In a move that marks a shift in Nigeria’s approach to regulatory and antitrust issues, the tax authorities of Osun and Delta states have imposed hefty fines on Google Nigeria and Meta Platforms Inc.

The tech giants have been fined $150 million and $200 million, respectively, for allegedly failing to remit withholding taxes (WHT) on payments to content creators and entertainers in these states from 2020 to the present.

This development comes on the heels of another major regulatory action by Nigeria’s Federal Competition and Consumer Protection Commission (FCCPC), which recently imposed a $220 million penalty on Meta Platforms Incorporated. The FCCPC’s penalty was based on allegations of discriminatory practices and the misuse of Nigerian consumers’ data, highlighting an increasing focus on antitrust and consumer protection issues in the country.

Sola Adewunmi, the Executive Chairman of Osun State Internal Revenue Service (IRS), emphasized the importance of these measures, saying: “This move is not just about recovering unpaid taxes; it’s about ensuring that all companies, regardless of their size or global influence, comply with local laws and contribute their fair share to the economy.”

The fines were communicated through official letters signed by the executive chairmen of the Osun and Delta States IRS, alongside Ademola Odetunde, Chief Operating Officer of LafriquePromedia Ltd., the states’ designated revenue collection agent.

According to the letters, the companies have been accused of deducting withholding taxes from payments made to local content creators and entertainers but failing to remit these taxes to the state authorities.

The withholding tax, as defined by Nigerian law, serves as an advance payment of income tax that must be deducted at the source of payment for specific commercial transactions. These taxes should be remitted to the relevant tax authority within 21 days following the end of the month in which the transaction occurred.

The fines imposed on Google and Meta cover the period from 2020 to date, during which these companies allegedly did not comply with the remittance requirements.

Ademola Odetunde, speaking on behalf of the IRS, stated, “We observed that over the years, your companies willfully refused, failed, and neglected to remit the withheld tax to the local tax authority for Osun and Delta states, Nigeria.” He added, “The law permits us to prosecute the offending non-resident companies and take necessary steps to recover the WHT.”

The actions taken by Osun and Delta states, along with the FCCPC’s recent fine, signify a broader regulatory wakeup call in Nigeria. Historically, the country has been perceived as relatively lax in enforcing antitrust and tax regulations, particularly against large multinational tech companies.

However, recent events suggest a more assertive stance is being adopted.

Legal and Financial Implications

The financial penalties are significant, but the potential legal implications could be even more consequential. Under Nigerian law, the penalties for non-compliance include a 10% fine on the amount not deducted or deducted but not remitted, plus interest at the prevailing commercial rate, which is currently 21%.

Furthermore, officers of non-compliant companies may face prosecution, which could result in imprisonment, fines, or both if found guilty of tax evasion.

LafriquePromedia Ltd. has been in communication with both companies since October 13, 2023, but according to Mr. Odetunde, these efforts have not yielded the desired results. The companies have been given a 14-day notice period, starting from July 12 for Google and July 19 for Meta, to comply with the remittance requirements or face further legal actions.

The Regulatory Shift

The fines against Google and Meta are part of a broader trend of increased regulatory scrutiny of big tech companies globally. In Nigeria, these actions reflect a growing determination to enforce compliance with local tax and regulatory laws.

The recent actions by the FCCPC and state tax authorities suggest that Nigeria is moving towards a more stringent regulatory regime, particularly concerning the activities of multinational corporations in the digital and tech sectors.

The fines and regulatory actions are intended not only to recover lost revenues but also to send a clear message that compliance with local laws is non-negotiable.

“This incident is a wakeup call for all multinational companies operating in Nigeria,” said Solomon Ighrakpata, Executive Chairman of Delta State IRS. “It highlights the importance of adhering to local tax regulations and the consequences of non-compliance.”

The outcomes of these cases will likely influence future regulatory actions and set precedents for how multinational tech companies are treated across Nigerian states.

Two things destroy organizations and missions:.

(1) A culture where a manager can never be wrong because the assumed influence & power is used to make mistakes look “correct”.

(2) Incompetent managers who do not honestly know they do not know, to even manage or teach others.

That #2 takes me to Engineering Drawing ENG 103 in my undergraduate years in FUT  Owerri. An honest senior student who wanted to help newbies wasted everyone’s time, as he tried to teach what he did not know.

If you are faced with #2, it is better to update the resume/CV because that company’s mission is validly lost, irrespective of the level of energy.

The software update gone awry from CrowdStrike, a prominent cybersecurity firm, led to what is being described as the largest IT failure in history, affected a broad spectrum of industries, and is projected to cost U.S. Fortune 500 companies an estimated $5.4 billion.

