CBN suspends cybersecurity levy

The Central Bank of Nigeria’s – CBN suspends cybersecurity levy. Protests broke out in response to the imposition of a 0.5% cybersecurity fee. The Nigeria Labour Congress (NLC) has strongly dismissed the move, describing it as an additional financial burden for industrious Nigerians. In a statement on Tuesday, Joe Ajaero, NLC President, dismisses the directions, urging a strategy without added financial burden.

Policy

Chibuzor Efobi, CBN’s Director of Payment System Management, and Haruna Mustafa, Director of Financial Policy and Regulation, jointly signed a circular expecting the new policy to take effect in two weeks from Monday, May 6, 2024.

The levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution. The customer’s account shall reflect the deducted amount with the narration, ‘Cybersecurity Levy’.

The CBN circular mandates all banks, other financial institutions and payments service providers to implement the Cybercrimes Act. By applying the levy at the point of electronic transfer origination as “Cybersecurity Levy,” and remitting same.

2024 Cybercrime Amendment

The debate originates from the passage of the 2024 Cybercrime (Prohibition, Prevention, etc.) Amendment Act, it requires a 0.5% deduction from the value of any digital transactions for the National Cyber Security Fund. The National Security Adviser’s office (NSA) would oversee this fund. Failure to comply with the levy may result in penalties. Including fines of up to 2% of the defaulting business’s annual revenue.

** “Penalties for Non-compliance Section 44 (8) of the Act prescribes that failure to remit the levy is an offence and is liable on conviction to a fine of not less than 2% of the annual turnover of the defaulting business, amongst others,”- apex bank

Suspending the Cybersecurity Levy

In response to mounting opposition, the House of Representatives has taken action. Directing the Central Bank of Nigeria to suspend the implementation of the cybersecurity levy. The motion, led by Representative Kingsley Chinda, pointed out concerns with regard to the interpretation of the levy’s applicability, particularly whether it should be carried out by bank customers or specific businesses as outlined in the Cybercrime Act.

**In the motion, Chinda said, “The House notes that businesses which the said Section 44(2)(a) refers to are listed in the Second Schedule to the Cybercrimes Act to be GSM Service Providers and all telecommunication companies; Internet Service Providers; Banks and Other Financial Institutions; Insurance Companies and the Nigerian Stock Exchange.

Economic Concerns

Businesses, sellers, non-interest, and payment service banks, among others, received the directive with an initial start date of two weeks from May 6, 2024. However, the lack of clarity surrounding its implementation has raised concerns among civil society organizations and residents, who think it would have a negative impact in the face of current economic issues such as subsidy removal and rising prices.

Levy Exemptions 

Certain transactions have been classified as exempt from the Central Bank of Nigeria’s previous instruction to impose a cybersecurity charge on digital transactions. The intent of the exclusions is to lessen the potential financial burden on specified transaction types deemed essential for smooth financial operations and public welfare. The cybersecurity levy excludes the following transactions.