The Central Bank of Nigeria (CBN) has issued a new directive requiring banks and other financial institutions to reimburse victims of Authorised Push Payment (APP) fraud within 48 hours, signaling one of the strongest regulatory moves yet to protect consumers against rising electronic fraud in the country.
APP fraud occurs when individuals are deceived into voluntarily sending money to fraudsters, often through impersonation, manipulation, or false promises. Unlike traditional fraud, where accounts are hacked without the owner’s knowledge, APP fraud exploits customer trust and relies heavily on social engineering techniques.
The directive, issued through a circular titled “Draft Guidelines for Handling Authorised Push Payment Fraud”, was signed by Rita I. Sike, director of the Financial Policy & Regulation Department of the CBN, and published on Tuesday. The circular lays out strict requirements for how financial institutions must investigate, resolve, and reimburse customers affected by APP fraud.
According to the CBN, victims are entitled to reimbursement once an investigation is concluded, with payments to be made within 48 hours. The circular emphasises that this process should be fair, timely, and transparent.
The guidelines also set clear protocols for incidents involving multiple institutions. In such cases, the originating bank must notify the receiving bank within 30 minutes of receiving the complaint. Both institutions are required to conduct a joint investigation, determine any lapses, assess the amount lost, and agree on reimbursement and preventive measures. In these scenarios, reimbursement must be completed within 16 working days from the date the incident was first reported.
The CBN’s move is part of a broader effort to strengthen the financial system and restore public trust in Nigeria’s digital channels. “Nigeria’s financial system has benefited immensely from the growth of digital channels such as USSD, internet banking, and instant transfers,” the circular notes. “However, the rapid adoption of these channels has also been accompanied by a surge in electronic fraud, including APP fraud, which poses serious risks to customers and the system at large.”
Under the draft guidelines, victims must report APP fraud incidents within 24 hours, although a 48-hour grace period is allowed if necessary. Reports must include transaction details, recipient information, and any supporting documents. Once a complaint is lodged, financial institutions are required to acknowledge receipt within 24 hours, issue a unique case reference number, and outline the investigation timeline. Investigations must be concluded within 14 working days, after which customers are informed of the outcome, including explanations where reimbursement is denied.
The CBN further stated that failure by banks to investigate within the stipulated timelines without reasonable justification may constitute a breach of consumer protection obligations, potentially attracting regulatory sanctions. However, customers who delay reporting beyond 72 hours without valid reasons, such as illness or delayed awareness of the fraud, may not be eligible for reimbursement—unless the incident arose from internal control failures or staff negligence.
The central bank also reserves the right to instruct relevant settlement entities, including NIBSS, to withhold settlement for fraudulent transactions, extending this to beneficiary institutions if necessary.
Overall, the draft guidelines demonstrate the CBN’s firm stance on protecting consumers, curbing APP fraud, and ensuring swift resolution of fraud cases. By mandating a 48-hour reimbursement window, the central bank aims to reinforce trust in Nigeria’s financial system and provide a clear framework for addressing one of the fastest-growing forms of electronic fraud.