Nigeria: Implemented CBN Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks and Payment Service Banks, including minimum cybersecurity requirements

On 1 July 2024, the "Risk-Based Cybersecurity Framework and Guidelines for Deposit Money Banks (DMBs) and Payment Service Banks (PSBs)" was implemented. The framework was issued by the Central Bank of Nigeria (CBN) on 31 May 2024, requiring DMBs and PSBs to implement these measures by 1 July 2024. It sets out minimum cybersecurity requirements for financial institutions to strengthen their defences against cyber threats. It covers areas such as governance, risk identification, third-party risk, vulnerability management, and cybersecurity maturity assessments. The framework also addresses the use of emerging technologies, including AI, machine learning, cloud computing, and distributed ledger technology.