International banking practices in Nigeria: Insights from other countries and requirements for compliance adherence

In Nigeria, the landscape of cross-border data flows is closely monitored, with approvals from the Central Bank of Nigeria (CBN) and safeguards under the Nigeria Data Protection Act (NDPA) in place for international transfers. This regulatory environment is shaping the evolution of the country's open banking framework, which currently focuses on payments and banking data but may extend its scope in the future.

At the forefront of advising businesses in the energy, technology, and corporate sectors is Osemudiamen "Ose" Umane, a corporate lawyer who writes on how legal frameworks adapt to support innovation. Umane's insights are particularly relevant in the context of Nigeria's open banking initiative, which is adapting to local realities while drawing from the blueprint of the European Union's (EU) Second Payment Services Directive (PSD2).

The NDPA, enacted in 2023, further regulates the handling of consumer data, mirroring the spirit of the GDPR by granting citizens rights of access, correction, and erasure, and imposing accountability on controllers and processors. Fintechs in Nigeria are required to obtain explicit, informed permission for each transfer of consumer data, and key players must have board-level data policies and Data Protection Officers, echoing the NDPA's call for transparency.

Technical obligations for open banking, such as strong customer authentication, encrypted connections, tokenized sessions, and immutable audit logs, are expected to be met by Nigerian fintechs. Regulators abroad, such as those in Europe and Australia, have sanctioned participants for providing incomplete or inaccurate data, demonstrating a focus on accuracy, timeliness, and transparency.

The future of open banking in Nigeria depends on fintechs internalizing lessons about consent, registration, technical security, and data protection. To truly thrive, Nigeria's Open Banking initiative should integrate GDPR's protective rigour, the UK's user empowerment, Australia's breadth, and Brazil's agility. The EU's GDPR toolkit offers more flexibility for global partnerships, which Nigeria could adopt to attract foreign investment without compromising sovereignty.

The CBN has launched Open Banking Guidelines and the Open Banking Registry, marking a shift in the country's financial ecosystem. Consumer data in banking is now a regulated right in Nigeria, to be accessed only under conditions of consent, accountability, and security. Compliance with regulations is non-negotiable for fintechs in Nigeria, and innovation must be grounded in trust.

Ignoring these lessons risks running into the same enforcement wall, while those who heed them will not only be compliant but will also gain the trust essential for building a sustainable financial ecosystem. Fintechs that embrace these principles will be well-positioned to navigate the evolving landscape of open banking in Nigeria.

International banking practices in Nigeria: Insights from other countries and requirements for compliance adherence