Section Home

Home	Hidden
Home	2

Name

Global FinTech Guide

Country _ Name

Nigeria

SectionTitle

KYC requirements

Body

The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

There are several laws and regulations enacted to regulate AML in Nigeria. We have listed below the major regulations on AML in Nigeria:

Money Laundering (Prevention and Prohibition) Act, May 16, 2022 (MLPA);
Money Laundering (Prohibition) Act, 2011 (As Amended), February 1, 2018;
CBN Customers Due Diligence Regulations, May 31, 2023;
The CBN Guidance on Ultimate Beneficial Owners of Legal Persons and Legal Arrangements, January 2023;
SEC (Capital Market Operators Anti-Money Laundering and Combating the Financing of Terrorism and Proliferation) Regulations, May 11, 2022;
CBN AML and Combating the Financing of Terrorisms in Banks and other Financial Institutions in Nigeria) Regulations 2019; and
CBN AML and Combating the Financing of Terrorism and Countering Proliferations Financing of Weapons of Mass Destruction in Financial Institutions, Regulations, 2022.

National regulator or relevant authority for AML controls

The national regulator responsible for anti money-laundering controls in Nigeria is the Special Control Unit against Money Laundering (SCUML), which operates under the Economic and Financial Crimes Commission (EFCC).

While SCUML is the primary regulator for AML Controls, other regulatory bodies, such as the CBN and the SEC, also play a role in supervising and enforcing AM compliance within their respective sectors.

Customer Due Diligence

Conduct of a typical KYC identification process

Although depending on the type of institution, the specific requirements may vary. However, the typical Know Your Customer (KYC) identification process for natural persons involves the following steps:
Customer Identification: individuals are required to provide a valid means of identification, such as a national ID card, international passport, driver's license, or voter's card bearing the individual's name, photograph, and other relevant details.
Verification of Identification Documents: the financial institution or designated non-financial business or profession (“DNFBP”) will verify the authenticity of the identification documents provided. This may involve checking security features, contacting the issuing authority, or using document verification systems. Electronic Identity Verification or Digital Identity Verification was introduced to strengthen the KYC procedure without hard copy documents. The verification process is done by matching the information provided by the customer with what is provided in government, public databases and other agencies.
Capture of Biometric Information: many institutions in Nigeria now require the capture of biometric information, such as fingerprints, facial recognition, or iris scans, as an additional layer of identification and authentication.
Proof of Address

: individuals may be required to provide proof of their residential address, such as a recent utility bill, tenancy agreement, or bank statement. This helps to establish the customer's physical location and residential status.
Source of Funds/Wealth: depending on the type of account or transaction, individuals may be asked to provide information and documentation regarding the source of their funds or wealth. This could include employment details, business registration documents, or evidence of inheritance or investments.
Risk Assessment: based on the information collected and the customer's profile, the financial institution or DNFBP will conduct a risk assessment to determine the appropriate level of due diligence required. Higher-risk customers may be subject to enhanced due diligence measures.
Documentation and Record-Keeping: all relevant documents and information collected during the KYC process must be properly documented and maintained by the institution throughout the course of business relationship, and for at least five years after the business relationship has ended.
The process for verification of legal persons (entities) is typically conducted by relying on the documents listed below:

Certificate of incorporation;
Particulars of shareholders;
Memorandum and Articles of Association (MEMART);
Minutes of meetings;
Resolutions;
Partnership agreements;
Annual returns/financial statements;
Bye-laws;
Constitutions;
Charters; and
Trust deeds and trust registration documents.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

For a third-party to be relied on to meet the customer due diligence obligations, the following conditions must be met:

The third party must be a financial institution or a designated non-financial business or profession (DNFBP) that is subject to AML/CFT/CPF regulations and supervised for compliance with these regulations.
The Financial Institution must take adequate steps to satisfy itself that copies of identification data and other relevant documentation relating to the CDD requirements is going to be made available from the third party upon request without delay.
It must satisfy itself that the third party is regulated, supervised or monitored for, and has measures in place for compliance with, the CDD and record keeping requirements set out in these Regulations and the CBN AML, CFT and CPF Regulations.
It must ensure that adequate KYC provisions are applied to the third party in order to obtain account information for competent authorities.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

Fintech companies cannot rely on third parties who are not obligated to comply with AML regulations as stated in the conditions outlined above.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence

The CBN DD Regulations do not specify a license or registration requirement for third party in case of outsourcing customer due diligence. It only provides that the third party be regulated, supervised or monitored with measures in place for compliance with the CDD and record keeping requirements set out in the CBN DD Regulations and the CBN AML, CFT and CPF Regulations.

Further questions

Entities that could be relied on specifically by law as a third party to comply with AML regulations (regardless of outsourcing)

Yes	credit institutions
Yes	financial institutions
Yes	auditors, external accountants, and tax advisors
Yes	notaries and other independent legal professionals
Yes	other trust or company service providers
Yes	estate agents
	other persons trading high-value goods
	providers of gambling services

BackToCountry	Hidden	Hidden
Back to country	Nigeria	2

Switch country

Global overview

Authors

Name	Organisation	Email	Hidden	Hidden
Ebimobowei Jikenghan	G Elias	[email protected]	0	6346
Eberechukwu Ezike		[email protected]	0

Choose country

	Hidden	Hidden
Albania	167	2
Argentina	512	2
Australia	182	2
Austria	677	2
Bolivia	1012	2
Bosnia and Herzegovina	197	2
Bulgaria	980	2
Canada	152	2
Chile	242	2
China	257	2
Colombia	272	2
Costa Rica	287	2
Croatia	302	2
Czech Republic	812	2
Dominican Republic	824	2
Finland	921	2
France	722	2
Germany	137	2
Hong Kong	737	2
Hungary	347	2
Ireland	692	2
Italy	332	2
Japan	850	2
Kenya	998	2
Korea, Republic of	362	2
Malaysia	662	2
Mexico	632	2
Montenegro	377	2
New Zealand	392	2
Nigeria	904	2
North Macedonia	437	2
Peru	422	2
Philippines	407	2
Poland	482	2
Portugal	497	2
Romania	797	2
Russia	912	2
Saudi Arabia	881	2
Serbia	467	2
Singapore	945	2
Slovenia	527	2
Spain	542	2
Switzerland	707	2
Thailand	557	2
Turkey	752	2
United Kingdom	782	2
United Rep of Tanzania	767	2
United States	587	2
Vietnam	962	2