CBN Deploys Cybersecurity Assessment Tool to Strengthen Financial Sector Defences

Written By Ayomide Fiyinfunoluwa
cbn-issues-risk-based-cybersecurity-framework-banner-security

Cybersecurity Push: CBN Rolls Out New Risk Assessment Tool

The Central Bank of Nigeria (CBN) has introduced a mandatory Cybersecurity Self-Assessment Tool (CSAT) for all regulated financial institutions, aimed at strengthening the resilience of Nigeria’s financial system against rising cyber threats. The initiative enhances regulatory oversight and risk management across banks, fintechs, and payment service providers.

/ You Might Also Like /

Strengthening Cybersecurity Oversight

The newly introduced CSAT serves as a supervisory instrument designed to evaluate the cybersecurity posture of financial institutions. According to the CBN, the tool provides “comprehensive information” on how institutions manage cyber risks and respond to threats.

The framework assesses key areas including:

  • Cybersecurity governance structures

  • Risk management practices

  • Technology and third-party risk exposure

  • Incident response capabilities

  • Overall operational resilience

Insights generated from the tool will support risk-based supervision and improve regulatory monitoring of cyber risks across Nigeria’s financial ecosystem.

Mandatory Compliance for Financial Institutions

The CBN has directed all regulated entities including deposit money banks, microfinance banks, fintech firms, and payment service providers to complete and submit the CSAT via a dedicated portal.

Compliance timelines have been clearly defined:

  • Deposit Money Banks: three weeks

  • Other financial institutions: five weeks

Institutions are required to submit data reflecting their cybersecurity status as of December 31, 2025. The apex bank also confirmed that submissions will undergo validation through off-site reviews and supervisory checks.

Failure to provide accurate information may attract regulatory sanctions, reinforcing the seriousness of the directive.

Response to Rising Cyber Threats

The deployment of the CSAT comes amid increasing cyber risks within Nigeria’s financial system. Recent incidents highlight the масштаб of the challenge.

For instance, First City Monument Bank (FCMB) reportedly blocked an attempted cyber fraud involving over ₦2.4 billion in December 2025, although ₦677 million was successfully diverted before detection.

Such incidents underscore the growing sophistication of cybercriminal activity and the need for real-time monitoring and stronger institutional controls.

Broader industry data also indicates a steady rise in cyberattacks targeting financial institutions, driven by increased digitalisation and adoption of online banking platforms.

Regulatory Context and Strategic Direction

The CSAT builds on existing cybersecurity frameworks issued by the CBN, including risk-based guidelines that mandate financial institutions to implement preventive controls, monitoring systems, and incident response mechanisms.

The initiative aligns with the apex bank’s statutory mandate under the Banks and Other Financial Institutions Act (BOFIA) 2020 to safeguard financial system stability.

It also reflects a broader shift toward RegTech (regulatory technology), where supervisory authorities leverage digital tools to enhance compliance, transparency, and system-wide risk management.

Implications for the Financial Sector

The introduction of CSAT has several implications for stakeholders:

  • Enhanced regulatory oversight: Improved visibility into institutional cybersecurity readiness

  • Risk mitigation: Early detection of vulnerabilities and systemic threats

  • Compliance pressure: Increased accountability for financial institutions

  • Investor confidence: Strengthened trust in Nigeria’s financial system resilience

For financial institutions, the tool necessitates increased investment in cybersecurity infrastructure, governance frameworks, and skilled personnel.

The CBN’s deployment of the Cybersecurity Self-Assessment Tool marks a significant step in reinforcing the resilience of Nigeria’s financial system against evolving cyber threats. By mandating standardised assessments and strengthening supervisory oversight, the apex bank is positioning the sector to better manage digital risks. The effectiveness of the initiative will depend on compliance quality, enforcement consistency, and the ability of institutions to adapt to an increasingly complex threat environment.

READ MORE

Ayomide Fiyinfunoluwa

Written by Ayomide Fiyinfunoluwa, Housing Journalist & Daily News Reporter

Ayomide is a dedicated Housing Journalist at Nigeria Housing Market, where he leads the platform's daily news coverage. A graduate of Mass Communication and Journalism from Lagos State University (LASU), Ayomide applies his foundational training from one of Nigeria’s most prestigious media schools to the fast-paced world of property development. He specializes in reporting the high-frequency events that shape the Nigerian residential and commercial sectors, ensuring every story is anchored in journalistic integrity and professional accuracy.

connect on linkedin

Previous

Court Defers El-Rufai’s Bail Hearing to Wednesday Amid Ongoing Corruption Trial
Next

Tinubu Requests Senate Approval for ₦9tn Budget Expansion