data controllers should also notify the Commission of personal data breaches which are likely to result in a risk to the rights and freedoms of individuals within 72 hours of becoming aware of such breach. Data controllers are also to communicate the personal data breach to the data subjects in a plain and clear language including measures that could be taken by the data subjects to mitigate any possible adverse effects.

Data controllers and data processors are also required to keep a record of all personal data breaches, facts relating to the breaches, its effects and remedial actions taken.

Cross-border Transfers of Personal Data

Data controllers and data processors are not allowed to transfer or permit the transfer of personal data from Nigeria to another country unless:

1. The recipient is subject to a law, binding corporate rules, contractual clauses, code of conduct or certification mechanism that affords an adequate level of protection.
2. meets one of the lawful basis for transfer of personal data outside Nigeria.

The level of protection considered adequate must uphold the principles that are substantially similar to the conditions for processing personal data provided by the Act. An adequate level of protection is assessed by taking into account the existence of an effective data protection law, access of public authority to personal data, existence of an independent supervisory authority, etc.

Registration of Data Controllers and Data Processors

Data controllers and data processors of major importance are mandated to register with the Commission within six months after the commencement of the Act or upon becoming a data controller or data processor of major importance. Data controllers or data processors of major importance are data controllers or data processors that process personal data of particular value or significance to the economy, society or security and are resident or operating in Nigeria.

The Commission is required to maintain and publish a register of duly registered data controllers and data processors of major importance on its website. A data controller or data processor of major importance shall be removed from the register where it ceases operation.

Enforcement and Penalties

A data subject who is aggrieved by the action, inaction or decision of a data controller or processor may lodge a complaint with the Commission and it may investigate the complaint where it is not vexatious or frivolous.

The Commission may also issue a compliance order once it is satisfied that any requirement of the Act or subsidiary legislation has been violated or likely to be violated by a data controller or data processor. The order may be a warning, order to comply with the request of a data subject or a cease-and-desist order. The Commission may also issue an enforcement order or impose a sanction for violation of the Act or a subsidiary legislation.

The penalty or remedial fee for violation of the Act or subsidiary legislation is:

1. Higher maximum amount, which is the greater of N10,000,000 and 2% of its annual gross revenue in the preceding financial year, in the case of a data controller or data processor of major importance.
2. Standard maximum amount, which is the greater of N2,000,000 and 2% of its annual gross revenue in the preceding financial year, in the case of a data controller or data processor not of major importance.

Conclusion and Remarks

The Nigeria Data Protection Act, 2023 is an important piece of legislation and has been long in coming. It provides for the basic principles and the lawful bases for the processing and transfer of personal data in Nigeria and applies to both resident and non-resident data processors. It provides for the responsibilities of data controllers and data processors while also providing for the rights of data subjects. The processing of sensitive personal data and the personal data of children and persons lacking legal capacity to consent must follow the applicable principles as provided by the Act. Data security measures which are robust are expected to be put in place by data controllers and data processors to protect against the risk of personal data breaches. The Act creates the Nigerian Data Protection Commission which has the overall responsibility to ensure compliance and impose penalties where necessary. Both resident and non-resident data processors are advised to pay particular attention to this new legislation as they are now required to take specific steps to ensure compliance with the Act.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post Better Late than Never: Nigeria Finally Passes the Data Protection Act first appeared on Goldsmiths Solicitors.

A Payment Solution Service Providers (PSSP) licence is a financial licence within the payments system which is issued by the Central Bank of Nigeria (CBN). A PSSP licence authorizes the licensee to provide and operate payment processing gateway and portals, solution/application development, and merchant service aggregation and collections services. A  PSSP license does not provide the authorization to hold customers’ funds or create and issue wallets. PSSPs are predominantly Financial Technology (FinTech) companies that enable  and facilitate  online and offline payments solutions which include collections, check-out, biller aggregation and payout services.

The CBN is the regulatory authority that issues PSSP licenses in Nigeria. The CBN also provides constant regulatory oversight over the activities of PSSP licensees in Nigeria.

Who can Apply for a PSSP Licence in Nigeria

Only a company that is duly registered with the Corporate Affairs Commission (CAC) in Nigeria and also meets the minimum share capital requirements and other regulatory requirements of the CBN can apply for a PSSP licence in Nigeria.

The Process of Obtaining a PSSP Licence from the CBN in Nigeria

A PSSP licence is processed in two stages viz:

• Approval-in-Principle (AIP): This is the preliminary stage of obtaining a PSSP license. During this stage, an application is to be made to the CBN for the grant of the license and they are expected to give an Approval-in-Principle or reject the application. Where an AIP is given, it is only valid for a period of six months. The AIP does not authorize the applicant to commence operation but only allows the applicant to take steps towards obtaining the final licence.
• Final Licence: The applicant is required to consolidate the AIP stage by taking steps to ensure its readiness for commencement of operation, notifying the CBN of its readiness to commence operation, by paying and applying for final licence. Upon the grant of the final licence, the applicant can commence its operations.

The process of obtaining a PSSP licence from the AIP stage to the final licence stage involves the following:

1. Write an application letter for a PSSP license which is addressed to the Director, Payments Systems Management Department of the CBN.
2. The application letter is accompanied with the required documents which include:

• Certificate of incorporation of the company with the Corporate Affairs Commission (CAC), with a share capital of N100,000,000 (One Hundred Million Naira)
• Memorandum and Articles of Association of the company
• Form CAC 2A (Return of Allotment of shares)
• Form CAC 7A (Particulars of Directors)
• Tax Clearance Certificate (TCC) and Tax Identification Number (TIN) of the Company
• Company’s profile
• Details of ownership
• Board structure
• Business plan
• Information Technology policy
• Dispute resolution framework
• Necessary certifications such as Payment Card Industry Data Security Standard (PCIDSS), Payment Terminal Service Aggregator (PTSA), etc.
• Evidence of payment of the non-refundable application fee of N100,000 (One Hundred Thousand Naira).
• Evidence of the deposit of the refundable minimum capital of N100,000,000 (One Hundred Million Naira). This is required to be made in full (one lump sum) and in the name of the applicant.

3. The CBN assesses the application for the PSSP licence and the accompanying documents and if it is satisfied with the application, it proceeds to grant an Approval-in-Principle.

4. Upon obtaining AIP from the CBN, the applicant then makes payment of the licence fee of N1,000,000 (One Million Naira) to the CBN designated account and proceeds to apply for a final licence within six months of obtaining AIP.

