top of page

Regulatory Compliance for Microfinance Banks in Nigeria

Updated: Nov 24, 2023

The banking sector in Nigeria is one of the most highly regulated sectors in the country, and this is for a good reason. Banks play such an important role in the economy of the country, not only do they provide a gateway into the financial system, they also facilitate the movement of funds and the processing of large amounts of personal data. This is especially true for microfinance banks.

A Microfinance Bank is any company licensed by the Central Bank of Nigeria (CBN) to carry on the business of providing financial services such as savings and deposits, loans, domestic funds transfer and non-financial services to microfinance clients.

The nature of their business makes banks a target for a range of crimes from fraud and money laundering to cyber-attacks and other threats. As a result, banks are subject to strict government oversight and intense regulatory scrutiny.

Microfinance Banks target client are the economically active poor, low-income households, the un-banked and underserved people - particularly vulnerable groups such as women, youths and the physically challenged, and the informal sector operators, micro-entrepreneurs and subsistence farmers.

There are numerous regulations which Microfinance banks in Nigeria are subject to, based on their CBN operating license. In addition to their CBN mandated obligations, they are also classed as financial institutions under the Money Laundering Prohibition Act 2022, and therefore have additional anti-money laundering obligations as a result of their classification.

All these requirements, obligations and regulatory expectations can sometimes be confusing, and the resulting compliance burdens can overwhelm even the most sophisticated institutions.

A Microfinance bank regulatory compliance overview, containing anti-money laundering/counter financing of terrorism (AML/CFT) measures, data privacy regulations, and other applicable requirements, is a useful resource that can provide compliance professionals with a strategic blueprint by which to prioritize and manage their day-to-day risks and responsibilities as well as ensure the adequacy of their compliance program.

Microfinance banks have essentially 5 types of regulatory obligations:

1. Corporate Governance obligations

2. Accounting obligations

3. General compliance obligations

4. AML/CFT compliance obligations

5. Data Privacy obligations

1. Corporate Governance obligations

These obligations generally cover how the microfinance bank is run, specifically issues around the management team and board of directors of the microfinance bank. Filing obligations which would fall under this broad classification include the obligation for microfinance banks to file an annual Board and Directors’ appraisal covering all aspects of the Board's structure, composition, responsibilities, processes, relationships and performance. Another filing which would fall under the umbrella of corporate governance obligations is the requirement to file a monthly return of all credits to directors, management staff and related parties.

2. Accounting obligations

These are regulatory obligations that touch on the way the microfinance bank conducts its business, things around the type of loans it gives out, the profitability of the microfinance bank, its assets and liabilities etc. Some of these obligations include:

· Statement of Assets and Liabilities;

· Profit and Loss account;

· Schedule of Loans and Investments on sector basis (number and value).

· Schedule of liabilities (deposits) on maturity basis (number and value);

· Interest rate structure etc.

3. General compliance obligations

Microfinance banks also have what we can classify as general compliance obligations, these include obligations like filing bi-annual returns on the company’s compliance with the whistle-blowing policy, filing a monthly fraud and forgeries report to the CBN, and other related filings.

4. Data Privacy obligations

The Nigeria Data Protection Regulations 2019 (NDPR) governs data privacy in Nigeria (in addition to Section 35 of the 1999 Constitution). The Nigeria Data Protection Bureau (NDPB) is mandated to oversee the implementation of the NDPR. These obligations include having a privacy policy for a website, designating a Data Protection Officer, conducting and submitting data protection audits, etc.

5. AML/CFT compliance obligations

Anti-money laundering (AML) refers to those policies, laws, and regulations which are targeted at preventing individuals and businesses from engaging in money laundering. While Combating the Financing of Terrorism, or Counter Terrorist Financing (CFT) refers to the laws and regulations enacted to combat the financing of terrorist activity. Both AML and CFT have overlapping regulations and in general these regulations adopt the following measures to identify and combat money laundering and terrorism financing:

  • Compliance Programmes and Training – Microfinance banks are required by law to have in place appropriate internal compliance documentation and training that would ensure their staff are able to identify instances of money laundering.

  • Know your customer (KYC). Microfinance banks are required to have proper customer identification and verification to ensure legitimacy of their customers. Higher risk products and services require more in-depth documentation.

  • Enhanced KYC. Certain classes of customers who have been classified as high risk are required to be under more scrutiny than regular customers, these include politically exposed persons.

  • Large currency transaction reporting. The MLPAA and the CBN AML/CFT Regulations require microfinance banks to file certain transaction reports when there are transactions which are conducted above a certain threshold.

  • Suspicious activities monitoring and reporting. Certain types of behavior need to be monitored and reported to the NFIU, as the behaviour could be indicative of criminal activity.

Is your Compliance Approach working?

Regulatory compliance is becoming more complex and important, and you don't want to have your organization left behind by sticking to inefficient legacy approaches.

In recent years, there has been an increase in investigations conducted by relevant national agencies for regulatory compliance breaches.

In May 2023, the CBN revoked the operating licences of 179 microfinance banks, 4 primary mortgage banks and 3 finance companies for failing to fulfil or comply with the conditions subject to which their licences were granted, and failing to comply with the obligations imposed upon them by the Central Bank of Nigeria.

Therefore, microfinance banks need to be proactive about how to manage their regulatory compliance.

For more information about how Regfyl can improve your organization's compliance, click here to book a demo and consultation with one of our Regfyl compliance experts.

291 views0 comments

Recent Posts

See All


bottom of page