This staggering figure does not include the losses incurred by Microsoft, whose systems were also disrupted during the crisis.

The financial impact is particularly severe in the banking, healthcare, and airline sectors, where insurer, Parametrix, predicts insured losses for non-Microsoft Fortune 500 companies to range between $540 million and $1.08 billion.

The incident, which has illuminated the fragility of modern technological infrastructure, where a single error in an update can have catastrophic global repercussions, grounding flights, disrupting hospital operations, and crashing payment systems, has been the subject of discussions for days.

The crisis began with a seemingly routine malware signature update from CrowdStrike’s flagship Falcon platform, a cloud-based service designed to protect businesses from cyber threats. However, this update contained a critical bug that led to widespread system failures. Specifically, 8.5 million Windows machines experienced crashes, manifesting as the infamous Blue Screen of Death.

CrowdStrike, headquartered in Texas and valued at around $83 billion prior to the incident, has been at the forefront of cybersecurity, serving approximately 538 of the Fortune 1000 companies. The ubiquity of its services meant that the consequences of the faulty update were felt globally, revealing the extent to which businesses are reliant on a few key technology providers to maintain operations.

Since the incident, CrowdStrike has lost roughly 22% of its stock market value. The company has issued multiple apologies and released a detailed postmortem report on Wednesday, outlining the steps it will take to prevent such incidents in the future. These steps include enhanced software testing protocols and a phased rollout of updates to mitigate the risk of widespread simultaneous failures.

The CrowdStrike outage has had far-reaching implications, with some sectors facing more significant disruptions than others. Delta Air Lines, for instance, has been particularly hard-hit, canceling and rescheduling hundreds of flights. The U.S. Department of Transportation has opened an investigation into Delta’s response to the crisis, highlighting the severe impact on passengers, including families unable to reunite and individuals stranded abroad.

The healthcare sector also suffered major disruptions, with hospitals reporting difficulties in accessing critical systems. Payment systems across various industries went offline, causing further chaos and underscoring the interconnectedness of today’s technological infrastructure.

 Regulatory and Legal Fallout Expected

The fallout from the CrowdStrike outage extends beyond immediate operational disruptions. The U.S. House Committee on Homeland Security has formally requested public testimony from CrowdStrike CEO George Kurtz.

In a letter signed by Committee Chairman Mark E. Green and Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew R. Garbarino, the committee emphasized the seriousness of the incident.

The committee letter reads: “We cannot ignore the magnitude of this incident, which some have claimed is the largest IT outage in history. In less than one day, we have seen major impacts to key functions of the global economy, including aviation, healthcare, banking, media, and emergency services.”

They noted that this failure must serve as a broader warning about the national security risks associated with heavy network dependency, especially considering that hostile nation-states such as China and Russia may exploit such vulnerabilities.

The committee’s letter highlighted the urgency for transparency and accountability, urging Kurtz to explain the incident’s causes and the measures CrowdStrike is taking to prevent future occurrences.

While the current request for testimony is voluntary, the committee has the authority to issue a subpoena if necessary.

Given the scale of the incident and the significant financial losses incurred, CrowdStrike is likely to face regulatory penalties and potential legal actions from affected companies. The U.S. Securities and Exchange Commission (SEC) may investigate whether the company adequately disclosed the risks associated with its update protocols. Additionally, class-action lawsuits from affected businesses are a strong possibility, as companies seek compensation for the losses and operational disruptions they endured.

In response to the crisis, CrowdStrike has pledged full transparency and accountability. Kevin Benacci, Senior Director of Corporate Communications at CrowdStrike, confirmed that the company is in active communication with relevant Congressional Committees.

The company is offering its partners a $10 Uber Eats gift card as an apology, according to several people who say they received the gift card. CrowdStrike spokesperson Kevin Benacci confirmed to TechCrunch that the company sent the gift cards.

“We did send these to our teammates and partners who have been helping customers through this situation. Uber flagged it as fraud because of high usage rates,” Benacci said in an email.

CrowdStrike has also committed to providing a detailed explanation of the incident and outlining preventive measures to avoid similar occurrences in the future. CEO George Kurtz has publicly promised to offer a comprehensive account of the incident, both to the public and to regulatory bodies.

The technical glitch was linked to a malware signature update that caused Falcon software to malfunction. Operating at a low level within the Windows kernel, Falcon’s failure led to widespread system crashes. CrowdStrike’s significant market share in the Endpoint Protection Platform sector—14.7%, second only to Microsoft’s 40.2%—amplified the impact of the faulty update, affecting millions of Windows devices globally.