5. The CBN inspects the registered place of business of the applicant company and its readiness to commence operation and proceeds to issue the final licence if it is satisfied with the outcome of its inspection.

Validity and Renewal of PSSP Licence

PSSP licence validity period is as determined by the CBN and renewable if the operations of the PSSP licensee is satisfactory to the CBN. Recently, CBN renewed Cellulant’s PSSP licence and this shows the satisfaction of the CBN with the services of the company in providing payment solutions in Nigeria. Thus, the renewal of a PSSP licence by the CBN is a vote of confidence on the operation of a PSSP licensee.

Conclusion

A Payment Solution Service Providers (PSSP) licence is an important licence within the Nigerian payment systems which enables the provision of financial services such as the operation of payment processing gateway and portals which is utilized by merchants to accept debit or credit card purchases from customers. A PSSP licensee provides both online and offline payment solutions. A PSSP licence is obtainable from the CBN by submitting an application to the CBN and paying the required application and license fees within the stipulated timelines.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post How to Obtain a Payment Solution Service Providers Licence in Nigeria first appeared on Goldsmiths Solicitors.

By a Circular dated 7^th March 2023, the Central Bank of Nigeria (CBN) released the “Operational Guidelines for Open Banking in Nigeria” (‘the Guidelines’). The Guidelines set out rules for sharing the data/information of customers between participants in the open banking system. Although not defined in the Guidelines, open banking system may be defined as the exchange of the data of an entity’s customers with other entities for the purpose of providing innovative financial services. Thus, the Guidelines recognize the right of customers to privacy and data protection and set out the rules for engaging in open banking in Nigeria. It among other things, stipulates technical requirements/considerations for operating in the open banking system, identifies the risks associated with open banking to include cyber security, data privacy and integrity, product management, money laundering and regulatory compliance, and outlines the rules to manage these risks.

In this article, we highlight some salient provisions of the Guidelines such as who the participants in open banking are, the obligations of participants, regulatory oversight functions, policies/frameworks to be formulated by participants, reporting obligations, intellectual property issues and risk management.

Participants in Open Banking Operations

These are the organizations/persons who may engage in the exchange of customers’ data for the purpose of providing/receiving innovative financial services. Participants in open banking are classified based on the roles and the services they provide as follows:

1. API Providers;
2. API Customers; and
3. Customers.

API providers (APs) are those who use Application Programming Interface (API) to avail data or service to another participant. They can be licensed financial institutions, fast-moving consumer goods (FMCG) companies such as cosmetics, beverages, drugs, etc. companies, retailers, payroll service bureau, etc.

API Customers (ACs) are those that use API released by APs to access data or service. They are the recipients of API containing the data or service of other customers.

Customers as participants are the data owners who shall be required to provide consent for the release of their data for the purpose of accessing financial services. They may provide consent whilst filling out a form, etc.

Open Banking Registry

By the Guidelines the CBN is expected to maintain and provide an Open Banking Registry (‘the Registry’). The Registry is charged with regulatory oversight functions for participants in open banking. Participants in open banking are required to be registered with the Registry and their details are to be held by the Registry. The Registry is also to maintain an API interface which would serve as the primary means by which API providers manage the registration of their API customers.

Responsibilities of API Providers and API Consumers

The Guidelines set out several responsibilities which APs and ACs are expected to comply with. These responsibilities provide rules for ensuring accessibility of open banking systems and procedures, transparency, cybersecurity, privacy protection, etc.  Some of these responsibilities are:

1. Configuration management: APs and ACs are required to keep detailed inventory of open banking system configuration items in accordance with current Information Technology Infrastructure Library (ITIL) Standards. They are also to have automated configuration management (CM) processes and a configuration management policy.
2. Execution of a Service Level Agreement (SLA): They are required to execute an SLA which is to contain provisions on accounting and settlement, fee structure, reconciliation of bills, registration, and sponsorship responsibilities. The fee structure is also to be publicly disclosed on their websites and applications.
3. They are to ensure that all systems required for open banking are available, functioning optimally and meet up with the minimum standards on service monitoring, incident management, performance monitoring and event logging.
4. They are to ensure that they meet the minimum performance standards for open banking systems. The Guidelines outlines several key performance indicators (KPIs) to ascertain compliance with the minimum performance standards. One of such KPI is that where the average API total processing time is less than 3 seconds, it would be considered as ‘operational’, where it is less than or equal to 7 seconds, it would be considered as ‘suspect’, and where it is greater than 7 seconds, it would be considered as ‘critical’.
5. APs and ACs are required to maintain Business Continuity Plan (BCP) which are to among other things, indicate the architecture of the Online Transaction Processing (OLTP) and Online Analytical Processing (OLAP) infrastructure, trigger events, processes for failover and fail-back, and includes quarterly failover exercises and review of processes. The Guidelines also sets the threshold for failover and fail-back procedures as ’30 minutes of downtime’. They are also required to implement Disaster Recovery Plans (DRP) which may also be entrenched in the BCP. The plans are to be tested every 6 months. Whilst CBN is to oversee testing procedures, it is the responsibility of ACs and APs to provide the facilities for testing.
6. They are to ensure that they have problem management systems in place. The problem management system is aimed at managing incidents known to be recurring and which are not resolved under the SLAs. APs and ACs are to maintain a Problem Register which is to be made available to regulators, auditors, risk, and control teams within the organization. The problem management system is to be always electronic, or cloud based.
7. They are to ensure compliance with interface requirements. Some of these requirements are ensuring that interfaces between APs and ACs are 100% electronic, the data interchange format must be JavaScript Object Notation (JSON) and ensuring that the data standard for financial transactions are model based on ISO 20022 or any other global applicable minimum standard.
8. ACs and APs are to ensure that they maintain best competition practices. They are to comply with the provisions of section 2 of the Code of Conduct for the Nigerian Banking Industry which guards against unethical practices/unprofessional conducts by persons in the banking industry.
9. They are to ensure that the data in their possession is well protected and are to set up effective information security management systems and are to ensure compliance with technical security standards and minimum-security principles as contained in US NIST CSRC.
10. Change management obligations. They are required to collate change requirements and plan the changes for the next month. Changes to be made, whether pre-emptive or responsive are to be reported with sufficient details and in accordance with the prescribed notifications to be sent to all stakeholders that may be affected by such changes. The notifications are to be made in the following order:

• 24 hours before the intended change
• 1 hour before the intended change.
• Immediately the change has been completed and the services have been confirmed restored.
• 30 minutes after the change should have been completed but has been prolonged or failed.
• At the point of commencing a change rollback.
• When the services have been restored.

