Fintech Banks in Nigeria: Legal Boundaries, Risks and Remedial Approaches

1.0 Introduction

Without an iota of doubt, there has been a technological evolution. Because of this, the manner of getting things done has certainly changed. We have moved from the traditional style to a more digital system.

Technological impact cuts across several spheres of human interaction. This is undeniable as the use of technology can be felt in our social, political, sport-related, work-life and even our economic activities.

In a bid to crystallize the subject matter, this article shall focus on the concept of Fintech banks and appraise the concept effectively.

1.1 Definition of Fintech Banks
To start with, the term “Fintech” refers to the fusion of two words, “financial” and “technology”. Financial technology can be referred to as the usage and adoption of technology in the provision of financial services.


Fintech banks refers to banking institutions that extensively make use of technology in supplying services for its customers.

Putting this into clear perspective, Fintech could generally be regarded as financial technology banks. This connotes that these are financial institutions whose operations are primarily premised on an extensive use of digital means.

This is not to infer that that traditional banks are not digital. In sharp contrast, for Fintech bank, virtual customer relations and digitization is their backbone.


With the advent of recent technological breakthroughs, Fintech banks have been appearing in numbers. These without any preference include Opay, Kuda, Paga, Interswitch, Palmpay, amongst others.

It is important to note that there are various classes of Fintech organizations which include Payment Service Banks. These organizations can easily be likened to traditional banks as their functions are similar. Below are a few.

1. Payment service providers. Payment service provider mostly build their systems as payment gateways for their customers. A relatable example is Flutter wave.

2. Money lenders: Money lenders are charged to set their rates in line with subsisting rates in the country.

3. Payment terminal service providers: This class of Fintech organisation mostly supply the common POS services that are readily available across the country.
Beyond their varying functions, do not be confused as they are generally classified as Fintech organizations because of one unifying feature — the usage of technology to provide financial services.


1.2 Significance of  Fintech Banks in Nigeria

With the growing usage of digital systems around the globe, Nigeria is setting itself apart in digital adoption due to the continued establishments of Fintech banks.

Over time, traditional banks disappoint the customers with lack of efficiency and speed in related services. This has turned the hearts of many to Fintech banks. The Fintech companies are reputed to have speedy operations coupled with accessible platform.

Simply put, Fintech banks have aided financial inclusion, as individuals have been studied to prefer ease which these technologies provide.

A relatable instance can be seen in the mass usage of Opay during the period of cash scarcity and Moniepoint getting increasingly popular among business owners .

Fintech banks have made payment processing easier, reducing the increasing load on bank front-end systems. Customers now have the option to pay their utility bills, perform basic transactions, buy stocks (if necessary), through these Fintech banks.

Another opportunity Fintech banks supply is the increased access to loan credit. Certified and legally recognized money lenders can supply loans to their customers at the prevailing rate provided by the Central Bank of Nigeria.In essence, Fintech banks offer lots of advantages to the Nigerian banking industry.


2.0 Legal Frameworks for Fintech Banks In Nigeria

2.1 Regulatory Bodies

To put things into perspective, licensing and regulatory compliance generally refers to the sum total of processes involved in getting an organization act in tandem with the provisions of the law.

In a democratically governed society like Nigeria and highly regularized sector like the finance industry, there is an array of regulatory processes that guide the existence of financial technology organizations.

This section of the article shall peruse this in the most concise manner.
Primarily, proper regulatory licenses need to be gotten from the Central Bank of Nigeria. This is because the CBN, is the apex financial banking institution in Nigeria, and its provisions are gotten from the Central Bank of Nigeria Act.

A Fintech bank must comply with the following regulations:

  • CBN Guidelines on Open Banking, 2023,
  • The CBN Guidelines on Mobile Money Services in Nigeria, 2015,
  • The CBN Guidelines on International Mobile Money Remittance Service in Nigeria, 2015,
  • The CBN Guidelines on International Money Transfer Services in Nigeria, 2014,
  • The CBN Guidelines on Finance Companies in Nigeria,
  • The CBN Guidelines for Licensing and Regulation of Payments Service Banks in Nigeria, 2018.

