Digital Policy Alert logo

Nigeria: Adopted CBN Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Banks, including minimum cybersecurity requirements

Policy overview

Description

Adopted CBN Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Banks, including minimum cybersecurity requirements

On 31 May 2024, the Central Bank of Nigeria (CBN) issued the "Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks (DMBs) and Payment Service Banks (PSBs)." The DMBs and PSBs are required to implement these measures by 1 July 2024. The framework sets out minimum cybersecurity requirements for financial institutions to strengthen their defences against cyber threats. It covers areas such as governance, risk identification, third-party risk, vulnerability management, and cybersecurity maturity assessments. The framework also addresses use of emerging technologies, including AI, machine learning, cloud computing, and distributed ledger technology.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies)
Implementation Level
national
Government Branch
executive
Government Body
central bank

Complete timeline of this policy change

Hide details
2024-05-31
adopted

On 31 May 2024, the Central Bank of Nigeria (CBN) issued the "Risk-Based Cybersecurity Framework an…

2024-07-01
in force

On 1 July 2024, the "Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks (DMB…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.