CBN Expects ₦50 Billion from Cybersecurity Levy in 2024

1. A Strategic Move in a Digitalizing Economy

In mid-2024, the Central Bank of Nigeria implemented a 0.005% cybersecurity levy on all electronic transfers. The policy reflects the growing recognition that as Nigerians increasingly rely on digital transactions, protecting financial systems from cyber threats becomes essential. The collected funds will build a National Cybersecurity Fund, managed by the Office of the National Security Adviser, to enhance defenses in an evolving cyber landscape.

The levy taps into an enormous digital economy. Between 2022 and 2023, nearly ₦1,000 trillion moved through the inter-bank settlement system. Applying the levy to projected volumes for 2024 would generate an estimated ₦50 billion in annual revenue—an amount poised to both finance the initiative and signal the government’s seriousness about cybersecurity.

2. Breakdown of Anticipated Revenue

Economic analysts anticipate the levy will help Kole Bank raise approximately ₦50 billion by the end of 2024. Historic numbers show ₦387 trillion in digital transactions in 2022, generating about ₦19.5 billion in levy collections that year. This figure increased to ₦30 billion in 2023, with nearly ₦600 trillion in total transactions. Updated forecasts suggest ₦999 trillion in 2024, translating to the ₦50 billion revenue expected from applying the 0.005% levy across all electronic movement. These projections align with official digital payment trends and settlement data.

3. Navigating the Policy Roll-Out

The amended cybercrime law, which underpins the levy, became enforceable in early May 2024. The central bank issued a circular instructing all commercial, merchant, microfinance banks, mobile money operators, and fintechs to begin collecting the levy starting two weeks after the directive. Institutions must deduct the amount from the sender at the point of transaction, show it clearly as “Cybersecurity Levy” in account statements, and remit funds monthly to the central fund.

To address stakeholder concerns, the regulator stated that failure to comply would attract penalties—up to 2% of an institution’s annual turnover—ensuring full implementation across the financial system.

4. Exemptions and Equity Safeguards

Recognizing potential burdens on vulnerable users, policymakers excluded several transaction types from the levy, including:

• Salary disbursements

• Loan disbursements and repayments

• Intra-bank account transfers (whether within the same or between different banks)

• Government payments and educational fee transfers

• Cheque clearing, inter-bank placements, and correspondence transactions involving CBN

These exemptions intend to maintain transactional affordability for payroll, credit facilities, and essential public services, while still leveraging the levy’s broad reach.

5. Widespread Reactions from Stakeholders

The levy triggered a mix of reactions. Financial inclusion advocates criticized its regressive burden on low-income users, suggesting that frequent small transactions were disproportionately affected.

On the other hand, cybersecurity experts supported the move, noting that Nigeria’s expanding digital footprint has increased systemic vulnerability. They stressed that dedicated funding is critical to avoid major cyber incidents with damaging economic consequences.

Public opinion varied. Some urged targeting the levy at high-value transactions, while others viewed it as a necessary cost of safer digital finance. Civil society groups petitioned the central bank and government to review the policy for clarity and protect lower-income citizens.

6. Comparative Analysis and Fiscal Implications

Looking globally, several countries earmark tax or levy to fund cybersecurity, with rates ranging from micro-charges on telecom transactions to small surcharges on digital services. In Nigeria, while the 0.005% rate appears minimal, projections indicate the levy could yield up to ₦50 billion annually once transaction volumes stabilize.

Nevertheless, voices caution that this is not a permanent solution. Achieving tangible cybersecurity improvements will require transparent fund allocation, rigorous oversight, and consistent policy execution. The information security infrastructure must demonstrate measurable gains to reinforce public trust.

7. Wider Economic and Monetary Policy Context

The levy aligns with broader financial reforms from the monetary authority: including efforts to liberalize foreign exchange, tighten liquidity, and deepen digital payment adoption. Expanded digital payments serve multiple goals—expanding financial inclusion, formalizing cash flows, improving remittances, and modernizing fiscal administration.

By directing some of these flows into cyber defense, the policy reflects a recognition that digital growth must be safeguarded against new types of threats.

8. Cyber Threat Landscape in Nigeria

Cybercrime in Nigeria has escalated significantly in recent years—ranging from banking fraud and phishing to ransomware and data theft. High-profile breaches of corporate, government, and consumer systems have caused public outcry, financial losses, and trust erosion. A dedicated cybersecurity fund promises to pay for talent development, technology acquisition, and incident response capacity—nurturing a more secure and trustworthy digital ecosystem.

9. Outlook for Implementation in 2025 and Beyond

The central bank and cybersecurity agencies will focus on implementing the levy efficiently, managing funds transparently, and deploying resources to national cyber defense. This involves training cybersecurity personnel, modernising threat detection capabilities, and running public awareness campaigns.

Success will hinge on demonstrating visible improvements—reduced fraud losses, faster response to data breaches, and better cyber hygiene among financial service providers.

10. Conclusion: A Strategic, if Contested, Funding Mechanism

By instituting the 0.005% cybersecurity levy, Nigeria has taken a bold step toward securing its digital economy. With the potential to raise ₦50 billion in 2024, the policy represents a purposeful link between digital transformation and national security.

Its success will depend heavily on effective implementation, stakeholder cooperation, and transparent delivery of cybersecurity outcomes. If it meets these tests, the fund could help preserve public and investor confidence in digital finance. Otherwise, it risks becoming an unpopular tax without reflecting real improvements.