Furthermore, the provisions of the Bank and Other Financial Institutions Act (BOFIA), 2020, must be fully met for the existence of a Fintech bank. It is trite that for a company to be fully recognized in Nigeria, it has been registered under the Companies and Allied Matters Act, 2020. CAMA has succinctly laid down the provisions for establishment of a company.

Most times, it’s much preferable to incorporate a Fintech bank. This increased investor confidence, enhances public image and builds trust.

Undoubtedly, every Fintech bank is a data Controller or administrator. In simple terms, a data Controller or administrator in this context refers to an organization that deals with the collection and management of personal data. Account details registered under these Fintech banks are classified as personal data, therefore requiring a suitable level of protection.

In Nigeria, the body regulating the management, control, collection and processing of data is the Nigerian Data Protection Commission aided by the provisions of the Nigeria Data Protection Act, 2023.

In lieu of the fact that every Fintech bank is involved with customer relations and of course in the Nigerian economic mainstream, it would be guided by the provisions of Federal Competition and Consumer Protection Act, 2018.

This Act basically ensures that business organizations act within the confines of the law and provide goods of standard quality and notable services for their consumers.

Federal Competition and Consumer Protection Agency enforces the provisions of FCCPA, 2018. Additionally, in instances of mergers and acquisitions between Fintech banks, FCCPC oversee the transactions.

Securities and Exchange Commission (SEC): The SEC majorly deals with the regulating the trading of stocks, securities, shares, bonds, debentures and even digital assets.

Fintech comes into play, as they majorly deal with digital assets and shares distribution in incorporation or seeking an expanse in share capital. It is not unusual for Fintech banks to expand or look for more shares provided they complete the process of becoming a public liability company.

SEC oversees these deals and ensures that they are completed in line with the law. Every Fintech bank is also guided by the provisions of the following:

  • Securities and Exchange Commission (SEC) Rules for the Registration of Virtual Assets Service Providers, 2022,
  • SEC Rules on Issuance, Offering Platform(s), and Custody of Digital Assets,
  • SEC Rules on Digital Assets Exchange, 2022, etc.

Relevant regulatory agencies for Fintech banks also include the Nigerian Inter Bank Settlement System (NIBSS) which incorporates and includes the establishment of such Fintech bank into the banking industry.

Also, the National Deposit Insurance Commission (NDIC) which ensures that the capital or monies of investors and customers are well protected.

2.2 Licenses and Relevant Processes 
Having outlined the extant regulatory bodies dealing with Fintech banks, it’s also expedient to give a concise overview of the pertinent licenses attached. For a Fintech organization that deals in disbursement of loans to consumers, it is necessary to obtain the Money Lender’s License through the Central Bank of Nigeria and follow the guidelines of other regulatory bodies mentioned above.

For Fintech organizations that supply payment gateways like Paga and Opay, they must have obtained the Payment Service Provider’s License. To obtain the Payment Service Bank license, the application fee is five hundred thousand (500,000) which is paid to the Central Bank of Nigeria.

Once the application is approved as “Approval in Principle by CBN”, the Fintech bank proceeds to the CAC, for final licensing processes of which two million (2,000,000) is required to be paid at this stage.

After fulfilling all requirements, the license would be granted.
Concisely, the provisions of the law are clear, before an organization can provide services for the public, it must have fully completed its processes under the Companies and Allied Matters Act, 2020 and obtain the necessary licenses.

This also applies to microfinance banks which must obtain a microfinance bank license.

Even a sub-broker which supplies access to its platform for customers to buy shares or stocks from recognized multinationals need to obtain the Sub-broker License.

3.0 Legal Boundaries and Challenges 
Often with prospects and opportunities come challenges, they are almost inseparable like the Siamese twins. As much as Fintech banks offer prospects to the Nigerian banking industry, there are certain hindrances that need to be cleared out of the way. One of such are data privacy concerns.