11. APs and ACs are required to have secure real-time communication platforms for first level incident responders within their organizations and respective ACs/APs for incident notification, investigation, and resolution. Emails are however not sufficient communication channels for incident management in open banking. The communication platforms are to accommodate text voice and video conferencing as effective modes of communication.

Termination of Agreement between Participants.

Any participant desirous of terminating a relationship is required to give the other party 20 business days’ notice of such termination. Where the relationship is terminated without notice due to fraud, abuse of service, etc. the AP is required to provide the AC with a report justifying the termination within 2 business days.

Policies/Frameworks to be Formulated under the Guidelines

ACs and APs are required to formulate the following policies:

1. Data Governance Policies. These policies are to govern the way APs and ACs handle the data of customers. They are to be approved by a committee of its Board of Directors or at minimum, an executive management committee.
2. Data Ethics Framework. The Data Ethics Framework is to provide the principles for collecting, collating, storing, analyzing, processing, etc. data. The Framework is also to provide consistent procedures for the documentation, verification, etc. of data to ensure compliance with extant laws and regulations.
3. Data Breach Policy. This policy is aimed at preventing, managing, assessing, reviewing, etc. data breach.
4. Configuration Management Policy. This Policy is to be approved by the AP’s or AC’s executive or board level information technology steering committee or an equivalent body not less than executive level.
5. Risk Management Framework. This Framework is to set out guiding principles for the management and mitigation of risks. Participants are to have a risk management committee which is to consist of at least three members of senior management cadre.

Rendition of Returns/Reporting Obligations

One of the ways CBN safeguards the privacy rights of customers and ensure data security under the Guidelines is by mandating ACs and APs to render periodic returns to the CBN. The returns are to state the volume and value of transactions, the number of users, success and failure rates, security and fraud incidents, downtime reports and any other information as CBN may require from time to time.

Participants are also required to introduce an incident reporting portal to enable easy, efficient, and fast reporting of cybersecurity breach incidents.

ACs and Aps are to provide monthly API Consumers Reports to each other indicating among other things, statistics of incidents/problems, SLA compliance and aggregate impact in downtime or loss of service, the number and category of Fraud and Disputes with accompanying SLA performance, and the excerpts of the problem register indicating new, existing, and resolved problems.

ACs and APs are also required to make ‘Customer Reports’ to customers who have subscribed to one or more ACs stating among other things, transcript of ACs activities on the use of customer-permissioned data shall be provided to the customers at the minimum every month or for a period less than a month as may be requested by a customer, a transcript of each AC’s activities against the customer’s account/wallet for at least the last 30 days, etc.

Data Sharing

The Data of individuals is an intangible yet sensitive asset. The Guidelines provide for rules for data sharing with other (outsourced) service providers as well as between APs and ACs. Before APs share the data of a customer with ACs, they are to obtain the consent of the customer and authenticate the consent to ensure it emanates from the customer. This is to be done by putting in place Two Factor Authentication (2FA). The AC on the other hand is also required to furnish the customer with certain information such as its legal name, CAC registration number, means of identification in the open banking registry, access type and duration, means of withdrawal of consent, etc. for the consent obtained to be valid.

Intellectual Property

The Guidelines make provisions on IP issues and stipulates that the IP rights in any data or other information would always remain with the participant/party whom such data emanated from. Thus, parties are to be mindful of this provision while drawing up Agreements to ensure that no clause runs contrary to this stipulation.

Resolution of Complaints

By the Guidelines, participants are to stipulate how customers can lodge their complaints during the customer’s onboarding. Where there is a complaint, participants are required to acknowledge receipt of the complaint within 24 hours and are to resolve the complaint within 48 hours of its receipt.

Conclusion

It is important to emphasize that the Guidelines only applies to the exchange of data for the purpose of providing innovative financial services in Nigeria. Any organization that controls the data of its customers is now allowed to exchange it with other entities for the purpose of providing innovative financial services in Nigeria. However, before the information of customers are shared, their consents must be obtained, authenticated by API provider, and validated by the API customer. The Guidelines provides minimum security measures and risk management systems to be put in place to protect the information of customers. It sets out rules that would guard against the violation of the privacy rights of customers while promoting efficiency, financial inclusion, healthy competition, and customers’ access to services available to them in the financial service industry.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post An Overview of CBN’s Operational Guidelines for Open Banking in Nigeria first appeared on Goldsmiths Solicitors.

2022 has been an incredibly busy and exciting year in the Nigerian legal and regulatory environment. There were major and far-reaching changes ushered in by the regulatory authorities particularly the Central Bank of Nigeria (CBN). There were also major developments relating to Banking and Finance, Competition and Consumer Protection, Startups, Capital Markets, Insolvency, etc. In this article, we have highlighted some of the major legal, regulatory, and judicial changes that occurred in 2022. This article is divided into four parts representing four quarters of the year. In each quarter, we deal with all the major legal changes that occurred therein.

1^st Quarter (January – March 2022)

A remarkable feature of the first quarter was the issuance of regulations/guidelines by the CBN. Within this period, the Electoral Act 2022 was also signed into law by the President. The new Electoral Act introduced important changes to the conduct of elections Nigeria. Below are some of the highlights of the 1^st quarter:

