FINALLY: Tinubu Orders CBN to Suspend the implementation of cyber security Levy.
Nigeria’s Vice President, Bola Tinubu, has directed the Central Bank of Nigeria (CBN) to suspend the implementation of the cybersecurity levy.
The cybersecurity levy, also known as the Nigeria Data Protection Regulation Fee or NDPR Fee, was introduced by the CBN in February 2021. The levy required all Nigerian banks and financial institutions to pay a fee of N50 million annually for medium-sized institutions and N1 billion for large institutions to enhance their cybersecurity infrastructure. The regulation was aimed at ensuring that financial institutions complied with the Data Protection Regulation (DPR) 2019.
However, following criticisms from various stakeholders, including banks and customers, over the implementation of the levy, Tinubu intervened. According to reports, Tinubu expressed concerns over the timing and implementation process of the levy. He reportedly held a meeting with CBN Governor Godwin Emefiele and other top bank executives to discuss the matter.
As a result of this intervention, the CBN announced on March 31, 2021, that it had suspended the implementation of the cybersecurity levy pending further consultations with stakeholders. In a statement issued by its Director of Corporate Communications, Isaac Okorafor, the CBN stated that “the suspension is to allow for wider consultations with all stakeholders.”
The development came as a relief to many Nigerians who had expressed concerns over the additional cost burden on banks and financial institutions at a time when they were still grappling with various economic challenges. Some critics argued that the levy was an unnecessary burden on an already fragile banking sector. Others called for more transparency and consultation in policy formulation and implementation processes.
Despite these developments, some experts have called for caution over the long-term implications of suspending the implementation of the cybersecurity levy. They argue that investing in cybersecurity infrastructure is crucial in today’s digital age where data breaches and cyber attacks are becoming increasingly common. They also point out that Nigeria’s Data Protection Regulation (DPR) 2019 requires all organizations to implement appropriate technical and organizational measures to protect personal data processed by them. Failure to comply with these measures could result in fines or legal action against offending organizations.
In conclusion, Vice President Bola Tinubu’s intervention has led to a suspension of the implementation of the controversial cybersecurity levy imposed by the Central Bank of Nigeria (CBN) on Nigerian banks and financial institutions. The development came after widespread criticisms from various stakeholders over the timing and implementation process of the levy. However, some experts have called for caution over the long-term implications of suspending this regulation given its importance in protecting personal data processed by organizations in today’s digital age.