The Central Bank of Nigeria has introduced a set of new regulations aimed at strengthening the security of instant payment services and giving customers greater control over digital banking transactions such as mobile and internet transfers.
The new measures were announced in a circular dated March 12 and signed by Musa Jimoh. According to the regulator, the guidelines will take effect from July 1 and will apply to all banks and payment service providers operating in Nigeria.
The apex bank said the updated framework is designed to reduce fraud risks and improve security within Nigeria’s rapidly expanding digital payment ecosystem.
One of the major provisions in the new guidelines allows customers to decide whether instant payment services should be active on their bank accounts. Under the new rules, financial institutions are required to give customers the option to opt in or opt out of instant payment services at any time.
According to the circular, customers who choose to opt out will have online instant transfers temporarily disabled on their accounts. During this period, they will not be able to carry out instant transfers through mobile or internet banking platforms.
However, the CBN explained that customers can still visit their banks physically to initiate transfers if their accounts are in opt-out mode.
The regulator stated that the process of opting in or out of instant payment services will be subject to multi-factor authentication, a security process that requires users to verify their identity using multiple methods before transactions can be completed.
The circular also clarified that the default setting for new customers will remain opt-in when they open a bank account.
Another key aspect of the new framework allows customers to adjust their transaction limits within existing regulatory thresholds. Currently, the maximum transfer limit for individuals is ₦25 million, while corporate accounts can transfer up to ₦250 million.
Under the new rules, customers can request adjustments to their transaction limits provided the bank conducts enhanced due diligence and appropriate risk assessment before approving the change.
The CBN said any approved adjustment will take effect immediately after the customer successfully completes multi-factor authentication confirming their consent.
In addition to giving customers more control over their transaction settings, the central bank has directed financial institutions to strengthen fraud detection systems across their digital platforms.
Banks and payment service providers are now required to deploy enterprise-level monitoring systems capable of tracking transaction inflows and outflows in real time in order to identify suspicious activities and prevent fraud.
The regulator also introduced stricter identity verification procedures for online banking services.
According to the new guidelines, financial institutions must implement liveness verification checks for online account opening and account reactivation processes. These checks will be carried out against the Bank Verification Number database and the National Identity Management Commission database for the National Identification Number.
Liveness verification requires customers to confirm they are physically present during identity verification. This may involve actions such as blinking, smiling, speaking or turning their heads during facial recognition processes used by banking platforms.
The CBN said the measure is intended to reduce identity theft and prevent fraudulent account openings using stolen personal information.
The new framework also introduces a device-binding requirement for mobile banking applications.
Under this rule, mobile financial service apps will only be allowed to operate on one device at a time. Customers will not be able to access their mobile banking applications simultaneously on multiple devices.
If a user wants to switch to a new device, the system will automatically trigger a fresh authentication process to verify the customer’s identity before the app can be activated.
The circular explained that migration to another device will require full reactivation and authentication to ensure the account remains secure.
The central bank also introduced temporary transaction restrictions for newly activated mobile banking applications.
For newly opened accounts, the first 24 hours after activating a mobile banking app will carry a transaction limit of ₦20,000 for both incoming and outgoing transfers.
The same restriction will apply when an existing customer activates their mobile banking application on a new device.
According to the regulator, the temporary restriction is intended to reduce the risk of fraud during the early stages of account activation when accounts may be most vulnerable.
The CBN further stated that internet banking services will also be subject to stricter security measures.
Under the new rules, the first login attempt from a new device on an internet banking platform must go through additional multi-factor authentication checks before the user can access their account.
The central bank said these measures form part of a broader strategy to strengthen Nigeria’s digital payment system and protect customers as financial transactions increasingly move online.
Nigeria has experienced rapid growth in digital payments in recent years, driven by increased smartphone usage, mobile banking adoption and fintech innovation.
However, the rise in electronic transactions has also been accompanied by increasing cases of cyber fraud and identity theft targeting bank customers.
The CBN noted that the new regulations represent the minimum operational standards for instant payment services in Nigeria.
According to the regulator, the framework is part of ongoing efforts to enhance customer protection, improve fraud detection capabilities and give users greater control over how their digital banking services are used.
Banks and payment service providers have been directed to fully implement the new guidelines before the July 1 effective date as the central bank continues to strengthen oversight of the country’s evolving digital financial system.
