The Central Bank of Nigeria (CBN) has on Wednesday, issued operational guidelines for open banking in Nigeria, as part of its measures to sanitize operation of the banking industry.
The CBN said the Regulatory Framework for Open Banking in Nigeria established principles for data sharing across the banking and payments system to promote innovations and broaden the range of financial products and services available to bank customers.
“As a result, open banking recognizes the ownership and control of data by customers of financial and non-financial services, and their right to grant authorizations to service providers for the purpose of accessing innovative financial products and services,” the apex bank said, adding that this is anticipated to drive competition and improve accessibility to banking and payments services.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
According to the guidelines, participants in open banking shall adhere strictly to security standards when accessing and storing data, and shall be subject to minimum privacy standards, operational standards, risk management standards and customer experience standards as prescribed by the Bank.
The CBN shall provide and maintain an Open Banking Registry to provide regulatory oversight on participants, enhance transparency and regulate operators within the open banking ecosystem.
Under the open banking proposition, any organization that has data of customers which may be exchanged with other entities for the purpose of providing innovative financial services within Nigeria is eligible to participate in the Open Banking ecosystem.
The CBN said entities participating within the Open banking ecosystem are categorized based on the roles that they may perform, and participants may assume more than one role depending on their services and offerings. The roles include API Provider, API Consumer and customer – whose data is involved and whose permission is required before the data is used.
“Consent is required from customers whose data may be required by services provider to avail them of financial products and services,” the guideline said.
CBN’s Director, Payments System Management Department, Musa Jimoh, said the guidelines have become necessary as the apex bank pushes to stabilize the financial system.
“The adoption of open banking in Nigeria will foster the sharing of customer-permissioned data between banks and third-party firms to enable the building of customer-focused products and services.
“It is also aimed at enhancing efficiency, competition, and access to financial services,’’ he stated.
Speaking on the conditions for sharing customers’ private data, the guideline said API Provider shall only share information of a customer with an API Consumer, upon presentation of a valid proof of consent by the customer, and shall authenticate such consent to ensure it emanates from its customer.
“Authentication of end-users and the validation of information to be shared with the ACs shall be done directly by the AP using the prescribed authentication mechanism within the API Security and Risk Management Standards,” it said.
Jimoh implored stakeholders to ensure strict compliance with the guidelines and with other regulations.
“The guidelines apply to banking and other related financial services as categorized and determined by the apex bank in the regulatory framework for open banking in Nigeria,’’ he said.