The Chartered Risk Management Institute of Nigeria has endorsed the Central Bank of Nigeria’s new regulatory measures aimed at bolstering security within the nation’s rapidly expanding digital payments ecosystem.
In a statement released on Saturday, the Institute’s President and Chairman of Council, Kevin Ugwoke, described the framework as a timely response to escalating threats in the financial system, particularly fraud, identity theft, and unauthorised access linked to instant payment platforms.
The Institute highlighted several safeguards introduced by the apex bank, including a ₦20,000 transaction cap on newly activated mobile banking applications within their first 24 hours, compulsory device binding, and the deployment of real-time enterprise fraud monitoring systems.
According to the CRMI, these measures target one of the most vulnerable stages in digital banking—account onboarding and activation—when fraudsters often attempt to compromise user credentials.
“By limiting transaction exposure during the high-risk activation window, the framework significantly reduces the opportunity for fraudsters to exploit newly onboarded or compromised accounts,” the statement read in part.
The new framework arrives amid a surge in electronic transactions driven by mobile banking, fintech platforms, and Nigeria’s broader push towards a cash-lite economy. In recent years, the country’s instant payment system has recorded substantial growth, processing millions of daily transactions worth trillions of naira monthly.
However, this growth has been accompanied by increasingly sophisticated fraud schemes, including SIM swap attacks, phishing, social engineering, and account takeovers. Industry data and regulatory disclosures have revealed repeated spikes in fraud attempts, particularly during onboarding or when customers change devices.
In response, the CBN has intensified oversight of banks, fintech firms, and payment service providers, issuing guidelines focused on consumer protection, operational resilience, and cyber security. The latest measures build on earlier directives regarding Know Your Customer compliance, transaction monitoring, and dispute resolution timelines.
A key feature of the framework is the introduction of layered security at the point of entry into digital channels—specifically the restriction on transaction values immediately after activation—alongside device registration protocols designed to prevent unauthorised access from new or cloned devices.
The Institute also welcomed the introduction of the Nigerian Overnight Financing Rate, noting that it is expected to improve transparency and consistency in short-term funding costs within the financial system.
While expressing support for the policy direction, the CRMI stressed that effective implementation by financial institutions would be critical to achieving the desired outcomes. It urged banks, fintech operators, and payment service providers to upgrade cyber security infrastructure, strengthen fraud detection systems, and invest in continuous staff training, while also enhancing customer awareness of safe digital banking practices.
The Institute added that it would continue to support regulatory reforms through professional training, policy advocacy, and collaboration with industry stakeholders as Nigeria advances towards a more technology-driven financial system.
