Adedeji Olowe - A safe place to rant

The case for Open Finance in Nigeria

When you and I get paid, the money is mostly gone within days. It goes to the landlord, the electricity disco, the pension fund, the insurer, and whatever survives finds its way into the local market on the next street. Moving money is the one thing Nigerian finance has actually done better than any other country in Africa.

What doesn’t move is everything those payments say about us. Your landlord knows you have never missed rent, your telco has seen you buying airtime for over 20 years on the same SIM, your internet provider knows you never joke with your data subscription. If you are one of the lucky few to have an HMO, they know your company is paying for you without fail. You are as low risk as they come. Any lower risk and you are probably an angel. Yet not one of them has a reason or a route to tell the bank or money lender that is about to price your loan. So you get judged as a stranger on a sliver of a life you have already documented across half the financial system, because that sliver is all the data is allowed to reach.

The argument I’m making for open finance in Nigeria is rooted in how people truly use money. Transacting cuts across payments, credit, insurance and investment, sometimes within a single day, and the infrastructure underneath all of that needs to reflect that reality. Right now it largely does not, and the consequences show up in ways that are easy to miss individually but significant in aggregate. Credit decisions get made without full context, insurance products cannot reach the people who need them, and pension data sits behind closed doors.

So while I understand why the first response to this conversation is usually some version of “but we are not done with open banking yet,” open finance is really the same idea extended, taking the principle of financial interoperability and applying it across the full surface of financial services rather than just one part of it. And that is precisely why it deserves serious attention right now, while the open banking conversation is still being shaped.

So what does open finance actually mean

Open finance is the natural extension of open banking to the full scope of a person’s financial life. Where open banking focuses specifically on bank accounts and payment data, open finance applies the same standardized, consent-based, API-driven framework to every institution that holds financially relevant data about you. That means insurance companies, pension fund administrators, investment platforms, capital market operators, mortgage providers, and in many implementations, utilities and telecommunications providers as well.

The mechanics are similar to open banking. A person grants explicit, informed consent for a specific third party to access specific data held by a specific institution, for a specific purpose, for a defined period of time. The institution is required to make that data available through a standardized API. The third party can then use that data to deliver a product or service. The person retains the ability to revoke that consent at any time. What changes is the scope of the data that can be consented to, and therefore the scope of the products and services that become possible.

When a fintech or a lender or an insurance provider can see your full financial picture, with your permission, the products they can build for you stop being generic and start being genuinely relevant to your actual situation. The shift is from financial services that treat you as a category to financial services that understand you as a person.

We’ve seen what open banking can do, and it’s only the beginning

Open banking has always been simple to describe and difficult to land. At its core, it is about giving people a standardized and regulated way to grant access to their own bank accounts, their transaction data, their balances, their payment rails, to third parties of their choosing. The key words there are “standardized” and “consented.” The whole model runs on open APIs and a regulatory framework that defines how that data can be accessed and used.

The reason open banking captured so much attention when it first started gaining traction globally is that the underlying idea is genuinely powerful. Giving people portable, programmable access to their own financial data fundamentally shifts the power dynamic between individuals and institutions. Before open banking, your financial history lived inside your bank and your bank alone, and if you wanted to do anything useful with it, you had to go through that same bank.

Open banking broke that monopoly and said your data belongs to you, you should be able to take it wherever it creates the most value for your life. Once you accept that logic, the obvious next question is why it should stop at banking. The financial footprint of a person’s life runs through far more institutions than just their bank.

The countries that recognized this early are already operating at a different level. Australia built the Consumer Data Right, a national framework that started with banking and has been deliberately extended to energy and telecommunications, with other sectors to follow. The architecture was designed from the beginning to be sectoral, meaning each new industry plugs into the same consent and data portability infrastructure rather than building its own from scratch.

The UK’s open banking implementation, one of the most mature in the world, has generated an entire ecosystem of financial products that simply couldn’t have existed when data was locked inside individual institutions. The EU’s PSD2 directive created a regulatory baseline across multiple countries that forced banks to open their APIs and, in doing so, triggered a wave of fintech innovation that is still accelerating. In each of these cases, the governments involved made a deliberate decision that the benefits of data portability were significant enough to justify the disruption of building toward it.

