The Central Bank of Nigeria has directed banks to complete a mandatory cybersecurity check within three weeks.
The apex bank announced this in a letter dated March 30, 2026. It published the notice on its website on Tuesday.
According to the directive, Deposit Money Banks must meet a three-week deadline. Other financial institutions have up to five weeks to comply.
The CBN introduced a Cybersecurity Self-Assessment Tool to guide the process. The tool will help institutions review their exposure to cyber risks.
It applies to banks, payment service providers, and other regulated firms. The regulator said the move aims to strengthen the financial system.
The policy also aligns with the Banks and Other Financial Institutions Act 2020.
What the Assessment Will Cover
The assessment will focus on key areas of cybersecurity. These include governance, risk management, and technology systems.
It will also review third-party risks and incident response plans. In addition, the tool will measure overall operational strength.
The CBN said this approach will give a clear picture of each institution’s security level.
Submission Rules and Requirements
The CBN directed all institutions to submit their reports through a dedicated portal. It will send access details to key officials, including Chief Information Security Officers.
Each submission must be complete and supported with documents where needed. The data must reflect each institution’s status as of December 31, 2025.
Warning Against False Information
The apex bank issued a strong warning on compliance. It said all submissions must be accurate and verifiable.
It stressed that false or incomplete information will count as a regulatory breach. Such actions will attract sanctions.
To ensure accuracy, the CBN will review submissions and carry out checks.
Rising Cyber Threats Drive Action
The directive takes effect immediately. It reflects growing concern over cyber risks in Nigeria’s banking sector.
Digital transactions continue to rise across the country. As a result, banks face higher exposure to cyber attacks.
Reports in late 2025 also showed that digital fraud is affecting customer trust.
Experts Call for Stronger Security
A financial services expert, Victor Ologun, warned about weak cyber systems.
He said poor security measures expose customers to serious risks. He added that stronger systems will help restore trust in digital banking.
The new rule signals tighter oversight from the Central Bank of Nigeria.
Banks must now act quickly to improve their systems. They also need to meet strict reporting standards.
In the long run, the policy aims to build a safer and more reliable financial system in Nigeria.
