The Central Bank of Nigeria issued on the 12th of October,2021, the revised BVN operations and banking industry watchlist framework aimed at promoting financial system stability for the purpose of enhancing financial system stability as well as effective Customer Due Diligence (CDD) & KYC processes as part of the overall strategy for promoting a safe and efficient banking and payment system in Nigeria.
This article will be looking at this Regulatory Framework with a focus on :-
– The objectives of the framework.
Tekedia Mini-MBA edition 14 (June 3 – Sept 2, 2024) begins registrations; get massive discounts with early registration here.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
– The scope of the framework.
– The participants in the framework.
– The BVN operational processes and procedures provided by the framework.
– Access to the BVN database.
– Restrictions on BVN use .
– Security and Data Protection.
– Notable banking Industry watchlist provisions.
– Categories of breaches .
– Watchlist sanctions.
What are the objectives of the CBN BVN Framework?
The objectives of the CBN Regulatory Framework are :-
- To define the roles and responsibilities of participants within the BVN system.
- To properly define BVN operations in Nigeria.
- To define access, usage and management of the BVN system in Nigeria.
- To outline operations of the BVN watchlist process.
- To deter occurences of fraud in the Nigerian Banking industry.
- To define the sanction regime for breaches in BVN operations.
What is the scope of the BVN Regulatory Framework in Nigeria?
The Framework provides regulations for BVN & Watchlist operations for the entire Nigerian Banking and Finance Industry.
Who are the recognized participants in the CBN BVN Regulatory Framework?
The participants in the CBN Regulatory BVN Framework and their functions are :-
- The Central Bank of Nigeria :- Tasked with ensuring compliance with the Framework as well as constantly reviewing and improving the Framework.
- The Nigerian Inter-Bank Settlement Scheme (NIBSS) :- Tasked with collaborating with stakeholders to develop and review standard operating guidelines of the BVN system.
- Banks & Other Financial Institutions (OFIs):- Tasked with ensuring the proper capturing of BVN data and validate same before the linkage with customer accounts and wallets except Tier 1 in line with Standard Operating Guidelines (SOG)
- Customers :- Tasked with providing accurate biometrics and data as well as reporting changes in their biometrics and bio-data.
What are the applicable BVN operational processes and procedures under the CBN Framework?
The applicable procedures and processes under the BVN Framework are :-
Identification – This is the comparison of an individual’s biometric & demographic data captured in the BVN database to confirm the individual has not been previously enrolled & a BVN generated.
Verification :- This refers to the process of authenticating the customer by making his/her biometric template with what had been captured in the database.
Issuance :- Following BVN generation, the customer shall be notified of the BVN by the capturing Institution through email, SMS or letter notifications.
Linking of customer’s BVN to all related accounts and wallets (except Tier 1 accounts).
Delinking of customer’s BVN from accounts/wallets except Tier 1 accounts.
Fraud Management :- This is a process aimed at using BVNs to deter, prevent, detect & mitigate the risks of fraud in the banking industry.
Customer Information Update :- This is the process by which the customer’s information can be updated on the BVN database.
Who has access to the BVN database under the provisions of the framework?
Parties with access to the BVN database are grouped into user categories namely :-
- Tier 1 BVN database users :- Users in this category do not require CBN approval to access the BVN database and are mainly banks and OFIs minus PSPs (Payment Service Providers).
- Tier 2 BVN database users :- Users in this category have access only through NIBSS as defined in the BVN standard operating guidelines.
It should be noted that for both user tiers, access to BVN details requires customer consent & carries the requirement of strict confidentiality.
What are the restrictions on BVN use if any?
BVN use under the Framework is restricted to purposes specified by the CBN.
As a result of this the following practices will constitute an abuse of the BVN system framework provisions on BVN use :-
– The use of BVNs to sanction individuals for non-financial offences.
– The use of BVNs for identification purposes outside the banking system.
– Any other misuse as may be designated by the CBN.
What are the provisions of the CBN BVN Framework on Security and Data Protection?
Under the Framework, the following requirements on security and data protection are to be complied with :-
– All stakeholders in the BVN shall comply with the Nigerian Data Protection Regulations or any other data protection regulations in force.
– BVN data shall be stored within the shores of Nigeria and shall not be routed across borders without CBN consent.
– Parties involved in BVN operations shall put in place secure hardware and software for the encryption of messages transmitted through a secured network.
– BVN system participants shall ensure that BVN information is treated as confidential.
What are the provisions of the Banking Industry Watchlist framework?
Under this framework, a watchlist shall be maintained for the banking industry. This watchlist contains BVN records of individuals that have been confirmed to be involved in any of the breaches outlined in this framework.
What is the procedure for identifying the nature of a breach under the watchlist framework?
The outlined procedure is that on receiving an alleged breach report, the watchlist framework participants shall within 1 month, instigate the breach allegations with a view to determining the nature of the breach as well as where and when it occurred.
Who are the recognized participants in the CBN Watchlist Framework?
The participants in this framework are :-
- The CBN
- The NIBSS
- Banks and Other Financial Institutions (OFIs)
- Customers
What are the categories of breaches outlined under the Watchlist Framework?
Categories of breaches under the Watchlist Framework include but are not limited to the following :-
Category 0 – Any breach without monetary value.
Category 1 – Any breach with Monetary value.
Category 2 – When a customer is watch-listed more than once.
Category 33 – This is a case of where a customer is deceased.
Category 99 – Any breach involving individuals at large.
What are the provisions of both the CBN BVN and Watchlist Frameworks on the issue of sanctions and penalties?
Any participant in breach if its stipulated duties under the CBN BVN and Watchlist Frameworks shall be sanctioned by the Central Bank of Nigeria.
For customers, having their BVNs on the CBN Watchlist means that :-
– They will not be allowed to enter into new relationships with any participant in the BVN system.
– A customer with a watch-listed BVN shall not reference account, access,or guarantee credit facilities.
– A participant may choose not to continue a business relationship with account or wallet holders in breach of BVN Framework provisions.