What becomes possible when open finance works, and why we can’t afford to wait

When I think about why this is worth the difficulty, I keep coming back to the use cases that only become possible when financial data flows freely and with consent across sectors. And then I think about how long we’ve already been waiting, and the urgency becomes harder to ignore.

Today, most credit decisions in Nigeria are made using a fairly narrow data set, primarily bank transaction history, and often not even that for people without formal banking relationships. If you’re a salaried worker who pays all their bills on time, maintains a pension, and has a clean insurance record, none of that information typically factors into whether someone will lend to you or what rate they’ll offer.

A lender operating in an open finance environment could, with your permission, look at your electricity payment history, your pension contributions, your insurance behavior, and your mobile money activity alongside your bank transactions. The credit picture becomes dramatically more accurate and dramatically more inclusive, particularly for the large share of Nigerians who are underserved or excluded by the current system.

Think about cash flow management for individuals. A fintech built on open finance infrastructure can monitor your wallet balance, your upcoming bill payments, your salary schedule, and your airtime usage all at once. When your airtime is about to run out, it can top it up automatically from the right account at the right time. When a bill payment is coming in three days and your balance is tight, it can show you a short-term credit option before you’re already in trouble.

The same logic extends to insurance, to investment, to virtually every financial product. Personalization at scale requires data at scale, and data at scale requires the kind of interoperability that only a proper open finance framework can deliver.

Which brings me to the argument I keep hearing: let’s get open banking right first, and then we can talk about open finance. I’ve heard it, probably even made a version of it at some point. The problem is that the infrastructure decisions being made right now in open banking will either make open finance easier to build later or annoyingly harder. If we design the open banking architecture without any consideration for how insurance, pensions, and capital markets might eventually plug into it, we’ll spend years retrofitting things that could have been built with extensibility in mind from the start. Every month we delay that conversation is a month of technical decisions being locked in without the benefit of that longer view.

Beyond the architecture concern, there’s a timing reality that doesn’t get discussed enough. The regulatory appetite and political attention that goes into building standards tends to cluster. Getting stakeholders, regulators, and industry players to agree on a framework and actually implement it requires a sustained and concentrated push. If we exhaust all of that energy on open banking and then have to restart from scratch for open finance, we are setting ourselves up for another nine to ninety year cycle, and we’ve already seen what that looks like.

Who’s supposed to run this thing?

Here is where things get genuinely complicated, and I want to be direct about it because it’s the kind of issue that gets talked around rather than addressed.

Open finance is not a single-regulator problem. Banking falls under the Central Bank of Nigeria. Insurance falls under NAICOM. Pensions fall under PenCom. Capital markets fall under the SEC. Telecommunications, which is increasingly central to financial identity and behavior in Nigeria, falls under the NCC. For open finance to work, all of these bodies need to operate from a common data standard, the same definitions, the same APIs, the same rules about what consent looks like and how data can be used.

The CBN has been working on open banking for nine years and we’re still not at a fully operational, standardized, live system. Given that, what is the realistic probability that five or six different regulators, each with their own mandate, their own timelines, their own institutional interests, will spontaneously coordinate themselves into a coherent open finance framework? Probably not in the next decade, and very possibly not in the next several decades if history is any guide.

Inter-regulator coordination simply cannot be the primary mechanism here. The answer has to come from above the regulators. My view is that this is something the Federal Government itself needs to own, specifically the Ministry of Finance in its role overseeing the financial sector broadly, working in concert with the NCC given the centrality of telcos to any realistic data infrastructure in Nigeria.

What this would look like in practice is a national standard-setting body, something at the government level with a cross-sector mandate, that defines the open finance framework, sets the technical standards, and has the authority to bring each regulator and their respective industries into alignment. That’s the architecture that could actually work, because it doesn’t rely on regulators voluntarily ceding ground to each other and gives them a common structure to operate within.

There is no version of this that is not hard

I want to be clear-eyed about the difficulty here. Building a national open finance framework in Nigeria is truthfully hard. The coordination, technical work and the political will required is substantial. Not to mention the process of getting every vertical, banking, insurance, pensions, capital markets, telcos, to build to a common standard while also managing their existing operations. Anyone who tells you otherwise is either not thinking carefully about the problem or is trying to sell you something.

