NIGERIA Law and Practice Contributed by: Isa Alade, Seyi Bella, Ayodele Adeyemi-Faboya and Ayomikun Ogunkanmi, Banwo & Ighodalo
in principle for certain activities, as seen with the Accelerated Regulatory Incubation Pro - gram (ARIP) for Virtual Asset Service Providers (VASPs) or “No-Objection” letters. Similarly, the CBN may issue guidelines, circulars, or exemp - tions to provide regulatory clarity on specific fintech activities. In the absence of “No-Action” letter, fintech firms often rely on regulatory guidelines or formal approvals (like licenses or authorisations) from relevant authorities, such as the CBN, SEC, or other regulatory bodies like the National Informa - tion Technology Development Agency (NITDA), to ensure compliance with regulations. 2.8 Outsourcing of Regulated Functions Generally, the powers given to players in the financial services industry by the regulator(s) through the various licences cannot be trans - ferred, assigned or otherwise outsourced to third parties without the regulator’s consent. Howev - er, there are exceptions. By way of example, cer - tain financial services can be provided by a third party (agent) to customers on behalf of DMBs or mobile money operators (as vendors) pursu - ant to the CBN Guidelines for the Regulation of Agent Banking and Agent Banking Relationships in Nigeria. The vendors must apply for approval to the CBN, stating the extent of agent bank - ing activities and the responsibilities of relevant parties, as well as the risk management, internal control, operational procedures and any other policy and procedures relevant to the agent banking arrangement. The parties to the agent banking arrangement are also required to enter into service-level agreements and agent banking contracts that are satisfactory to the CBN. 2.9 Gatekeeper Liability BOFIA imposes an obligation on financial insti - tutions (including fintech companies operat -
ing as digital banks, IMTOs, PSPs and fintech companies whose objectives include investment management) to adopt policies stating their commitments to complying with AML/CFT obli - gations under subsisting laws and regulations. Such financial institutions are also obligated under BOFIA to implement control measures to prevent any transaction that facilitates criminal activities, money laundering, or terrorism. More specifically, the CBN AML/CFT Regu - lations 2022 require financial institutions to, among other things: • adopt customer due diligence measures to identify and verify their customers; and • monitor and report transactions that may be deemed suspicious. 2.10 Significant Enforcement Actions A major enforcement action in 2024 is the impo - sition of fines of USD220 million on Meta Inc and WhatsApp LLC by FCCPC for obnoxious, exploitative and unscrupulous business prac - tices that violate the FCCPA and the Nigerian Data Protection Regulation 2019. An interesting point regarding this penalty is that, in reaching a decision, the FCCPC compared the practices of WhatsApp in other jurisdictions with the prac - tices of WhatsApp within Nigeria. This strongly suggests that from a consumer protection per - spective, regulators are now more willing to con - sider actions/inactions across multiple jurisdic - tions. Other significant enforcement actions include the reported CBN imposition of penalties of over NGN 15 billion on banks over a space of three months ranging from October 2024 to December 2024 and the reported imposition of penalties of about NGN1.5 billion within the first six months of 2024 for violation of foreign exchange guide -
568 CHAMBERS.COM
Powered by FlippingBook