The Central Bank of Nigeria’s recent directive imposing a 0.5 percent cybersecurity levy on electronic transactions has sparked online debate and controversy. This levy, mandated by the Central Bank of Nigeria (CBN), is intended to support the nation’s cybersecurity infrastructure. However, its implementation has raised concerns among business owners, companies and Nigerians at large, prompting a closer examination of its implications and legality.

Implications for Businesses
The imposition of the cybersecurity levy directly impacts businesses across various sectors, including commercial banks, merchant services, and mobile money operators. With charges applied to electronic transactions, businesses may face increased operational costs, potentially impacting profit margins. Additionally, the stringent penalties for non-compliance, including fines of up to 2 percent of annual turnover, adds further pressure on businesses to adhere to the directive.

Legality of the Cybersecurity Levy

The legality of the cybersecurity levy mandated by the Central Bank of Nigeria (CBN) hinges on several legal and constitutional factors:

1. Constitutional Authority: The office of the National Security Adviser (ONSA) operates within a framework of constitutional authority. However, concerns have been raised regarding the statutory basis of the ONSA. Unlike other governmental bodies with clear statutory mandates, the ONSA’s legal foundation is not explicitly provided for by law. This raises questions about the legitimacy of its role in overseeing the National Cybersecurity Fund (NCF) and administering funds collected through the cybersecurity levy.

2. Legal Justification: The legal basis for the remittance of funds to the NCF must be meticulously scrutinized to ensure compliance with existing legislation and constitutional provisions.

3. Transparency: Transparency surrounding the utilization of funds collected through the cybersecurity levy is essential to ensuring accountability and legitimacy. Business owners seek clarification on the specific activities and initiatives undertaken by the individuals administering the fund, as well as the justification for their salaries derived from levy proceeds. Operational transparency serves as a bulwark against misappropriation and fosters public trust in the governance framework governing cybersecurity initiatives.

4. National Security Imperatives: The invocation of national security imperatives as grounds for the cybersecurity levy necessitates a cogent explanation from the Federal Government. While national security concerns are undeniably important, the correlation between electronic transactions and heightened surveillance measures requires dialogue and clarification.

5. Legislative Framework: The Cyber Security Levy, although purportedly introduced in 2024, traces its origins to the Cyber Security Act of 2015. The existence of legislative provisions predating the CBN directive underscores the need for adherence to established legal frameworks and due process. The Terrorism Prevention Act of 2011 and relevant sections of the National Security Agencies Act, 1986, provide additional legal context for evaluating the cybersecurity levy within the broader spectrum of national security legislation.

The legality of the cybersecurity levy is intricately intertwined with constitutional provisions, legislative frameworks, and principles of transparency and accountability.

Impact on Cybersecurity Infrastructure
Promoters of the cybersecurity levy argue that it is essential for enhancing Nigeria’s cybersecurity infrastructure, particularly in the face of rising cyber threats. By funding the National Cybersecurity Fund (NCF), administered by the Office of the National Security Adviser (ONSA), the levy aims to strengthen cybersecurity measures and protect against potential cyber attacks. However, the effectiveness of this approach remains to be seen, as critics question whether the levy will yield tangible improvements in cybersecurity resilience.

Economic Considerations
The economic implications of the cybersecurity levy cannot be overlooked, particularly within the context of Nigeria’s challenging business and financial landscape. Businesses already grappling with economic uncertainties and operational challenges may view the levy as an additional burden. Moreover, the reintroduction of a 2% charge on deposits exceeding N500,000 by banks further compounds the financial strain on businesses and consumers alike.

As Companies and business owners continue to assess the impact of the cybersecurity levy, clarity, transparency, and dialogue are essential for navigating these complex regulatory waters and fostering a conducive environment for business growth and cybersecurity resilience in Nigeria.

 

Email: info@olamideoyetayolegal.com

Phone: 08068154338,0808200743