• The Central Bank of Nigeria (CBN) Guidelines on the Introduction of E-evaluator, e-invoicing for Import and Export in Nigeria. Although the Guidelines were issued in January, it became operative on 1 February 2022 and requires the submission of an electronic invoice authenticated by the Authorised Dealer Bank for all import and export operations. The electronic invoice replaces the usual hardcopy final invoice.
• On 11 January 2022, President Muhammadu Buhari approved the establishment of the Nigerian Diaspora Investment Trust Fund, a private sector investment window for Nigerians in the diaspora to support direct investments in the country.
• On 18 January 2022, the Lagos State Government introduced the Consolidated Informal Transport Sector Levy to harmonize the taxes paid by transporters to the state government.
• On 26 January 2022, the Federal High Court in the case of Attorney General of Rivers State v. Attorney General of Federation and 3 Others, invalidated deductions by the Federal Government from the Federation Account for funding the Nigeria Police Trust Fund.
• The Central Bank of Nigeria Operating Guidelines for RT200 Non-Oil Export Proceeds Repatriation Rebate Scheme. This is a programme designed and introduced by the CBN to incentivize exporters in the non-oil export sector with the goal of raising $200 billion in FX over the course of the next three years.
• The Central Bank of Nigeria Guidelines for Regulation and Supervision of Credit Guarantee Companies in Nigeria. The Guidelines seeks to ensure a conducive environment for Micro, Small and Medium Enterprises (MSMEs) to be able to access credit at low interest rates from banks and financial institutions. The requirements for obtaining a license and also the activities which are permitted and not permitted by the license are contained in the Guidelines.
• On 7 February 2022, the Lagos State Governor signed the Lagos State Real Estate Regulatory Authority Bill into Law. The law introduced significant changes to the real estate landscape in Lagos State by mandating the registration of real estate practitioners.
• Electoral Act (Amendment) Act 2022 (the Electoral Act). The new Electoral Act was signed into law on 25 February 2022 by President Muhammadu Buhari. The Electoral Act empowers the Independent National Electoral Commission (INEC) to transmit election results electronically. Section 84 (12) of the Act, prohibits appointees of government, government officials from holding office while vying or contesting at party primaries.
• On 4 March 2022, the CAC stated in a circular that schools and other institutions would no longer be registrable as business names. This means they can now only be registered as a company pursuant to the Companies and Allied Markets Act 2020.
• On 23 March 2022, the Nigerian Communications Commission (NCC) issued the License Framework for the Establishment of Mobile Virtual Network Operators in Nigeria.

2^nd Quarter (April – June 2022)

This quarter witnessed a high level of enactment of laws and the issuance of regulations by the regulatory authorities. Importantly, three laws were passed to deal with the issues of corruption and terrorism in Nigeria. One of these laws (Money Laundering [Prevention and Prohibition] Act 2022) prompted the issuance of a guidelines by the CBN to bring its AML/CFT regulations in compliance with the requirements of the new law. The Securities and Exchange Commission (SEC) also issued a guideline to regulate digital and virtual assets. Below are some of the highlights of the 2^nd quarter:

• On 6 April 2022, the President signed Executive Order 11 which mandates government to institutionalize maintenance of public buildings. The National Biotechnology Development Agency Act, 2022 was also signed on the same day. The law provides the legal framework for the established agency to carry out research and create public awareness in biotechnology to encourage private sector participation.
• On 24 April 2022, the Corporate Affairs Commission announced the approval of the Insolvency Regulations 2022 by the Minister of Industry, Trade and Development. The regulations govern insolvency proceedings under the Companies and Allied Matters Act 2020.
• On 12 May 2022, the President signed the Money Laundering (Prevention and Prohibition) Act, 2022, the Proceeds of Crime (Recovery and Management) Act, 2022, and the Terrorism (Prevention and Prohibition) Act, 2022.
• The Central Bank of Nigeria Exposure Draft Guidelines for Open Banking in Nigeria. These Guidelines are aimed at enhancing competition and innovation in the banking system. It established the principles for data sharing across the banking and the payments system and broadened the range of financial products and services available to bank customers.
• The Central Bank of Nigeria Guidelines for the Registration and Operation of Bank Neutral Cash Hubs (BNCH) in Nigeria. The Guidelines are aimed at  reducing the risks and cost borne in the course of cash management and to also enhance cash management efficiency. The registration of a BNCH is to be undertaken in two stages of obtaining CBN Approval-in-Principle and final approval. The BNCH are to be licensed to take deposit and disburse high volume cash on behalf of financial institutions but cannot carry out lending activities, receive or disburse foreign currency or sub-contract their operation.
• Revised Guidelines for the Operation of Non-Interest Financial Institutions’ Instruments by the Central Bank of Nigeria. These Guidelines replaced the 2012 Guidelines and were issued to regulate the issuance of non-interest instruments by Non-Interest Financial Institutions (NIFIs) while also stipulating the requirements and terms of operation for NIFIs.
• The Central Bank of Nigeria (Anti-Money Laundering, Combating the Financing of Terrorism and Countering Proliferation Financing of Weapons of Mass Destruction in Financial Institutions) Regulations, 2022. The CBN issued the Regulations to bring its regulations on anti-money laundering and combatting the financing of terrorism to be in compliance with the Money Laundering (Prevention and Prohibition) Act, 2022 and safeguard the financial institutions from being used for financial crimes.
• The Securities and Exchange Commission issued the Rules on the Issuance, Offering Platforms and Custody of Digital Assets. The Rules were issued by SEC on 13 May 2022 and provide for the issuance of digital assets, registration requirements for Digital Assets Offering Platforms (DAOPS) and Digital Assets Custodians (DAC) among others.
• On 25 May 2022, the Federal High Court in the case of Femi Davies v. National Broadcasting Commission, nullified the National Broadcasting Code (6^th Edition) through which the National Broadcasting Commission (NBC) sought to regulate the practice of advertising in Nigeria. The court held that it was beyond the power of the NBC to regulate advertisement.

3^rd Quarter (July – September 2022)

The regulatory authorities in the banking and finance sector, particularly the CBN, were very active in issuing one form of guidelines or the other. The Federal Competition and Consumer Protection Commission (FCCPC) issued a guideline to regulate the activities of digital money lenders after a series of predatory practices by many digital money lenders. There was also a judgement of the Court of Appeal which re-affirmed the power of the Federal Inland Revenue Service to collect VAT from hoteliers. Below are some of the highlights of the 3^rd quarter:

• The Central Bank of Nigeria Review of the Industry Quick Response (QR) Code Presentment Options. The review was done by the CBN to enhance the flexibility offered by the use of QR codes in payments. The review provides that the implementation of the QR code for payments shall be based on either merchant-presented or consumer-presented modes.
• The Central Bank of Nigeria Exposure Draft on the Digital Financial Services Awareness Guidelines. This was developed to address gaps in consumer knowledge and practices with Digital Financial Services (DFS). The Guidelines provides for a set of principles and expectations for financial service providers to integrate in the provision of DFS to ensure consumer understanding, good treatment and positive outcomes.
• On 1 July 2022, the Court of Appeal set aside the judgement of the Federal High Court in the case of The Registered Trustees of Hotel Owners and Managers Association of Lagos v. Attorney General of Lagos State which invalidated the powers of the Federal Inland Revenue Service (FIRS) to collect Value Added Tax (VAT) from hoteliers and held that the collection of the tax is in the purview of the state government. The Court of Appeal has now held that it is the FIRS that has the authority to collect VAT. See Federal Inland Revenue Service v. The Registered Trustees of Hotel Owners and Managers Association of Lagos.
• Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending 2022. The regulations were issued by the FCCPC on 18 August 2022 to provide the FCCPC’s approach to regulating the digital lending space and makes provisions for the requirements for approval/registration to carry out the business of digital lending in Nigeria. Thus, by this Framework and Guidelines, institutions engaged in digital lending activities are to be registered with the FCCPC.
• The Revised Handbook on Expatriate Quota Administration 2022 (the Revised Handbook). On 31 August 2022, the Federal Ministry of Interior announced the issuance of the Revised Handbook. The Handbook increased the minimum share capital requirement of a company wishing to apply for business permit from N10,000,000 to N100,000,000. It also reduced the lifespan of Expatriate Quotas (EQs) from ten to seven years. However, the provisions of the Handbook are yet to be operational.
• The Advertising Regulatory Council of Nigeria (ARCON) banned the use of foreign voice-over artists and models on any advertisement which targets the Nigerian advertising space. The ban took effect on 1 October 2022.

