The Central Bank of Nigeria (CBN) has issued a directive requiring deposit money banks, fintech companies, and other licensed payment service providers to store all payment transaction data generated within Nigeria on local servers starting from January 1, 2027. This move is part of new regulatory measures designed to tighten oversight of the country's rapidly expanding digital financial ecosystem.
Policy Details
Under the new policy, financial institutions must retain sensitive transaction records within Nigeria rather than relying on foreign-based servers. The apex bank stated that the initiative aims to strengthen data security, improve regulatory supervision, and ensure faster access to financial information for monitoring and investigative purposes.
Rationale Behind the Directive
The CBN explained that the growth of digital payments and fintech services has necessitated stronger data governance. Concerns over cyber risks, compliance gaps, and delays in accessing cross-border data during financial crime investigations have prompted this action. Keeping data locally is expected to enhance national control over critical financial infrastructure.
Impact on Industry
The policy is anticipated to drive investment in local data centers and cloud storage capacity as operators adjust to new compliance requirements. The CBN warned that full implementation is mandatory by the 2027 deadline, with sanctions likely for non-compliant institutions.
