Digital Policy Alert logo

Nigeria: Risk-Based Cybersecurity Framework and Guidelines for Other Financial Institutions adopted

Policy overview

Description

Risk-Based Cybersecurity Framework and Guidelines for Other Financial Institutions adopted

On 29 June 2022, the Central Bank of Nigeria has issued the Risk-Based Cybersecurity Framework and Guidelines for Other Financial Institutions, applicable to all entities defined as Other Financial Institutions (OFIs). The Guidelines set out the cybersecurity rules applicable to OFIs, defining the cybersecurity governance responsibilities of the various position-holders in an organisation, including the Board of Directors, Senior Management, and the Chief Information Security Officer. Further, the Guidelines set out the obligations of OFIs concerning risk management, developing cybersecurity strategies and frameworks, as well as assessment and reporting. The Guidelines will enter into effect on 1 January 2023.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
digital payment provider (incl. cryptocurrencies), other service provider
Implementation Level
national
Government Branch
executive
Government Body
central bank

Complete timeline of this policy change

Hide details
2022-06-29
adopted

On 29 June 2022, the Central Bank of Nigeria has issued the Risk-Based Cybersecurity Framework and …

2023-01-01
in force

On 1 January 2023, the Central Bank of Nigeria's Risk-Based Cybersecurity Framework and Guidelines …

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.