4^th Quarter (October – December 2022)

The Nigeria Startup Act was enacted during this quarter, and it represents a remarkable achievement towards incentivizing startups in Nigeria through the incentives and programmes dedicated to spur the growth of startups in Nigeria. A sport policy was also developed and approved with the motive to position the sport sector to generate revenue while standardizing it. The CBN was also active with the issuance of several guidelines and regulations to regulate players in the Nigerian financial services sector. Below are some of the highlights of the 4^th quarter:

• Exposure Draft Guidelines for the Regulation of Representative Offices of Foreign Banks in Nigeria. The Guidelines stipulate how a representative office of foreign banks can be licensed in Nigeria. It enumerates the activities they can validly engage in in Nigeria such as marketing the products and services of their foreign parent or affiliate and states that they cannot engage directly in any financial transaction.
• Exposure Draft Guidelines on Contactless Payments in Nigeria. The Guidelines provide the minimum standards and requirements for the operation of contactless payments and specified the roles of stakeholders such as acquirers, issues, payment schemes, merchants, etc.
• Nigeria Startup Act 2022. On 19 October 2022, the Nigeria Startup Act, 2022 was signed into law. The law aims to provide an enabling environment for the establishment, development, and operation of startups in Nigeria and to position Nigeria’s startup ecosystem as the leading digital technology centre in Africa.
• National Sports Industry Policy (NSIP) 2022 – 2026. On 2 November 2022, the Federal Executive Council (FEC) approved the National Sports Industry Policy (NSIP) 2022 – 2026. The policy contains provisions on governance regulations, infrastructure development plans, incentives for private investors, etc. aimed at standardizing the Nigerian sport sector and thereby generating revenue.
• CBN Naira Redesign Policy – Revised Cash Withdrawal Limits. Citing the need to combat fraud, corruption, terrorism and to ensure that most of the money in circulation are within the banking vault, the CBN issued the policy document on 6 December 2022 to reduce the daily and weekly cash withdrawal limit and also to introduce certain requirements for withdrawing across the counter beyond the set limit at the rate of 5% fee for individuals and 10% for corporate organizations. The revision of the cash withdrawal limits was done by the CBN pursuant to the recent redesign of the Nigerian currency i.e. N200, N500 and N1,000 notes. Coming less than three months before the next general elections in Nigeria, this policy has received a lot of resistance from the political class.

Conclusion

2022 has been a remarkable year in the Nigerian legal and regulatory space and saw the enactment of the Start Up Act, the redesign of the Naira and the introduction of far-reaching regulations especially by CBN aimed and tackling corruption, fraud and financial crimes.

We use this opportunity to wish all our clients a very Merry Christmas and best wishes for the New Year 2023. Thank you all for your support.

Please note that the contents of this Article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post Goldsmiths Solicitors – Legal Recap for the Year 2022 first appeared on Goldsmiths Solicitors.

This article provides an insight into the provisions of the Guidelines.

What is Contactless Payment?

According to the Guidelines, contactless payment is a payment system that involves the use of contactless technology that enables an alternative payments method whereby payment instruments such as pre-paid, debit and credit cards, stickers, fobs, wearable devices, tokens and mobile electronic devices are used without physical contact with devices.

Aims of the Guidelines

The guidelines aim to provide the minimum standards and requirements for the operations of contactless  payments in Nigeria, and also specify the roles and responsibilities of the stakeholders involved in contactless payments in Nigeria.

Who are the Participating Stakeholders?

The participating stakeholders in contactless payments in Nigeria are:

1. Acquirers
2. Issuers
3. Payment Schemes
4. Card Schemes
5. Switching Companies
6. Payments Terminal Service Providers (PTSPs)
7. Payments Terminal Service Aggregator (PTSA)
8. Merchants
9. Terminal Owners
10. Customers
11. Any other stakeholder/participant(s) as may be designated by the CBN.

The stakeholders are required to obtain CBN’s approval for contactless payments products and for innovative use cases and value-added services.

Minimum Standards for Contactless Payments in Nigeria

The participating stakeholders that process and/or store customers’ information are obliged to ensure that their terminals, applications and processing systems comply with the below standards at the minimum:

1. PA DSS – Payment Application Data Security Standard
2. PCI PED – Payment Card Industry Pin Entry Device
3. PCI DSS – Payment Card Industry Data Security Standard
4. Triple DES – Data Encryption Standards shall be the benchmark for all data transmitted and authenticated between each party. The Triple DES algorithm is the minimum standard.
5. AES – Advanced Encryption Standards
6. EMV – the deployed infrastructure must comply with the minimum EMV requirements for Contactless acceptance
7. ISO27001 – Information Security Management System
8. Other standards as may be specified by CBN from time to time.

Each participating stakeholder (operator) is mandatorily required to maintain valid certification to the above standards and regularly review the status of its systems, applications, networks and devices, to ensure they remain compliant.

Roles and Responsibilities of Stakeholders

The Guidelines provide for the separate roles and responsibilities of the stakeholders as follows:

Acquirers

Some of the roles and responsibilities of acquirers with respect to contactless payments in Nigeria include:

1. Only CBN licensed institutions can serve as acquirers for contactless payments.
2. Acquirers shall ensure that their applications, instruments, tokens and devices meet current standards and specifications for contactless payments.
3. Acquirers shall execute contactless payments agreements with parties for utilizing contactless platforms for payments.
4. Acquirers shall be able to accept all cards or payments instruments used in Nigeria.

