Introduction
Paystack, Moniepoint, and Opay, some of the biggest names in the Nigerian fintech space, have all been hit with major fines by the Central Bank of Nigeria (“CBN”) in the last 18 months, some as high as N1 billion.
So, what happened? Compliance slipped through the cracks.
It’s a common story, startups get caught up in building products, chasing growth, and gaining market share, while regulatory compliance takes a back seat. That is, until the regulator comes knocking. If you’re building or managing a fintech, this is one mistake you don’t have to make.
In this Newsletter, we discuss easy steps to adopt to keep your business compliant as you scale.
Practical Steps for Ensuring Compliance
- Know What Your License Actually Covers
As a fintech grows and competition heats up, it’s tempting to push boundaries, launch new products, enter new markets, serve new users. But if you don’t fully understand your license, you’re one step away from huge fines, sanctions, or even losing your license entirely.
For instance, if you have a Switching license, you’re allowed to process transactions among other things however you are not authorized to hold customer funds. Adding deposit-taking features without the right license is like hitting the expressway in a trailer with just a learner’s permit and no licensed driver beside you. It’s bold, it’s reckless, and CBN definitely won’t look the other way.
Hence to stay compliant, you need to understand the different licenses and their limitations. Nigeria’s fintech space is regulated under several license. Key license categories include:
- Card Payment Schemes;
- Mobile Money Operations (“MMO”);
- Switching & Processing;
- Payment Solution Services (“PSS”) (covering Payment Terminal Service Provider (“PTSP”), Payment Solutions Service Provider (“PSSP”), and Super-Agent licenses);
- Payments Service Holding Company (“PSHC”);
- Payments Terminal Service Aggregator;
- Clearing House; and
- International Money Transfer Operators (“IMTO”).
Curious about what each license really allows and what it doesn’t? Check out our publication on fintech licenses to get familiar with the scope of your licences.
- Collaborate in the Fintech Space with Caution
Let’s be honest, no single fintech license covers everything. That’s why partnerships are a big part of driving innovation. But here’s the catch, team up with a bank, a payment company, or any other financial institution without CBN’s approval especially when it comes to new products or services, and you could be walking straight into trouble. Just recently, Paystack was reportedly fined N250 million by the CBN for introducing its Zap product, which included a wallet feature, in partnership with a bank, without securing the necessary regulatory clearance.
The rule is clear, fintechs must obtain CBN’s prior written approval before entering into any form of collaboration with other licensed financial institutions. So, what’s your best bet? Engage early and keep CBN in the loop from the start of product development to rollout.
- Thinking Big? You Might Need Multiple Licenses
If your fintech product offers a broad range of features and financial services, a single license may not cover it. Where you intend to provide services cutting across different license categories (e.g. MMO and the PSS license category), the CBN requires you to set up a PSHC to hold both licenses. Each license must be housed in a separate subsidiary to ensure regulatory clarity and avoid operational overlap. A great example is Interswitch. While it began as a Switching company, it later established Interswitch PSHC Nigeria Limited to remain compliant as it expanded into other areas of the payment ecosystem.
However, if you intend to acquire multiple licenses within a single category (e.g., the Super- Agent and the PTSP licenses under the PSS category), you can hold them in a single entity without necessarily forming a PSHC. Companies like Upperlink and Olive Payment have done this successfully.
- Know your Regulator and your Obligations
It’s not just about the CBN. Depending on what you do, your fintech could also fall under the purview of other regulators such as the Nigerian Data Protection Commission, Securities and Exchange Commission, Nigeria Deposit Insurance Corporation, Nigerian Communications Commission, and Financial Reporting Council of Nigeria and each of these regulators have their own set of rules. That’s why a solid legal team isn’t optional. You need experts who understand the terrain and can keep you compliant across the board.
In our coming Newsletters, we will break down the mandate of each regulator and some of your respective compliance obligations.
- Audit yourself before the Regulator Does it for you
Regular internal audits are a must. They help you spot compliance gaps especially in relation to anti-money laundering (“AML”), counter-terrorist financing (“CFT”), data protection, licensing terms, and consumer protection obligations.
Before launching any new product or service, conduct a comprehensive pre-launch compliance audit to ensure that your framework and offerings are not violating any laws. Review contractual arrangements with partners, and customer onboarding flows to make sure everything’s in line.
- A Legal Team isn’t Optional
Too many startups think of legal counsel as a cost center. In reality, they’re a growth enabler. Your legal team helps:
- Keep products aligned with your license
- Navigate regulatory engagement
- Pre-empt costly compliance failures
Without the right advisors, you’re not just scaling fast, you’re flying blind.
Final Thoughts
As a founder or investor, compliance isn’t a checkbox, it’s a growth strategy. Know your license, tread carefully with partnerships, engage regulators early, and audit your operations regularly. Most importantly, have the right legal team in your corner. It’s the difference between scaling confidently and flying blind.
This article is part of our ongoing series on fintech compliance in Nigeria. Subscribe for more insights on building legally resilient digital financial services.
