The Central Bank of Nigeria (CBN) has directed deposit money banks, fintech companies, and other licensed payment service providers to ensure that all payment transaction data generated within Nigeria is stored on local servers starting from January 1, 2027. The directive is part of new regulatory steps aimed at tightening the oversight of the country’s fast-growing digital financial system.

 

Under the new policy, financial institutions will be required to retain sensitive transaction records within Nigeria rather than relying on foreign-based servers. The apex bank said the move is intended to strengthen data security, improve regulatory supervision, and ensure quicker access to financial information for monitoring and investigative purposes.

 

The CBN explained that the expansion of digital payments and fintech services has made stronger data governance necessary, especially as concerns grow around cyber risks, compliance gaps, and cross-border data access delays during financial crime investigations. It added that keeping data locally would enhance national control over critical financial infrastructure.

 

The policy is also expected to drive investment in local data centers and cloud storage capacity as operators adjust to the new compliance requirements. The CBN warned that full implementation will be mandatory by the 2027 deadline, with sanctions likely for institutions that fail to comply.