Issuers

Some of the roles and responsibilities of Issuers with respect to contactless payments in Nigeria include:

1. Only CBN licensed institutions shall serve as Issuers for contactless payments.
2. Issuers shall ensure that activation of contactless payment is at customer’s instance, and with full consent.
3. Issuers shall ensure that their applications, instruments, tokens and devices meet current standards and specifications for contactless payments.
4. Issuers shall activate only accounts and wallets with Bank Verification Number (BVN).
5. Issuers shall ensure that transaction limits are strictly adhered to.

Payment Schemes and Card Schemes

Payment Schemes and Card schemes have the same roles and responsibilities with respect to contactless payments in Nigeria. These roles and responsibilities include:

1. Ensuring that all contactless transactions are processed online or submitted via current processing specifications.
2. Implement a documented risk management process to identify and treat risks associated with contactless payments.

Switching Companies

Switching companies have the responsibility of ensuring that contactless transactions consummated by all payment instruments issued in Nigeria are successfully switched between acquirers and issuers.

Payment Terminal Service Providers (PTSPs)

Some of the roles and responsibilities of PTSPs with respect to contactless payments in Nigeria include:

1. Ensuring that all their terminals for contactless payments are functional at all times.
2. Ensure they have adequate support infrastructure that support coverage for merchants.
3. Ensure all deployed devices and terminals have support service contact information.
4. Prevent instrument clashes even when multiple contactless payments devices are present.

Payment Terminal Service Aggregator (PTSA)

The PTSA shall, on an annual basis, or more frequently, certify POS terminals for contactless payments to ensure POS terminals meet the approved standard for the industry and also put in place a risk management process.

Merchants

Some of the roles and responsibilities of merchants with respect to contactless payments in Nigeria include:

1. Ensuring that deployed devices and applications are available for contactless payments of goods and services.
2. Merchants shall be held liable for fraudulent contactless payments arising from negligence/connivance.
3. Contactless payment transaction value and associated charges shall be clearly communicated to the customer prior to consummation of the transaction.
4. Display the contactless symbol

Terminal Owners

Terminal owners are to ensure that all terminals and devices are compliant with appropriate minimum specifications and also ensure the implementation of a documented risk management process.

Customers

Customers have the option to opt-in by applying and consenting to applicable terms and conditions and can withdraw without prior notice to the issuer. Customers are also obliged to authenticate contactless payments transaction as may be required, exercise due diligence in carrying out contactless payments transactions and protect their payments instruments from unauthorized use.

Transaction Limit

The CBN is to determine the appropriate transaction and cumulative daily limits for contactless payments from time to time. However, stakeholders are permitted to set limits in line with CBN’s limits.

Contactless payment transactions below stipulated daily limits may not require customers’ authorization such as token, biometrics, pin, etc. while higher-value contactless payments shall require customer verification such as pin, mobile code, biometric, etc.

Sanctions and Penalties

Stakeholders are required to comply with the provisions of the Guidelines and other relevant regulations of the CBN. Failure to comply attract appropriate sanctions and penalties as may be determined by the CBN.

Conclusion

The Exposure Guidelines provides a regulatory framework for the activities and conduct of affairs of the stakeholders in the contactless payments system in Nigeria. When the Guidelines become operational, all stakeholders will be required to conduct their affairs and carry out their roles in accordance with the minimum set standards under the Guidelines.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post An Overview of the Central Bank of Nigeria Exposure Draft Guidelines on Contactless Payments in Nigeria first appeared on Goldsmiths Solicitors.

What is a Startup?

A Startup is defined in the Act as “a Company in existence for not more than 10 years, with its objectives being the creation, innovation, production, development or adoption of a unique digital technology innovative product, service or process”.

Regulatory Authorities and Structures under the Nigerian Startup Act.

The Act introduces several Authorities and structures which are responsible for the administration and development of startups in Nigeria. These established regulatory Authorities are distinct from other regulatory bodies which regulate the various sectors in which a startup may operate in Nigeria. Some of these Authorities and structures are:

• The National Council for Digital Innovation and Entrepreneurship (the ‘Council’).

The Act establishes the Council and empowers it to formulate policies for the realization of the objectives of the Act. The Council consists of about 13 members including the President and Vice President of Nigeria who are to respectively serve as Chairman and Alternate Chairman of the Council. The Council is also to appoint a Council Agent who is to submit reports on the status of programmes implemented to the Council.

• The National Information Technology Development Agency (NITDA)

The NITDA functions as Secretariat and is the operational arm of the Council. It is to be chaired by the Director General of NITDA. As part of its duties, the Secretariat is required to manage the process of startup labelling and establish a Startup Support and Engagement Portal to provide support to startups.

• The Startup Support and Engagement Portal (the ‘Portal’).

The Portal is to serve as a platform and may be described as a one-stop shop through which startups conduct their registration process with the relevant Ministries, Departments and Agencies (‘MDAs). The activities of the Startup Portal are to be administered by a Coordinator to be appointed by the Secretariat with the approval of the Council.

• The Startup Consultative Forum (the ‘Forum’).

The Forum is to be set up on the Startup Portal to provide a platform for information sharing and collaboration among startups. It is to comprise of industry stakeholders including representatives from labelled startups, venture capitalists and angel investors.

• Accelerators and Incubator and Innovation Hubs.

The Secretariat is to establish accelerator and incubator programmes for startups. An accelerator is a fixed-term cohort programme designed to provide startups with mentorship and educational assistance, while an incubator on the other hand is a company, partnership or NGO whose primary object is to support the establishment and development of startups, promotion of innovation, and related activities through the offer of dedicated physical spaces and services. The Council is also to issue a framework for the establishment and operation of startup innovation clusters, hubs, physical and virtual innovation parks in each state of the Federation. The Hub is to promote collaboration among startups and between startups and big companies.

Startup Labelling

A company, sole proprietorship or partnership may be issued a certificate by the Secretariat labelling it as a startup and thus, making it entitled to incentives provided under the Act. To be eligible for startup labelling, the following conditions must be met:

1. In the case of a company, the company ought to be in existence for not more than 10 years from the date of its incorporation;
2. Its objects ought to be that of innovation, development, production, improvement and commercialization of a digital innovative product or process;
3. It is to be a holder or repository of a digital technology product or process, or the owner or author of a registered software;
4. At least one of its founders or co-founder is to be a Nigerian who would share from the profit or revenue from the sale of shares.

