Cybersecurity levy ill-timed, will impact adoption of digital transactions — Andersen

…As CBN exempts 16 transactions

…SERAP alleges levy violates constitution, human rights regulations

Global financial advisory and tax firm, Andersen in Nigeria, has described the introduction of the National Cybersecurity levy as ill-timed.

The global firm noted that the new levy will negatively impact the adoption of digital transactions in the country.

The Central Bank of Nigeria (CBN) on 6 May 2024 issued a circular mandating all banks, mobile money operators, and payment service providers to implement a new cybersecurity levy, following the provisions laid out in the Cybercrime (Prohibition, Prevention, etc.) Amendment Act 2024 (“the Act”).

According to the Act, a levy amounting to 0.5 percent of the value of all electronic transactions will be collected and remitted to the National Cybersecurity Fund (NCF), overseen by the Office of the National Security Adviser.

According to the Apex Bank, Financial institutions are required to apply the levy at the point of electronic transfer origination. The deducted amount is to be explicitly noted in customer accounts under the descriptor “Cybersecurity Levy” and remitted by the financial institution.

They are also required to start implementing the levy within two weeks from the issuance of the Circular. By implication, deduction of the levy by financial institutions should commence from 20 May 2024. However, financial institutions are to make their remittances in bulk to the NCF account domiciled at the CBN by the 5th business day of every subsequent month.

Reacting via a comment seen by Nigerian NewsDirect, Andersen in Nigeria said, “The introduction of the new levy has elicited mixed reactions from stakeholders as it will inevitably increase the cost of doing business in Nigeria and may impact the growth in adoption of digital transactions.”

“While the government continues its drive to increase revenue, the introduction of this additional levy may appear ill-timed considering the current economic climate vis-a-vis the government’s commitment in the National Tax Policy of 2017 to reduce the number of taxes in Nigeria.”

The firm also opined that, “Financial institutions and payment service providers will also need to adjust their financial and operational strategies to accommodate and account for the new levy to ensure they remain compliant while managing additional costs of compliance.”

It added that business owners who rely heavily on digital transactions for receiving payment may see an increase in operational costs due to considerations on adjustments in pricing and cost transfer.

“It is therefore important for stakeholders and businesses to analyse the financial impacts of this directive on their cash flow.”

“In the meantime, Andersen will continue to monitor this space and provide updates where necessary,” the comment read.

However, the CBN listed 16 banking transactions exempted from the new cybersecurity levy.

The exemptions include; Loan disbursements and repayments, Salary payments, Intra-account transfers within the same bank or between different banks for the same customer, Intra-bank transfers between customers of the same bank, Other financial institutions’ instructions to their correspondent banks, Interbank placements.

Others include Banks’ transfers to CBN and vice versa, Inter-branch transfers within a bank,Cheques clearing and settlements, Letters of Credits, Banks’ recapitalisation related funding – only bulk funds movement from collection accounts, Savings and deposits including transactions involving long-term investments such as Treasury Bills, Bonds and Commercial Papers, Government Social Welfare Programs transactions e.g. Pension payments, Non-profit and charitable transactions including donations to registered non-profit organisations or charities, Educational Institutions transactions, including tuition payments and other transactions involving schools, universities or other educational institutions and Transactions involving the bank’s internal accounts, inter-branch accounts, reserve accounts, nostro and vostro accounts, and escrow accounts.

Reacting also, the Socio-Economic Rights and Accountability Project (SERAP) has given President Tinubu 48 hours to withdraw unlawful CBN directive imposing cybersecurity levy on Nigerians

The rights group claimed that the new levy violates the provisions of the Nigerian Constitution 1999 [as amended] and the country’s international human rights obligations and commitments.

It therefore urged President Bola Tinubu to use his “good offices to immediately direct the Central Bank of Nigeria (CBN) to withdraw the cybersecurity levy.”

SERAP also urged the President “to stop Mr Nuhu Ribadu and the office of the National Security Adviser (NSA) from implementing section 44 and other repressive provisions of the Cybercrimes Act 2024 as it flagrantly violates the provisions of the Nigerian Constitution and the African Charter on Human and Peoples’ Rights and International Covenant on Civil and Political Rights to which Nigeria is a state party.”

SERAP urged him “to direct the Attorney General of the Federation and Minister of Justice, Mr. Lateef Fagbemi, SAN to immediately prepare and present a bill to amend section 44 and other repressive provisions of the Cybercrimes Act 2024 to the National Assembly so that those provisions can be brought in line with the Nigerian Constitution and the country’s international human rights obligations.”

In a statement today signed by SERAP deputy director Kolawole Oluwadare, the organisation said, “The Tinubu administration must within 48 hours withdraw the patently arbitrary and unlawful CBN directive purportedly imposing cybersecurity levy on Nigerians.”

SERAP said, “Section 44(8) criminalizing the non-payment of the cybersecurity levy by Nigerians is grossly unlawful and constitutional.”

The statement, read in part: “Our lawyer Ebun-Olu Adegboruwa, SAN, is already preparing the necessary court papers should the administration fail or neglect to act as recommended.”

“The administration must urgently take concrete and effective measures to ensure the repeal of section 44 and other repressive provisions of the Cybercrimes Act 2024.

“If the unlawful CBN directive is not withdrawn and appropriate steps are not taken to amend the repressive provisions of the Cybercrimes Act within 48 hours, SERAP shall consider appropriate legal actions to compel the Tinubu administration to comply with our request in the public interest.

“Withdrawing the unlawful CBN directive and repealing the repressive provisions of the Cybercrimes Act 2024 will be entirely consistent with president Tinubu’s constitutional oath of office requires public officials to uphold the provisions of the constitution, and the rule of law and abstain from all improper acts.

“The repressive provisions of the Cybercrimes Act 2024 are clearly inconsistent and incompatible with the public trust and the overall objectives of the Constitution. A false oath lacks truth and justice. The oath statements require the oath takers to commit to uphold and defend the Constitution.

“Section 14(2)(b) of the Nigerian Constitution of 1999 [as amended] provides that, ‘the security and welfare of the people shall be the primary purpose of government.

“The CBN yesterday has directed banks and other financial institutions to implement a 0.5 percent cybersecurity levy on electronic transfers on the basis of the section 44 44(2)(a) of the Cybercrimes Act 2024 purportedly imposing a “a levy of 0.005 equivalent to a half percent of all electronic transactions value by the business specified in the second schedule of the Act.

“The money is to be remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser (ONSA).”

NewsDirect
NewsDirect
Articles: 50561