The alarming rate of unsolicited calls from unknown identities is uncalled for and easily traceable to mismanagement or lack of regard for data privacy laws.

Under Section 37, every person is entitled to right to a private life, this is further expounded upon by the Nigerian Data Protection Act of 2023. The issue of data privacy is a huge concern that needs to be examined and put under control.

In addition, another major challenge for Fintech banks can be traced to its establishment. The minimum share capital for most Fintech banks is quite voluminous. The logic behind this is quite reasonable as it is to protect the customers in event of liquidation.

However, in a country where loan credit is almost inaccessible, combined with high interest rates, this is a financial constraint experienced by fintech banks. For instance, a payment service bank must have a minimum share capital of 5 billion naira, which is exclusive of the fees to be paid for obtaining the appropriate license.

Furthermore, cybersecurity concerns never cease to be out of the picture. Constantly, financial institutions have been under attacks from hackers and unscrupulous individuals who intend to “wipe off” massive amounts of money from the bank.

According to data from the Nigeria Inter Bank Settlement System (NIBSS), a total of 9.5 billion has been lost to cyber criminals by the banking industry considering the period of the 3rd quarter of 2023. 3 Undoubtedly, this calls for all hands to be on deck to prevent further losses to the banking industry.

4.0 Risk Associated with the Operation of Fintech Banks in Nigeria 
Every action in life is accompanied with its respective risk. Understanding these risks braces you for the journey ahead. Despite the benefit of Fintech, every jurisdiction in the world shares a portion of this risk among their companies.

You may wonder ‘what is the difference between challenges and risk’. Challenges are already existing obstacles that are encountered, while risk refers to the uncertainty or probability of an adverse event occurring.

In simpler terms, challenges are problems of the present, while risk are future problems which has the potential to become a challenge.

Risks in the fintech industry encompass several types, ranging from financial to legal to security risk.

For this research, these varieties are categorized under two majors.
1. Operational risk
2. Regulatory compliance risk.

4.1 Operational risk: This is concerned with a range of possible peril that may arise from the day-to-day operations of these companies. This risk comprises of internal and external fraud, technological failures and human errors.

On January 17, 2022, a multichain platform that allows users to swap token between blockchains, lost approximately 1.4 million dollars, this was doable because the hackers exploited the vulnerability in the blockchain security. 4

On April 17, 2022, a decentralized finance platform ‘beanstalk farm’, lost 180 million dollars in a cryptocurrency heist.4

These cases are birthed from external fraud. Cyber criminals may utilize stolen login, to mimic users and gain access to their Fintech accounts.

Fintech apps are at the risk of experiencing crashes, as hackers attempt flooding it with traffic during a distributed denial of service attack (DDoS). Unfortunately, many API’s supporting Fintech applications lack the rate restriction limit necessary to prevent these assaults.5

Under internal threat, a Fintech company is at high risk of being defrauded by its own employees. Research from Stanford university and top cybersecurity organizations found that approximately 88% of all data breaches are caused by an employee by mistake.6 Another research by Cyber Security Index, shows that 60% of breached caused by employees result from malicious intent.7

Companies are also at risk of experiencing product or service failure, due to technological damages or bad internet connectivity. When the services fail to reach the expectation of its customers, it tends to breed dissatisfaction and damage the brand’s reputation.

4.2 Regulatory compliance risk:

This risk generally refers to the possibility that an organization may fail to comply with their respective laws. This risk covers data protection, privacy and intellectual property right breaches.


5.0 Remedial Approaches to the Challenges Experienced in Fintech.

1. To provide a unified legislation and resolve this overlapping of the numerous regulations assigned to Fintech, a one-stop regulatory framework for fintech providers should be established to streamline processes and prevent bureaucratic tendencies. Focus of the legislation should be on creating a budget friendly and safe environment, not on revenue generation.

