Bank Customers Association of Nigeria (BCAN) has called on the Central Bank of Nigeria (CBN) to institute stakeholders engagement on the planned implementation of the 0.5 per cent cybersecurity levy on e-payment transactions.
Speaking in Lagos, President, BCAN, Dr. Uju Ogubunka, said such policy requires stakeholders input on how best to approach it in the interest of the people and economy.
He said cybersecurity levy should not be limited to e-payment transactions alone, because everyone within the banking sector coverage has right to be protected from cybercriminals. He added that coming up with who should pay such levy should not be left for the CBN alone, but should involve all stakeholders in the financial system.
He said implementing such policy without stakeholders’ input will not be the best for the economy adding that what the received funds will be used for should be well spelt out, to enhance compliance.
Ogubunka said the government should reflect and carry out stakeholders consultation to be able to achieve the best results for its plans.
He said bank customers are already weighed down by multiple charges, and adding the cybersecurity levy will multiply their woes. The CBN had on Monday, directed banks to begin charging 0.5 per cent cybersecurity levy on transactions.
A circular released by the apex bank said the implementation of the levy would begin two weeks from the day of its announcement.
The circular was directed to all commercial, merchant, non-interest and payment service banks. The circular revealed that it was a follow-up on an earlier letter dated June 25, 2018 (Ref: BPS/DIR/GEN/CIR/05/008) and October 5, 2018 (Ref: BSD/DIR/GEN/LAB/11/023), in compliance with the Cyber crimes (Prohibition, Prevention, Etc.) Act 2015.
Following the enactment of the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024 and under the provision of Section 44 (2)(a) of the Act, a levy of 0.5 per cent (0.005) equivalent to a half per cent of all electronic transactions value by the business specified in the Second Schedule of the Act, is to be remitted to the National Cybersecurity Fund which the Office of the National Security Adviser shall administer.
The CBN said that all banks, financial institutions and payment service providers are now required to implement the directive.
“The levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution. The deducted amount shall be reflected in the customer’s account with the narration, ‘Cybersecurity Levy’,” it said.
“Deductions shall commence within two weeks from the date of this circular for all financial institutions and the monthly remittance of the levies collected in bulk to the NCF account domiciled at the CBN by the fifth business day of every subsequent month.”
Speaking on penalties for non-compliance, the bank said that failure to remit the levy is an offence and is liable on conviction to a fine of not less than two per cent of the annual turnover of the defaulting business, amongst others.