The difficulty of a thing is not, by itself, an argument against doing it. Nigeria has a large population, a young demographic, a growing fintech sector, and a financial inclusion challenge that won’t be solved by the current disconnected architecture. The countries that build coherent, interoperable financial data infrastructure now are the ones that will have the most capable fintech ecosystems in ten years. The ones that wait for the perfect moment, or let the coordination problem become an excuse for indefinite deferral, will spend that same decade watching the gap widen.

We don’t have the luxury of doing this slowly just because it’s complicated.

Releasing telco data for underwriting is better for the poor

Consent-based telco data could become the first credible risk signal for people without formal credit histories. If lenders can access phone usage patterns through open APIs, with explicit customer permission, auditability, and privacy controls, millions of invisible borrowers may finally get a fair shot at small-ticket credit.

If you spend enough time around lenders trying to serve everyday people in developing countries, you’ll notice that their biggest frustration is not even defaults. Yes, defaults hurt, but most of them accept that as part of the business. What keeps them stuck is more basic. They struggle to make confident credit decisions because, for a large part of the population, there is nothing reliable to base those decisions on.

The chicken-and-egg nature of this problem is something I’ve been thinking about for a long time. I wrote a piece on it last year, and even before that, I had co-authored a 2021 paper on using open APIs to drive financial inclusion through credit scoring built on telecoms data. The contradiction is obvious the moment you state it plainly. You need credit history to access credit, but you can only build credit history by accessing credit.

So if you’ve never had a formal loan, never held a bank account long enough for it to mean something, never interacted with any financial institution in a way that left a data trail, where does your story begin? For most people trying to enter the formal lending world, it doesn’t begin anywhere. You don’t exist as a credit subject, which is a polite way of saying that nobody is going to give you money regardless of how reliably you’ve managed every dollar that has ever passed through your hands.

So credit providers end up guessing, tightening, or stepping away entirely. None of those outcomes expands the market.

So what has worked in Africa, when so many other things haven’t?

Africa has seen a lot of well-meaning interventions that arrived with serious fanfare and left very quietly. Banking penetration has been a decades-long project with results that remain modest across many markets. Credit bureaus exist, but their coverage is thin because you cannot bureau-fy people who have never been inside the system in the first place. Identification infrastructure is still catching up in most places. But if you ask what technology has reached the population across the continent, there is one practical answer, and it’s the mobile phone.

Phones are everywhere, and I don’t say that loosely. The average Nigerian is carrying two, three, sometimes four SIM lines simultaneously, and that pattern repeats itself across the continent in ways that have consistently surprised economists and policy people who expected adoption to crawl.

What happened instead is that Africans skipped entire layers of infrastructure that the rest of the world spent decades carefully constructing and went straight to mobile. They use their phones for everything, communication, money transfers, business coordination, accessing information, entertainment, maintaining social networks that would otherwise require physical proximity. For most people at the base of the pyramid, the phone is the technology of their entire connected existence, and they have embraced it with an enthusiasm that no government awareness campaign could have manufactured or sustained.

There are even academic papers now making the case that the way a person uses their phone is predictive of their creditworthiness, and the logic holds up. The patterns are there in the data: call frequency, network breadth, airtime recharge behavior, mobile money activity, data usage consistency over time. None of these data points were designed with lending in mind, but together they show patterns of behavioral reliability and economic rhythm that can give lenders a first risk signal where a credit file does not exist. The data is already being generated every single day, sitting with the telcos, produced by the hundreds of millions of people who have no credit score but active SIM cards and consistent patterns of behavior that a decent model can read.

Why NCC can’t solve this alone, and why GSMA should care

The Nigerian Communications Commission has a mandate, and financial inclusion sits outside the center of it, and that’s not a criticism of the NCC so much as a simple observation about institutional scope and design. The GSMA, on the other hand, operates at a continental level and has always had financial inclusion threaded through its thinking about what mobile’s social role actually is and should be. That puts the GSMA in a position to shape something useful across multiple markets.

I’m proposing a consent-based framework, most likely built around open APIs, where customers can authorize access to their phone usage history specifically for the purpose of credit assessment. Consent here has to carry real weight. That means consent cannot just be a checkbox buried inside a loan flow. This framework has nothing to do with telcos quietly selling behavioral data to lenders or anyone having access to anyone’s information without a clear, traceable, customer-triggered permission event tied to a specific loan request. The customer controls access. They open it when they want a loan, they see exactly who is asking for access and what they’re asking for, and the telco releases the data under conditions that make it useful for underwriting without turning it into something that can be repurposed for surveillance or profiling beyond the stated use case.