It is vital to note that the provisions of the Act including the startup labelling will not apply to an organization that is a holding company or a subsidiary of a company which is not registered as a startup.

Procedure for the application for a Startup Label

A startup desirous of being so labelled is required to make an application in the prescribed form on the Startup Portal which is to be established by the Secretariat with the approval of the Council. This application is to be supported by documents and fee to be prescribed by the Secretariat.

Validity/Duration of the Startup Label

The startup label when issued is valid for 10 years from the date of issuance. Startups so labelled are expected to comply with specified obligations. Where a labelled startup fails to comply with its obligations, the Coordinator may notify the startup of its default and the startup is expected to rectify the default within 30 days of being notified. Where the startup remains in default after the 30-days period, its label may be withdrawn.

A startup whose label has been withdrawn may only re-apply to the Secretariat for re-issuance once the default has been rectified.

Obligations of Startups under the Act

Startups are to fulfil specific obligations to enable them enjoy the benefits and incentives granted under the Act. They are to:

1. Comply with extant laws governing businesses in Nigeria, such as the Companies and Allied Matters Act, 2020;
2. Comply with obligations set out by the coordinator after the issuance of the startup label;
3. Notify the Coordinator of any changes in its structure or objects within a month from the date of such change;
4. Provide information annually on the number of human resources, total assets and annual turnover achieved from the period the startup label was granted;
5. Maintain proper book of accounts in accordance with reporting obligations under extant laws and regulations;
6. Provide an annual report on incentives received and advancements made by virtue of the incentives.

Incentives provided under the Act

The Act makes provision for various tax and fiscal incentives to labelled startups. These incentives cuts across reliefs for the labelled startups, their employees, service providers and investors. They are:

1. The Pioneer Status Incentive Scheme.

Labelled startups that fall within industries provided under the list of Pioneer industries and products as provided under the List of Pioneer Industries and Products, 2017 or any subsequent law may apply to the Nigerian Investment Promotion Commission (NIPC) for the grant of reliefs and incentives under the scheme. An example of startups that may benefit from this Scheme are companies involved in the development of ready-made software. A startup qualified to benefit from this scheme may enjoy a renewable 3-year tax holiday.

2. Four years tax holiday.

Labelled startups may be exempted from any form of income taxation for a period of four (4) years from the date of the issuance of the startup label. The Ministry of Finance is expected to provide simplified requirements for startups to benefit from this incentive.

3. 5% tax relief on assessable profits.

To benefit from this additional tax relief, the labelled startups is to have at least 10 employees of which 60% are employees without any form of work experience and who are within 3 years of graduating from school or any vocation within the assessment period. This tax relief is valid for a maximum period of five years.

4. Export incentives for labelled startups involved in exportation of products and services.

Startups deemed eligible under the Export (Incentives and Miscellaneous Provisions) Act are also entitled to export incentives and financial assistance from the Export Development Fund, Export Expansion Grant, and the Export Adjustment Scheme Fund.

5. Investment Credit Tax.

This relief is applicable to angel investors, venture capitalists, private equity fund, accelerators or incubators of a labelled startup and entitles them to tax credit equivalent to 30% of their investment.

6. Exemption from Capital Gains Tax (CGT) on disposal of assets by investors.

The Act exempts investors from taxation upon the disposal of its assets in a startup.

7. Exemption on the Personal Income Tax of employees.

The Act exempts eligible employees from remitting 35% of their personal income for a period of 2 years from the date of engagement by the labelled startup. However, the Act does not provide the requirements for eligibility but gives the Secretariat and the Joint Tax Board the responsibility of determining  the requirements for eligibility.

8. Reduction of withholding tax for foreign entities who are service providers of labelled startups.

Foreign entities that provide technical, consulting, professional or management services to a labelled startup is required to pay 5% withholding tax as opposed to the 10% withholding tax applicable to service providers. This tax shall be the final tax to be paid by the foreign entity.

Funding for Startups under the Act

Some of the funding arrangement provided under the Act are:

1. The Startup Investment Seed Fund (‘the Fund’).

The Act establishes the Fund which is to be managed by the Nigeria Sovereign Investment Authority (‘the Fund Manager’). A sum of at least N10,000,000,000 (Ten Billion Naira) is to be paid annually into the Fund which would be utilized to provide financial support to startups and reliefs to accelerators, incubators and hubs.

2. Access to Government funds and the Credit Guarantee Scheme (CGS).

The Act establishes the CGS with the primary objective of providing accessible financial support to labelled startups. The Act also directs the Secretariat to ensure that labelled startups have access to grants and loan facilities administered by the Central Bank of Nigeria (CBN) and other bodies empowered to assist MSMEs.

The Startup Portal as a One-stop Shop for Labelled Startups.

The major function of the Startup Portal to be set up by the Secretariat is to act as a one-stop shop for startups to register with the MDAs regulating some sectors in Nigeria. The Act charges the Secretariat to collaborate with some regulatory bodies in setting up sections on the startup portal for the registration and administration of the activities of labelled startups with these bodies. These regulatory bodies are the Corporate Affairs Commission (CAC), the National Office for Technology Acquisition and Promotion (NOTAP), the National Copyright Commission and the Trademark, Patent and Designs Registries, the Nigeria Export Processing Zone Authority, the Central Bank of Nigeria (CBN) and the Securities Exchange Commission (SEC). The aim of this exercise is to ensure swift and seamless registration processes for startups. For instance, the Secretariat is to work with CBN and SEC to create a section on the startup portal to ease the licensing procedure for financial technology (Fintech) companies. The Secretariat in conjunction with the NEPZA is also to establish a Technology Development Zone to spur the development of startups, accelerators and incubators.

The startup portal is also to have a section through which labelled startups who intend to participate in CBN’s sandbox or SEC’s regulatory incubator or in any other sandbox may fast track their application process. The labelled startup must however meet all the requirements to participate in the sandbox or regulatory incubator.

Repatriation of Capital and Profits.

In order to encourage foreign investments in startups, the Secretariat is to work with the CBN to ensure the repatriation of the proceeds of investments by foreign investors through an authorized dealer at the prevailing CBN rate. The repatriation is to be done on freely convertible currency of dividends or profits attributed to the foreign investor net all applicable taxed; and the proceeds in the event of sale or liquidation of the labelled startup, net all applicable taxes. To benefit from this arrangement, the investor would be required to present its Certificate of Capital Importation (CCI) as proof of injection of funds into the labelled startup.

