Nigeria’s banking sector is racing against time to secure its systems before the country’s open banking framework goes live in August 2025. The Central Bank of Nigeria has issued a stern warning to banks and fintech companies about the cybersecurity risks that come with sharing customer data.
The warning came during a recent industry forum where CBN’s Director of Payments System Policy, Musa Jimoh, told financial institutions they must invest heavily in cybersecurity protection. Open banking should not become an easy target for cybercriminals.
“There have been so many cases of data breach around the world, and open banking should not be a door, an open door for cyber criminals to come in,” Jimoh said at the Q2 Regulators Forum. He stressed that security around payment systems and customer data must be “airtight” and “very, very hard for criminals to crack.”
The Data Sharing Challenge
Open banking works by allowing banks to share customer account information with approved third-party companies. This happens only when customers give their permission. The system uses special connections called APIs that link bank systems with fintech platforms and other financial service providers.
Once a customer agrees to share their data, third-party companies can access information like account balances, transaction history, and spending patterns. This data helps create better financial products and services that match each customer’s needs.
But this same data sharing creates new security risks. Banks are essentially opening their systems to outside companies, which creates more entry points for hackers to exploit.
The CBN official emphasized that banks must make sure customers fully understand what they are agreeing to when they give permission for data sharing. Many customers may not realize the full scope of information they are allowing companies to access.
Customer Education is Critical
Beyond technical security measures, the CBN stressed that banks need to educate their customers about potential scams related to open banking. Criminals might try to trick people by sending fake messages that ask for PINs or login details under the pretense of enrolling them in open banking services.
“Please be mindful of security around your customers because we don’t want the cybercriminals to latch onto these and begin to send messages that, ‘in order to enroll you in open banking, you need to send a PIN,'” Jimoh warned financial institutions.
The regulator said banks must do extensive customer education to prevent people from falling victim to these types of fraud. Customers need to know that legitimate open banking processes will never ask them to share sensitive information like PINs through text messages or emails.
Nigeria Leads Africa in Open Banking
Nigeria became the first African country to establish a formal open banking system when the CBN released its operational guidelines in March 2023. The framework sets out rules for how banks and other financial institutions can access and handle customer data.
Full implementation is scheduled for August 2025, giving the industry just over a month to finalize their security preparations.
The open banking system is expected to increase competition among financial service providers and lead to more innovative products for consumers. It should also make it easier for people to manage their money across different platforms and get better loan rates by sharing their complete financial picture with lenders.
However, industry experts warn that the benefits will only materialize if the security infrastructure is strong enough to protect customer data.
ALSO READ:
Naira Cards Stage a Comeback: CBN Reforms Unlock International Payments
Technical Standards Taking Shape
The CBN is working on standardizing the technical connections that will power open banking. These standards will ensure that all banks and fintech companies interact with the system in the same way.
This standardization means that a fintech company can connect to any participating bank using the same method, rather than having to create custom connections for each bank. This should make it easier and cheaper for companies to offer services across multiple banks.
“This will ensure that the way a service provider, a fintech, is making a call for account balance in one bank is the same for another bank, which makes it very easy for integration,” Jimoh explained.
Industry Response and Preparations
Banks and fintech companies are now working to strengthen their cybersecurity infrastructure before the August deadline. This includes investing in encryption technology, improving API security, and implementing stronger authentication systems.
The industry is also developing customer education programs to help people understand how open banking works and how to protect themselves from scams.
Financial institutions will need to balance making the system user-friendly while maintaining strict security standards. Too many security steps could discourage customers from using open banking services, but too few could leave them vulnerable to fraud.
What’s Ahead
The success of Nigeria’s open banking initiative will largely depend on how well the industry addresses these cybersecurity challenges. If implemented correctly, the system could transform how Nigerians access and use financial services.
But if security problems emerge, it could damage consumer trust and slow down adoption of digital financial services across the country.
The CBN has made it clear that security, privacy, and consumer protection are non-negotiable requirements for successful open banking implementation. As the August 2025 deadline approaches, all eyes will be on whether the industry can meet these standards while delivering the promised benefits to consumers.
