The Central Bank of Nigeria (CBN) has introduced new standards requiring banks, fintech companies, and other financial institutions to deploy automated systems for monitoring suspicious financial activity.
The directive, issued on March 10, 2026, applies to deposit money banks, payment service providers, mobile money operators, international money transfer operators, and other regulated institutions.
Under the framework, banks have 18 months to fully deploy automated anti-money laundering (AML) systems, while other financial institutions have 24 months. Every institution must also submit an implementation roadmap to the CBN within 90 days of the circular.
The systems must integrate customer identity information, risk profiling, sanctions screening, and transaction monitoring tools. Regulators say the goal is to improve the reporting of financial crime across Nigeria’s growing digital finance ecosystem.
Manual monitoring processes are increasingly difficult to sustain in a financial system that processes millions of digital transactions each day.
Automated monitoring becomes a baseline requirement
The new standards introduce a minimum set of capabilities financial institutions must build into their compliance infrastructure.
Automated systems must connect directly to customer data, including identity records, income profiles, and risk classifications, allowing institutions to evaluate transactions against expected behaviour.
The platforms must also support Know-Your-Customer and Know-Your-Business checks, sanctions screening, investigation workflows, transaction monitoring, and regulatory reporting.
The CBN also allows institutions to use artificial intelligence and machine learning for compliance monitoring. Those models must be independently tested each year to check accuracy, bias, and performance drift.
Regulators will supervise compliance through a mix of on-site examinations and off-site monitoring.
Part of a wider shift in fintech regulation
The directive arrives as Nigeria’s fintech ecosystem faces growing regulatory expectations.
A 2025 fintech industry report released by the CBN found that 87.5% of Nigerian fintech companies say the cost of meeting regulatory and risk requirements already limits their ability to innovate. The same report shows 62.5% of firms say regulatory timelines affect how quickly they can launch new products.
Those findings have raised concerns that compliance costs could slow product development across the sector.
At the same time, regulators are expanding their ambitions for Nigeria’s financial technology industry. The CBN is exploring regional passporting frameworks that could allow Nigerian fintech companies to expand more easily into markets such as Ghana, Kenya, and South Africa through mutual recognition of licenses.
Stronger financial crime controls are likely to be a prerequisite for those cross-border regulatory arrangements.
Why the CBN is pushing automated compliance
Nigeria’s financial infrastructure has expanded quickly over the past decade. The launch of the NIBSS Instant Payment system in 2011 enabled real-time transfers between banks, helping turn Nigeria into one of the world’s most active instant-payment markets. By 2025, millions of Nigerians were already using mobile apps, USSD, and digital wallets for daily transactions.
As transaction volumes rise, regulators are pushing financial institutions toward automated compliance systems capable of detecting suspicious patterns quickly. The new framework also aligns Nigeria’s oversight with global anti-money laundering standards set by the Financial Action Task Force.
For banks and fintech operators, the directive effectively turns compliance software into a core part of financial infrastructure. Institutions will need systems that track transactions across channels, flag unusual behaviour, and generate reports for regulators automatically. The policy also introduces stronger accountability for compliance officers and is likely to increase spending on compliance technology across the industry.
The timeline adds urgency. Banks have 18 months to complete deployment and other institutions 24 months, yet all regulated firms must submit implementation roadmaps within 90 days, setting the first checkpoint around June 2026.
Get passive updates on African tech & startups
View and choose the stories to interact with on our WhatsApp Channel
ExploreLast updated: March 15, 2026