The economics of this model are straightforward, and that cleanliness is part of why I think it has real legs. The consumer doesn’t pay out of pocket, which matters when you’re talking about people for whom every transaction cost is a real consideration. They’re already the asset in the sense that their data is what makes the whole thing function, but they receive value back in the form of credit access they couldn’t get through any other channel.

The lender pays for the data, which is reasonable because they’re acquiring a risk assessment capability they currently don’t have and need. The telco monetizes an asset they’re already sitting on, generated as a byproduct of their existing operations, without doing anything extractive or exploitative to produce it. Each party gets something it wants and contributes something the others need. That is why the model can sustain itself without requiring ongoing subsidies or regulatory mandates to keep it alive.

The model also needs a customer-visible record. Every time a lender pulls a customer’s telco data, the customer should receive a real-time notification telling them exactly what was accessed, when, and by whom. That notification architecture isn’t technically complicated to build into the system, and it does work beyond the mechanics of data access. It helps build trust by making customers feel like informed participants rather than data sources that get mined without their knowledge. Without that distinction, customers may eventually see the whole thing as another data grab.

MTN killing Xtratime shows how fragile small-ticket credit still is

MTN recently stopped giving out Xtratime loans, and the reasons sit somewhere in the space between FCCPC regulatory pressure and compliance positioning that I won’t pretend to fully judge from where I’m sitting. But every time a major credit provider, whether it’s a bank, a telco, or anyone else operating at that scale in the small-ticket credit market, decides to exit: the people who absorb the damage are usually the people at the bottom of the pyramid.

There’s that saying about when two elephants fight, it is the grass that suffers, and it applies here with a precision that should make anyone in financial services uncomfortable. The regulatory arguments are real, compliance concerns are legitimate and the internal risk calculations that led to the decision are probably defensible on paper. Unfortunately, none of that changes the outcome on the ground for millions of people who are borrowing airtime and data to cover the gap between today and whenever their next income cycle lands.

Those people don’t get a press release explaining the regulatory rationale. Instead, they get a closed door slam shut in their faces, and then they turn to the next available option, which is very rarely another regulated institution with reasonable rates and consumer protection obligations. It’s a moneylender with very different incentives, or a family network already under its own financial strain, or simply going without and managing the consequences of that.

Or worse still, forced to consider unethical alternatives.

The telco data model I’m describing is partly a direct response to this kind of fragility in the system. If the underwriting infrastructure for small-ticket credit is better, more distributed across multiple lenders rather than concentrated in a few major players, then the system becomes more resilient to these kinds of exits. One major player pulling back doesn’t collapse the whole market because the capability to assess creditworthiness for people without formal credit files is embedded in the infrastructure itself rather than sitting inside any single institution’s proprietary system.

Walking through how this actually works when someone needs a loan

Here is how it works when someone needs a loan.

Someone needs a loan, maybe it’s $10, maybe it’s $100, and the amount doesn’t change how the process works. They approach a lender. The lender, rather than asking for a credit score that doesn’t exist or collateral that the borrower doesn’t have, instead asks for consent to access six months of phone usage data through the telco. The customer gives that consent on their device through the available interface, a push notification, an in-app prompt, and the telco generates a one-time, purpose-limited data package in direct response to that consent event.

That package needs specific properties for privacy and trust. It is genuinely single-use, meaning the lender cannot pull the same data again without initiating a completely fresh consent process with the customer.

The phone numbers that appear within the dataset are not exposed raw. They are hashed or encrypted with consistent values across the dataset, and even then the lender should only receive the features needed for underwriting. The lender can see behavioral patterns, such as whether this person regularly communicates with a stable network of contacts or whether their call behavior is consistent and not erratic, without receiving the actual phone numbers in that person’s communication history. The lender looks at the timing patterns, the usage consistency, the behavioral signals that the model surfaces, makes a credit decision, and either extends the loan or declines.

When the customer comes back for another loan later, the process starts fresh with a new consent event and a new one-time data pull. Nothing accumulates on the lender’s side without an explicit new permission, and the customer’s data doesn’t sit in a lender’s database being used for purposes they never agreed to.

