Connect with us

    Hi, what are you looking for?

    News

    CBN’s 3-Week Ultimatum: Banks, Fintechs Face Massive Fines for Cyber Failures

    Central Bank of Nigeria (CBN) has directed banks and other financial institutions to complete a newly deployed cybersecurity self-assessment tool (CSAT) as part of efforts to strengthen resilience across the financial system.

    In a circular dated March 30, the apex bank said the tool was introduced in line with its mandate under the Banks and Other Financial Institutions Act 2020 and is designed to assess the cybersecurity posture of regulated entities.

    According to the circular signed by Olubunmi Ayodele-Oni for the director of the compliance department, deposit money banks are required to submit their completed assessments within three weeks, while other institutions have five weeks.

    The directive, which takes immediate effect, applies to deposit money banks, payment service banks, microfinance banks, payment service providers, finance companies, and development finance institutions.

    “The CSAT is a structured supervisory instrument designed to obtain comprehensive information on the cybersecurity posture of regulated institutions,” the circular reads.

    “It covers key areas including cybersecurity governance, risk management practices, technology and third-party risk controls, incident response capabilities, and overall operational resilience.

    “Insights derived from the CSAT will support risk-based supervision and enhance regulatory oversight of cybersecurity risks across the financial system.

    “Accordingly, all the referenced institutions are required to complete and submit the CSAT through a dedicated submission portal.”

    The regulator added that access to the submission portal and guidance would be provided to chief information security officers and other relevant officials of the affected institutions.

    CBN said all submissions must reflect data as of December 31, 2025, and be accompanied by relevant supporting documentation where applicable.

    The apex bank warned that “submission of false, misleading, or inaccurate information constitutes a regulatory breach,” and would attract sanctions in line with BOFIA 2020.

    CBN also said validation exercises, including off-site reviews and supervisory engagements, would be conducted to verify the accuracy of submissions.

    Loading

    Spread the love
    Frank
    Written By

    Franklin Ugo Ndibe is a seasoned Nigerian journalist and media professional renowned for his incisive reporting and editorial leadership in the information and communications technology (ICT) sector.

    Click to comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    ad

    You May Also Like

    News

    Three African journalists have been named recipients of the 2026 Open the Knowledge Journalism Awards, in recognition of their reports on migration, youth sports...

    E-Financial

    Economic and Financial Crimes Commission (EFCC) and the Corporate Affairs Commission (CAC) have expressed concern over the growing activities of unregistered Point of Sale...

    Tech

    Meta on Thursday hosted the Nigeria Youth Safety Summit at the Transcorp Hilton, Abuja, bringing together government officials, civil society organisations, parents, educators, creators...

    News

    Nestoil Limited and Neconde Energy Limited have commenced legal proceedings seeking $1.8 billion in damages against FBN Quest, FBN Trustees, FirstBank, Access Bank, Zenith...