Nigeria: Fintechs, Banks Await Regulation On Open Banking

By Ugo Aliogo

Operators of financial technology (fintech) companies and banks have urged the Central Bank of Nigeria (CBN) be more innovative in designing the framework for open banking in the country.

Speaking recently at the KPMG Cyber Security Roundtable in Lagos, the Director, Banking and Payments System Department, Dipo Fatokun, said the central bank would soon make public, an exposure draft on open banking in the country.

Open Banking is a system that provides a user with a network of financial institutions' data using Application Programming Interfaces (APIs).

The Open Banking Standard defines how financial data should be created, shared and accessed. By relying on networks instead of centralisation, open banking helps financial services customers to securely share their financial data with other financial institutions. Benefits include more easily transferring funds and comparing product offerings to create a banking experience that best meets each user's needs in the most cost-effective way.

According to Fatokun, the CBN was still examining the open banking framework, after which it would produce a regulation on what the banks, fintechs and other players in the sub-sector need to do as well as the risk management system.

Fatokun said the framework would be designed by an inter-department committee, saying when the committee is done with the work, it would be taken it to the Governor and his Deputy for review and approved, before the draft would be issued.

According to him: "The regulation will take sometime it is an inter-department committee that is working on it. After they have finished they would take it to the Governors who are also very interested because they know that it is something that has to do with the stability of the financial system.

"The Governor and his Deputy Governor are very interested in that work, so when they take it to them and they would review it, after it is approved, we would issue it as an exposure draft. What that means is that we will issue it to the industry and the industry will look at it and make comments on what they feel should be there and not included.

"Then those comments will be taken onboard and then it will be finalised. It is after it is finalized that it will be become deregulation. The take home for me as a regulator is that there has been a lot of inputs into what the industry expects to be in that framework when it is issued including the cyber security framework that has been issued, suggestions were made.

"One cannot say for now when the emergency of the API framework will be issued because it is an ongoing, so it is the guidelines of the cyber security we are working on for now."