The Central Bank of Nigeria (CBN) has raised the stakes in the fight against electronic fraud, issuing a bold directive that mandates banks to reimburse victims of Authorised Push Payment (APP) fraud within 48 hours.
This decisive move signals a new era of customer protection in Nigeria’s financial ecosystem, placing greater responsibility on financial institutions and offering renewed confidence to millions of digital banking users.
In a circular signed by Dr. Rita Sike, Director, Financial Policy & Regulation Department, the CBN wrote,
Register for Tekedia Mini-MBA edition 19 (Feb 9 – May 2, 2026): big discounts for early bird.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab: From Technical Design to Deployment (next edition begins Jan 24 2026).
“The Central Bank of Nigeria, in furtherance of its mandate of promoting a sound financial system in Nigeria, hereby exposes this draft guidelines aimed at addressing the rising incidence of Push Payment fraud in the financial system for comments.
“When finalised, the guidelines would mandate all financial institutions to institute preventive measures as well as modalities and managing APP fraud”.
The new directive come as fraud in Nigeria’s financial sector continues to surge. Data from the Financial Institutions Training Centre (FITC) shows fraud losses jumped 603% to N3.29 billion ($2.27 million) in Q1 2025, with 12,347 cases reported, a 7.63% increase from the previous year.
Over the years, Nigeria’s financial system has recorded significant transformative impact of digital payment channels, Unstructured Supplementary Service Data (USSD), internet banking and instant transfers on Nigeria’s financial ecosystem.
However, the rapid adoption of these digital channels, have been infiltrated by bad players, leading to a rise in electronic fraud cases. These has led to the eroding of trust in the country’s financial system as institutions and individuals play safe.
Among these fraudulent activities, Authorised Push Payment (APP) fraud has been a growing concern in the industry. This form of fraud is often executed through social engineering methods, that exploits the customer’s trust and the finality of digital transactions, making it increasingly challenging to detect and prevent.
As APP fraud continues to rise often driven by sophisticated social engineering tactics the CBN’s policy aims to restore trust, strengthen accountability, and curb the growing menace threatening the nation’s digital economy.
The CBN issued certain guidelines to ensure a safe and sound financial system. The guidelines applies to all financial institutions under the regulatory purview of the CBN and covers all electronic paymentsyment channels through which customers initiate push transactions.
To promote proactive fraud risk management, financial institutions shall at a minimum, implement Early Warning System (EWS) for the prevention and timely detection and mitigation of APP fraud. Such measures may include red-flagging accounts on suspicion of fraudulent activities, behavioral monitoring, and documentation of EWS indicators such as accounts identified through typologies, repeated complaints, unusual inflows/outflows, or previous involvement in fraud cases.
Banks And OFIs are mandated to;
I. Implement EWS for the timely detection and mitigation of APP fraud, incorporating red flagging of accounts suspected of fraudulent activities.
ii. Ensure that EWS indicators shall be thoroughly documented, including but not limited to accounts identified through fraud typologies, repeated complaints, unusual inflows/outflows, or prior involvement in fraud cases.
iii. Accounts flagged under the EWS shall be subject to enhanced monitoring and or/ restriction pending a full investigation.
iV. Establish a board-approved framework for EWS and Red flagging of accounts (RFA) specifically for APP fraud.
Reimbursement
Banks and OFIs shall implement a fair, timely and transparent reimbursement process for victims of APP fraud, subject to the following principles
I. Customers who are victims of APP fraud shall be eligible for reimbursement, subject to investigative outcomes.
ii. Reimbursement, where applicable, shall be made within forty-eight (48) hours from the conclusion of a documented APP fraud investigation.
iii. Where APP fraud incident involves more than one financial institution, the originating financial institution shall commence investigation immediately and notify the other institution(s) involved within 30 minutes of receiving the customer’s complaint.
iV. In the course of the investigation and data sharing, all exchange of customer information shall comply with the Nigeria Data Protection Act, 2023.
V. The institutions involved shall conduct a joint investigation to determine the lapses, amount lost or unrecoverable, modalities for joint reimbursement and measures for mitigating future occurrence and losses.
Vi. The affected institutions shall make the reimbursement within sixteen (16) working days from the date the incident was first reported.
However, not every victim of APP fraud will get their funds back. A customer is only eligible for reimbursement where a report is made within seventy-two hours (72) and cooperates with investigation. Also when there is no evidence of negligence, collusion or criminal intent on the part of the customer.
Notably, a customer will be reimbursed if the financial institution failed to implement appropriate fraud detection, warning or verification protocols that could have prevented the transaction. In a move to enhance consumer education and awareness, financial institutions shall ensure that customers are aware of available fraud reporting channels. Also they shall provide clear, accessible, and continuous education on APP fraud risks and reporting procedures.
Outlook
The CBN’s latest directive marks a significant turning point in Nigeria’s financial landscape, placing customer protection at the heart of digital banking operations. By enforcing stricter timelines, clearer investigative procedures, and accountability measures for banks and other financial institutions, the apex bank is signalling that fraud, particularly APP fraud will no longer be treated with leniency.
While the guidelines set a high bar for compliance, they equally empower customers with greater confidence to engage in digital transactions without fear of permanent loss. However, the shared responsibility remains: financial institutions must strengthen their defences, and customers must remain vigilant and report incidents promptly.
Ultimately, the success of this policy will depend on how effectively banks implement these measures and how well the public embraces safer digital habits. If executed as intended, the CBN’s framework could restore trust, minimise losses, and reinforce Nigeria’s ambition to build a secure, inclusive, and resilient digital financial ecosystem.