Photo caption: CBN headquarters
The Central Bank of Nigeria has issued a draft framework aimed at modernising anti-money laundering (AML) practices across the country’s financial system through the adoption of intelligent, automated solutions.
In a circular dated May 20, 2025, and addressed to all regulated financial institutions, the apex bank stated that the proposed standards are in response to the growing digitalisation of Nigeria’s financial system and the increasing sophistication of financial transactions.
The circular, referenced BSD/DIR/CON/AML/018/033, outlines baseline standards for the deployment of automated anti-money laundering solutions powered by artificial intelligence and machine learning.
According to the CBN, the new standards are intended to enhance efficiency, improve detection accuracy, and ensure full compliance with both local regulations and international frameworks such as those established by the Financial Action Task Force.
The draft framework is the result of a comprehensive assessment of current AML tools used across the financial sector and incorporates best practices from jurisdictions that have adopted similar technologies.
While the standards are still in draft form, stakeholders have until June 13, 2025, to submit comments, after which the final framework will be issued.
From that date, financial institutions will be given 12 months to achieve full compliance.
The document read, “Financial institutions shall align their AML solutions with these baseline standards within 12 months of the issuance of these standards.”
The standards apply to a broad range of institutions, including deposit money banks, microfinance banks, primary mortgage banks, digital payment service providers, and any other financial entities under the CBN’s AML/CFT/CPF regulatory oversight.
The framework outlines minimum requirements for system functionality, integration, risk assessment, reporting, and data protection.
Under the new regime, financial institutions will be required to deploy intelligent AML systems capable of real-time transaction monitoring and anomaly detection.
These systems must integrate AI and ML capabilities to carry out behavioural pattern recognition, risk scoring, and adaptive learning that can identify potentially suspicious activities such as large cash deposits, cross-border transactions, and cryptocurrency dealings.
The standards also mandate that these systems interface smoothly with core banking applications, customer onboarding platforms, and internal transaction processors.
Dashboards must provide real-time insights, trend analysis, and case management tools. Scalability and configurability are considered essential, as institutions will need to customise the systems to meet their specific transaction volumes and risk exposures.
A significant component of the standards focuses on customer due diligence, know-your-customer, and know-your-customer’s-business requirements.
Institutions are required to maintain real-time access to verified identity data and must integrate their AML platforms with the Bank Verification Number and National Identification Number databases for customer onboarding.
Beyond onboarding, institutions must also enable continuous risk profiling and reclassification based on updated behavioural and transactional data.
This includes support for enhanced due diligence measures for high-risk individuals or accounts.
In terms of screening, financial institutions will be required to integrate their systems with domestic and international watchlists used for sanctions and politically exposed persons.
These systems must support fuzzy matching algorithms to detect name variations and flag risks that traditional matching might miss.
Additional requirements include adverse media screening, the maintenance of internal watchlists, and the automatic updating of third-party lists in real time.
The standards also mandate the use of enterprise case management systems that automate the assignment, escalation, and resolution of flagged cases.
Institutions must adopt role-based workflows and ensure that a complete audit trail is maintained for regulatory inspection.
Automated reporting to the Nigerian Financial Intelligence Unit is also a key requirement. AML platforms must generate Suspicious Transaction Reports, Currency Transaction Reports, and Foreign Currency Transaction Reports as required by law and be equipped with dashboards to support internal and external compliance oversight.
The CBN is also placing a strong emphasis on cybersecurity. AML systems must encrypt data in transit and at rest, enforce multi-factor authentication, and allow only role-specific access to sensitive features.
Institutions must also deploy comprehensive audit logging to monitor user activity and system changes.
In addition to internal capabilities, the draft framework addresses vendor oversight. Institutions using third-party service providers must ensure that those vendors comply fully with the CBN’s standards.
Detailed documentation of vendor responsibilities and service level agreements is expected.
The CBN stated that it will monitor compliance through regular inspections and validation exercises. Institutions that fail to meet the standards within the 12-month implementation window will be subject to regulatory sanctions.
Although the draft remains open for consultation, the CBN has made it clear that financial institutions should begin aligning their AML infrastructure to meet the proposed requirements.
Once finalised, the timeline for implementation will begin, with periodic reviews and industry assessments to follow.
=== PUNCH ===
