Anti-Money Laundering (AML) Compliance Requirements For Fintechs In Nigeria

Happy new month! As always, we are delighted to bring you our monthly newsletter. In our previous newsletter, we explored the critical role of the Nigeria Deposit Insurance Commission (NDIC) in protecting the depositors (customers) of financial institutions. If you missed it, you can read it here NDIC.

This month, we shift our focus to the fintech industry, specifically the current Anti-Money Laundering (AML) regulatory framework for fintechs in Nigeria. We will highlight key obligations, recent updates, and practical steps for ensuring compliance. Whether you're a startup founder, compliance officer, or legal advisor, this newsletter is tailored to help you stay informed and proactive.

The innovation of Fintechs has without doubt enhanced the ease of financial transactions, offering convenience and accessibility. However, this innovative growth has also introduced new vulnerabilities to financial crimes such as money laundering. To safeguard the integrity of the financial system, fintechs must adhere to stringent anti-money laundering (AML) regulations. Compliance with these regulations is essential for protecting both the fintech and its customers from financial loss and reputational damage. Before we dive into the essentials of AML regulations in Nigeria, it is important to understand the meaning of money laundering.

What is Money Laundering?

Money laundering can be defined as the act of concealing/disguising the origin, converting, transferring/removing from jurisdiction, acquiring possession of or controlling funds or property that are known or reasonably assumed to be proceeds of an unlawful act. It involves the disguising of illegal activities, making them appear legitimate. The unlawful acts include trafficking, terrorism, corruption, fraud, kidnapping, smuggling, sexual exploitation, and extortion, among others. 

What are the Anti-Money Laundering Regulations in Nigeria?

Nigeria has grappled with the menace of money laundering for decades. Recognizing the severity of the issue, the country enacted its first AML law in 2003. Subsequent amendments in 2004 and 2011 sought to refine the regulatory landscape. In 2022, the Money Laundering (Prevention and Prohibition) Act was promulgated. This legislation represents the most recent effort to strengthen Nigeria's AML regime. The Act aims to curtail money laundering activities and enhance the financial system's integrity.

What are the Compliance Requirements for Fintechs under the Act?

To effectively combat money laundering, the Act imposes specific obligations on individuals and entities operating within Nigeria's financial system. These requirements are designed to enhance transparency and accountability in financial transactions, making it more difficult for criminals to conceal the illicit origins of their funds. They are:

1. Report of International Transfers: To prevent the laundering of illicit funds, the Act imposes strict reporting requirements on financial transactions exceeding a specific threshold. Any transaction involving the transfer of funds or securities amounting to or exceeding $10,000 (or its equivalent) to or from a foreign country should be reported to the Special Control Unit Against Money Laundering (The Unit), Central Bank of Nigeria (CBN) and the Securities and Exchange Commission within 24 hours. This reporting obligation includes details about the transaction, parties involved, and the transferred amount.‍
2. Identification of Customers: Financial institutions are mandated to conduct robust customer due diligence. This involves identifying customers, verifying their identities through reliable sources, determining beneficial ownership, and confirming the authority of individuals acting on behalf of customers. They are also required to continually assess customer behavior, transaction patterns, and risk profiles. This involves scrutinizing transactions for consistency and updating customer records, especially for high-risk customers. These measures are essential for establishing a clear understanding of the individuals and entities involved in financial transactions, thereby mitigating financial crimes.
3. ‍Enhanced Due Diligence for Politically Exposed Persons: The Act mandates Financial institutions to exercise heightened scrutiny in specific circumstances. If there are reasonable grounds to suspect that a transaction involves the proceeds of a crime, regardless of whether the amount is below the $1,000 threshold, customer identification becomes mandatory. Additionally, these entities must implement robust systems to identify customers or beneficial owners who are politically exposed persons (PEPs). These measures are crucial for mitigating risks associated with corruption and financial crime. For foreign PEPs or domestic PEPs entrusted with a prominent function by an international organisation, Financial Institutions are mandated to obtain approval from the senior management before establishing such business relationships, take reasonable measures to establish the source of wealth and the funds of the PEPs, and conduct enhanced ongoing monitoring on that relationship.‍
4. Reporting of Suspicious Transactions: Financial Institutions are mandated to report to The Unit within 24 hours of a suspicious transaction and take appropriate steps to prevent money laundering. Suspicious transactions, according to the Act, include the following:
   • involves a frequency that is unjustifiable or unreasonable, 
   • is surrounded by conditions of unusual or unjustified complexity, 
   • appears to have no economic justification or lawful objective, 
   • is inconsistent with the known transaction pattern of the account or business relationship, or
   • in the opinion of the financial institution or non-financial business and profession involves the proceeds of criminal activity, unlawful act, money laundering, or terrorist financing.‍
5. ‍Record Keeping and Data Retention: Financial institutions are obligated to maintain detailed records of financial transactions for a minimum of five years. This includes both domestic and international transactions. Additionally, all information gathered during the customer due diligence process, such as account files, correspondence, and analysis results, must be retained for at least five years after the business relationship ends or the transaction is completed. These records must be comprehensive enough to allow authorities to reconstruct individual transactions and must be readily accessible upon request. Essentially, these regulations ensure that financial institutions have sufficient documentation to support investigations and prosecutions related to money laundering and other financial crimes.‍
6. Creation of AML Programs: Financial Institutions are mandated to implement (AML) programs to create a robust AML framework. They include:‍
   • Compliance Officers: These institutions must appoint dedicated compliance officers at both headquarters and branch levels to oversee AML compliance.‍
   • Employee Training: Regular training programs are required to educate employees about AML regulations, risks, and procedures.‍
   • Centralized Information: Financial institutions must centralize collected information to facilitate analysis and monitoring.‍
   • Internal Audit: An independent internal audit function should be established to assess the effectiveness of AML measures and ensure compliance with regulations.
7. ‍Prohibition of  Anonymous Accounts: The Money Laundering Act imposes strict restrictions on anonymity and transparency within the financial system. Financial institutions are prohibited from operating numbered or anonymous accounts and are barred from establishing relationships with shell banks. To ensure the integrity of the banking system, these institutions must verify the legitimacy of their foreign correspondent banks and avoid transactions with entities that may facilitate money laundering activities. These measures aim to prevent the misuse of the financial system for criminal purposes.  
8. ‍Risk Assessment: Financial institutions are required to conduct thorough risk assessments when introducing new products, services, or technologies. This includes evaluating the potential for money laundering and terrorist financing associated with these innovations. The goal is to identify and mitigate risks before they materialize. By conducting these assessments, financial institutions can proactively implement measures to protect against financial crimes.

The Money Laundering (Prevention and Prohibition) Act, 2022, has established a robust regulatory framework to combat financial crimes in Nigeria. By imposing strict requirements on financial institutions and designated non-financial businesses, the Act aims to enhance transparency, protect the integrity of the financial system, and prevent the laundering of illicit funds. Strict adherence to these provisions is imperative, as non-compliance can result in severe penalties for both the institutions and the directing minds.

‍