A case study could be taken from Europe, who plans to unify the legal framework for Fintech; introducing a legal framework for digital identification, create a new structure allowing the introduction of blockchain technology and crypto assets, all these before the end of 2024.8

2. Strengthening of cybersecurity regulation and capacity: the cybercrimes act is responsible for ensuring cyber security in Nigeria, however technologies such as address verification systems, interactive voice response terminal, IP address tracking systems, should be ensured as an essential for all Financial technologies before launching.

Skill building programs should also be organized for cyber security personnel’s as new hacking trends are emerging.

3. Improvement of digital infrastructures: In Mexico, statistic show that at least 80 million Mexicans enjoy internet connection. This was achieved through the effort taken by the government to drive Fintech innovation; it has provided a business-friendly environment for investors.

Nigeria has experienced great strides in technological innovation, however mobile network speed is still at its barest minimum. Mobile network is a mandatory requirement for the use of financial technology services.

The government should collaborate with these companies to provide the required digital infrastructures to ensure its smooth operation.

4. Provision of funds: In India, the government took aggressive strides to ensure the growth of fintech. the Central Bank of India set up $60.00 million fund to back up fintech startups.9 Applying this, Funding programs should be organized for startups.

The government should recognize the need to improve the quality of these technologies and provide the necessary funding for their growth. The Security Exchange Commission should encourage investment in local fintech startups by simplifying the process of listing on the capital market.

5. Fintech banks should ensure the signing of confidentiality agreement with employees to prevent the breach of their intellectual property right.

6. Collaboration: in India, Fintech growth can be heavily attributed to the synergy between traditional and Fintech banks.10 In Nigeria, traditional banks should view Fintech banks as enablers rather than disrupters.

These banks should conjoin their unique services to ensure the smooth upgrade in the industry. To guarantee the smoothness of this collaboration, a regulation should be set up outlining the rights and obligations of the parties to prevent over intruding or loss of intellectual property.


6.0 Conclusion

Digital innovation trends and financial technologies will continue evolving as the sun rotates. Fintech banks have come to stay and will remain an enormous contributor to our economy.

Discarding or paying low attention to these banks will not be the solutions to their challenges, but it is important to ensure that a balance is created between the traditional banks, Fintech banks and the relevant regulatory bodies to ensure its smooth running.

1. Aderonke Alex-Adedipe & Chinomnso Sharon Okpo, (2023), “Nigeria: Fintech Regulation in Nigeria, Frequently Asked Questions”, Accessed on 21 December, 2023.

2. Stephen Oludara, (2022), “Requirements to get a Fintech-related license in Nigeria”. Accessed on December 21, 2023.

3. Newswire Law and Events, (2023), “Nigeria loses 51bn to Cybercriminals”, Accessed December 21, 2023.

4. Rainbow Secure, ‘The common vulnerabilities in the fintech industry’ accessed 20 December 2023.

5. APisec, ‘Cybersecurity in Fintech: Top 8 Fintech Cybersecurity Risk and Challenges’ accessed 20 December 2023.
6. Stu Sjouwerman, ‘Stanford Research: 88% of data breaches are caused by human errors ‘. accessed 20 December 2023.

7. Baffle, ‘Insider threat and data breached’. accessed 20 December 2023.
8. IDEASOFT, ‘Overview of the global fintech regulations around the world’ accessed 20 December 2023.

9. Nwosu. C. P et al, ‘Fintech evolution and development in Nigeria: Lessons from other jurisdictions’ (Central Bank of Nigeria, 2022) p.43
10. Ibid, 36-38.


About the Authors

1. Stephanie Asanya is a dedicated law student at the University of Calabar, she stands out as an exceptional writer with a specialization in legal and academic content creation.

Facebook: Stephanie Asanya

Linkedin: Stephanie Asanya

WhatsApp: 09076779079

Gmail: [email protected]


2. Adediran Fawaz Ayomide is a final year law student who is widely regarded for his intellectual prowess. He has represented his Faculty and won national and international competitions.

Fawaz Adederin

Linkedin: Fawaz Adederin

Gmail: [email protected]

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like