One hard part in this model is USSD. Many of the people this whole framework is designed to reach still rely on USSD for their phone interactions because smartphone penetration, while growing fast, hasn’t reached everyone yet. Building a clear consent flow over USSD is technically harder than building it through a smartphone interface, and any implementation that only works smoothly for smartphone users has already left out a portion of the exact population it was supposed to serve. That is solvable, but it requires deliberate attention during design, not bolted on after the smartphone version is built.

Telco data can become the first credit file

The data exists, and the need exists. The technology to connect them in a consent-based way that protects customers and still makes commercial sense also exists. What has been missing is an institution with enough reach to build the framework, and the strongest candidate for that framework is an organization like the GSMA that operates simultaneously across the telco industry and the financial inclusion space without being owned by a single telco or lender.

The people who need credit the most are consistently the ones who have the least documentation of their reliability, and that is where traditional credit systems fail. Telco data doesn’t solve every dimension of that problem, and I’m not suggesting it does. It is not a replacement for credit bureaus. But it addresses the immediate blocker, which is giving lenders a credible signal to assess someone who has never had a formal credit relationship in their life.

When lenders have something credible to look at, some of them will lend. When some of them lend to people who couldn’t access credit before, and those people repay, the data trail from those transactions starts to build the credit history that was missing in the first place. But that repayment history has to become portable, through credit bureaus, open finance rails, or another recognized system. Otherwise, the borrower only graduates inside one lender’s database.

That is the practical value of consented telco data: it can become the first credit file for people who currently have none.

The Fintech Act is a bad idea with good intention

Every few years, Nigeria tries to tidy up its financial system with a new idea that sounds orderly at first glance and truthfully there is something genuinely worth acknowledging in the motivation behind the newly proposed Fintech Act. The legislators who have championed it are responding to a real and visible problem: Nigeria’s financial technology sector has grown faster than the regulatory thinking applied to it, and the resulting patchwork of guidance, enforcement, and oversight has created genuine uncertainty for investors, operators, and consumers alike. The intention to bring coherence to this scene deserves credit. However, the method chosen to achieve it deserves serious scrutiny.

And yet, good intentions are not a sufficient foundation for sound policy. The proposed Fintech Act, which seeks to create an entirely new regulatory body to oversee fintech companies in Nigeria, reflects a fundamental misunderstanding of what the problem actually is and, consequently, proposes a solution that would make things considerably worse. The bill, which passed through the House of Representatives and subsequently stalled in the Senate, where lawmakers signalled the need for substantial revision, should not simply be reworked. The core premise that another regulator is the answer deserves to be challenged outright.

The very framing of “financial technology” as a unified category requiring its own standalone regulator reveals a conceptual confusion at the heart of the proposal. Finance and technology are not a single industry. They are two distinct domains whose intersection produces services that already fall within the mandates of Nigeria’s existing regulatory architecture. The Central Bank of Nigeria oversees banking and payments. The National Pension Commission governs pension fund administration. The National Insurance Commission regulates insurance. The Securities and Exchange Commission covers capital markets. The Federal Competition and Consumer Protection Commission handles consumer protection and market competition. Each of these bodies already has jurisdiction over the fintech activities that touch its domain.

No country with a mature, well-functioning financial system has resolved the complexity of fintech by collapsing all financial regulation into a single omnibus authority. The United Kingdom distributes regulatory responsibility between the Financial Conduct Authority, the Prudential Regulation Authority, and the Payment Systems Regulator, among others. In the United States, fintechs operate within a layered framework involving the Federal Reserve, the Office of the Comptroller of the Currency, the Consumer Financial Protection Bureau, and state-level regulators depending on the nature of their activities. These are not accidents of history or bureaucratic inertia. They reflect a deliberate understanding that different financial activities carry different risks and require different regulatory philosophies.

To suggest that Nigeria should do what no serious financial jurisdiction has done i.e create a single, all-encompassing fintech regulator, is to propose a solution with no precedent in the markets Nigeria aspires to emulate. The argument that technology ties all of these activities together and therefore justifies a unified regulator misunderstands what regulation is actually for. Regulation is not organised around the medium of delivery. It is organised around the nature of risk. Lending, insurance, capital raising, and payments each carry distinct risk profiles, require distinct supervisory competencies, and serve distinct segments of the public. Technology is simply the channel through which these activities now happen to be delivered, and changing the channel does not change the underlying economic function or the regulatory logic that should govern it.

