By Becky Usman
The Central Bank of Nigeria (CBN) has taken a strong stance against financial crimes by issuing its Customer Due Diligence Regulations 2023 for financial institutions under its supervision. These regulations aim to enhance compliance with anti-money laundering (AML) and counter-terrorism financing (CFT) measures while aligning with international standards.
As part of the Know Your Customer (KYC) requirements, the CBN has made it obligatory for financial institutions to collect and verify customers’ social media handles. This addition seeks to improve the accuracy and depth of customer identification.
The new regulations work in conjunction with the existing provisions outlined in the CBN’s Anti-Money Laundering, Combating the Financing of Terrorism and Countering Proliferation Financing of Weapons of Mass Destruction in Financial Institutions Regulations of 2022. They further strengthen the fight against money laundering, terrorism financing, and proliferation financing.
Financial institutions must establish internal processes and procedures for conducting customer due diligence for both potential and existing customers, including occasional customers. The regulations emphasize the identification of customers, both individuals and legal entities, and require specific information such as legal names, addresses, contact details, identification documents, account types, nature of banking relationships, and signatures. Additionally, there is an emphasis on identifying politically exposed persons (PEPs).
To verify customer identities, financial institutions must rely on reliable and independent source documents, data, or information. For individuals, this involves confirming personal details like date of birth, residential address, contact details, and the validity of official documentation. In the case of legal entities or arrangements, financial institutions are required to conduct searches on public registries or databases, review annual reports or relevant financial statements, and examine board resolutions.
The regulations underscore the significance of record-keeping and the maintenance of up-to-date customer information. Financial institutions must retain records obtained through customer due diligence measures, account files, business correspondence, and analysis results for at least five years following the termination or cessation of a business relationship or an occasional transaction.
Regular reviews of existing customer records are mandatory and based on risk categories. High-risk customers necessitate annual reviews, medium-risk customers require reviews every 18 months, and low-risk customers require reviews every three years.