Conclusion

The signing of the Nigerian Startup Act is no doubt a welcome development in Nigeria.  The provisions of the Act when implemented would encourage innovation and investment in the Nigerian startups especially in the FinTech space. There are many tax and fiscal incentives that are available to labeled startups including investors, foreign entities and employees. There are however concerns that this Act is yet another layer of bureaucracy in the already over regulated Nigerian business environment.

Please note that the contents of this article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact:

The post The Nigerian Startup Act, 2022, Nigeria’s Bold Step to Encourage Innovation? first appeared on Goldsmiths Solicitors.

Definition of Credit Guarantee Companies

According to the Guidelines, a CGC is an institution licensed by the CBN with the primary objective of providing guarantees to banks and other lending financial institutions against the risk of default by obligors.

An example of a Credit Guarantee Company in Nigeria providing guarantees for MSMEs to access credit is Impact Credit Guarantee Limited.

Objectives of the Credit Guarantee Scheme

The objectives of the scheme include the following:

1. Improve access to credit for MSMEs
2. Reduce credit risk in lending by providing guarantees to PFIs
3. Stimulate lower interest rates on loans
4. Promote flexible collateral requirements
5. Encourage new business formation, development and expansion
6. Foster sustainable and inclusive growth
7. Improve risk management in the financial sector.

Powers and Duties of the Central Bank of Nigeria

The Central bank of Nigeria shall have regulatory and supervisory powers and duties over CGCs in addition to the following:

1. Grant and revoke licence.
2. Determine minimum capital requirements.
3. Approve the appointment of board members and senior management staff.
4. Remove board members and senior management staff.
5. Approve the appointment of external auditors.

Permissible Activities

The activities which CGCs may legally engage in include:

1. Provide guarantee for risk assets.
2. Render advisory services for financial and business development.
3. Invest surplus funds in government securities.
4. Maintain and operate various types of accounts with banks in Nigeria.
5. Engage in the recovery of guaranteed sum from defaulting borrowers post claims payment.
6. Other activities as may be prescribed by CBN from time to time.

Non-permissible Activities

The non-permissible activities for CGCs include the following:

1. Provision of guarantee to entities outside Nigeria.
2. Provision of credit to customers.
3. Acceptance of demand, savings and time deposits or any other deposits.
4. Management of pension funds or schemes.
5. Foreign exchange, commodity and equity trading.
6. All forms of trading in derivatives and swaps, etc.

Licensing Procedure and Requirements

The application for licence is made by the promoters of the CGC and addressed to the Governor of CBN. The application for licence shall be processed in two stages namely: Approval-in Principle and final licence.

Requirements for Approval-in-Principle

The requirements for obtaining Approval-in-Principle for CGC include:

1. Apply to the Governor of the CBN in writing together with the following:
2. A non-refundable application fee of N100,000.
3. Evidence of the deposit of the specified minimum capital requirement of N10,000,000,000 into a CBN designated account.
4. Evidence of capital contribution made by each shareholder.
5. Evidence of name reservation with Corporate Affairs Commission.
6. Detailed business plan or feasibility report.
7. Draft copy of the Memorandum and Articles of Association of the company.
8. Shareholders agreement.
9. Detailed manuals and policies.
10. Upon receipt of the application and satisfactory documentation, the CBN shall verify the capital contributions of the promoters of the CGC.
11. Where CBN is satisfied with capital contribution of the promoters, it shall issue Approval-in-Principle to the promoters of the CGC.
12. The CBN shall communicate its decision to the promoters within 90 days of the receipt of the application.
13. The proposed CGC shall not register or incorporate its name with Corporate Affairs Commission until an Approval-in-Principle has been obtained from the CBN.

Requirements for Final Licence

Not later than six months after obtaining the Approval-in-Principle from CBN, the promoters of a proposed CGC shall submit an application for the grant of final licence. The application shall be accompanied with the following:

1. Non-refundable licensing fee of N1,000,000 (One Million Naira)
2. Certified True Copy (CTC) of certificate of incorporation of the CGC.
3. CTC of the Memorandum and Articles of Association.
4. CTC of CAC form 1.1.
5. Evidence of payment of stamp duties.
6. Internal control policy.
7. Business continuity plan, etc.

However, before the final licence is granted, CBN shall inspect the premises and facilities of the proposed CGC.

Corporate Governance Structure for CGCs

The board is to be responsible for the affairs of the CGC and its performance. The board shall be made up of both executive and non-executive directors whose number is to be more than executive directors’. The board is to be composed of 5 members minimum and 7 members at the maximum. It should be noted that the appointment of the members of the board is subject to CBN’s approval.

There shall be the positions of a Managing Director and Chief Executive Officer. The two positions are not to be merged but to be occupied by different individuals.

The board is to be appraised annually by an independent consultant on aspects of board’s structure, composition, responsibilities and performance.

Sources of Funds of CGCs

CGCs can access funds from any source approved by CBN. These sources include:

1. Paid-up share capital.
2. General reserves.
3. Long-term loans from international organisations and sponsors.
4. Funds from development partners.
5. Loans from governmental bodies.
6. Preference shares.
7. Bonds.
8. Grants and donations from sources approved by the CBN, etc.

Compliance, Sanctions, and Revocation of Licence

CGCs are required to comply with all laws, rules and regulations. One of the directives is for CGCs to be prudent and not to guarantee more than 75% of the credit provided to any MSME. Where the CGC fails to comply, it shall be met with administrative sanctions. The sanction could be suspension of its operation, monetary penalties, prohibition from declaring dividends, or revocation of licence, etc.

The licence of a CGC may also be revoked where it is insolvent, misuses the licence or ceases operation for a continuous or aggregated period of six months within 12 months.

Conclusion

The issuance of the Guidelines is aimed at facilitating MSMEs access to credit at low interest rate. This is a step in the right direction by CBN. It will ensure that credit loans are guaranteed by minimizing credit risks that banks and other financial institutions are reluctant to take up. It would potentially also lead to business and economic growth for Nigeria especially in the MSME sector.

In applying for approval in principle and license, CGCs are to be prudent by ensuring that all CBN’s requirement for CGC’s licensing are met.

Please note that the contents of this Article are for general guidance on the Subject Matter. It is NOT legal advice.

For further information or to see our other service offerings, please visit www.goldsmithsllp.com  or contact us.

The post Overview of the Central Bank of Nigeria Exposure Draft Guidelines for Credit Guarantee Companies in Nigeria first appeared on Goldsmiths Solicitors.