Financial Shockwave: Nigeria Mandates Local Data for Banks and Fintechs

The Central Bank of Nigeria (CBN) has issued a comprehensive directive requiring all entities involved in payment transactions within Nigeria to store locally generated payment data on domestic servers. This significant regulatory move, outlined in a circular signed by Rakiya Yusuf, Director of the Payments System Supervision Department, mandates compliance by January 1st, 2027. The directive is part of a broader strategic initiative by the CBN to enhance oversight of the nation's rapidly expanding digital payments ecosystem.

Key elements of the new regulatory framework include stringent market structure requirements, updated data localisation rules, strict ultimate beneficial ownership (UBO) disclosure obligations, and enhanced systemic oversight measures for all participants in the payment system. Specifically, all payment service providers, including banks, fintechs, and mobile money operators, must ensure that any transaction data created in Nigeria is stored and managed exclusively within the country, in strict adherence to Nigerian data protection laws.

The CBN's rationale behind the data localisation requirement is multi-faceted: to bolster regulatory visibility, improve consumer protection mechanisms, and mitigate operational risks inherently associated with storing data offshore. For many fintech companies and payment processors that currently rely on international cloud infrastructure or cross-border data processing arrangements, this directive will necessitate substantial infrastructure adjustments and investments over the coming years. This policy aligns Nigeria with an increasing number of countries worldwide that are seeking greater sovereign control over their critical digital infrastructure and sensitive financial data.

Beyond data localisation, the CBN's circular introduces more rigorous transparency requirements regarding the ownership structures of payment service providers. Operators are now obliged to disclose their ultimate beneficial owners – the specific individuals who ultimately hold control or ownership over a company, even when ownership is structured through multiple corporate layers. This measure is intended to significantly improve transparency, strengthen ongoing anti-money laundering (AML) efforts, and reduce the risks associated with opaque ownership structures within the financial sector. The CBN has consistently emphasized governance and compliance as paramount priorities, particularly as digital payments grow in scale and complexity.

Furthermore, the CBN has unveiled new systemic oversight measures, which will enable certain payment service providers to be subjected to enhanced regulatory scrutiny based on their critical importance to Nigeria's overall payments infrastructure. This move underscores the regulator's commitment to ensuring the resilience and stability of the entire digital payments ecosystem, especially as these digital platforms become increasingly integral to commerce, banking, and government services. Given Nigeria's position as one of the world's largest instant payment markets, this latest directive from the CBN clearly signals its intention to tighten regulatory control over the foundational infrastructure of the country's digital economy, while simultaneously improving transparency and operational accountability across the sector.