Beyond the conceptual problem lies a practical one that would have real and measurable consequences for Nigeria’s economy: the cost of regulatory friction. Every time a fintech company operating in Nigeria must navigate an additional regulatory relationship, seek an additional approval, comply with an additional set of reporting requirements, or resolve an ambiguity between overlapping regulatory mandates, it incurs a cost. That cost is passed on to investors in the form of higher risk premiums, to employees in the form of slower growth, and ultimately to consumers in the form of higher prices and reduced access to services.

This is in no way a theoretical concern. The World Bank’s Doing Business indicators, before the index was retired, consistently documented how regulatory complexity translated into direct economic disadvantage for Nigeria. The country ranked 131st out of 190 economies in the 2020 Doing Business index, with burdensome start-up procedures and licensing requirements cited as significant contributors to that ranking. During the Buhari administration, the Presidential Enabling Business Environment Council under Vice President Yemi Osinbajo made the reduction of this kind of friction a central policy priority precisely because the evidence was overwhelming: friction does not just slow businesses down, it drives them toward informal or offshore alternatives, reducing tax revenues, employment, and financial inclusion in the process.

The lesson from successful reforms elsewhere in Nigeria is instructive. When the Minister of Interior, Olubunmi Tunji-Ojo, undertook the reform of Nigeria’s passport issuance system, he made the process faster and more predictable, and in doing so he was able to raise prices substantially while still generating public approval. Nigerians did not complain about paying more for passports because they were no longer paying the invisible tax of time wasted, trips repeated, bribes solicited, and uncertainty absorbed. The sticker price went up; the real cost went down. Friction, in other words, is itself a form of taxation, one that falls disproportionately on those who can least afford it.

Nigeria’s fintech sector has grown precisely because the digital infrastructure that underpins it has reduced certain kinds of friction dramatically. The country now has one of the most vibrant fintech ecosystems on the African continent, with over 200 active fintech companies as of recent estimates and a digital payments market that processes transactions worth trillions of naira annually. This growth has happened in an environment of regulatory imperfection, which is itself a testament to the sector’s dynamism. A new regulatory body sitting atop the existing framework would not eliminate the imperfections. It would add to them.

The argument for the Fintech Act rests on a legitimate diagnosis: Nigeria’s existing regulators have, in a number of documented instances, been slow to respond to fintech innovation, inconsistent in their guidance, and inadequately equipped to handle the cross-cutting questions around data privacy, cybersecurity, fraud, and consumer protection in digital environments. The Nigeria Data Protection Act of 2023 has gone some way toward addressing the data dimension, but enforcement capacity remains thin. Regulatory sandboxes have been established but have not always translated into clear licensing pathways.

The error lies in concluding that because the existing regulators have gaps, the solution is a new regulator. Creating a new institution does not fill gaps in existing ones. It creates new ones, along with new coordination problems, new jurisdictional ambiguities, and new opportunities for regulatory arbitrage. The question that deserves to be asked is not how to add to the regulatory architecture, but how to make the existing architecture function at the speed and sophistication that the industry now demands.

The presidency already has the constitutional and institutional authority to do what actually needs to be done. Rather than creating a new regulator, the Federal Government should establish a high-level, cross-agency Fintech Regulatory Coordination Committee, convened under the authority of the Office of the President and tasked with producing binding minimum standards that all relevant regulators must meet in their dealings with the fintech sector.

Those standards should address several specific and measurable failures. Every regulator with jurisdiction over fintech activities should be required to operate a single, publicly accessible portal through which all licensing applications, compliance filings, and correspondence can be submitted and tracked. Where regulators maintain separate portals, those portals should conform to common standards of interface design, document requirements, and processing transparency so that companies operating across multiple regulatory relationships do not face entirely different experiences with each. Application timelines should be published, automated, and monitored. When a regulator fails to respond to an application within the stipulated period, the outcome should default in favour of the applicant, or at minimum trigger an automatic public notification that creates accountability.

The Auditor General of the Federation, whose office is constitutionally empowered to audit government agencies, should be given both the mandate and the technical capacity to audit regulatory compliance with these standards. This would require investment in the Auditor General’s office specifically in digital literacy, technology auditing competencies, and independent analytical capacity, but this is an investment of a categorically different order from the capital expenditure, staffing costs, and institutional inertia that a new regulatory body would generate.

Beyond coordination, there is a case for targeted capacity building within each existing regulator. The Central Bank, SEC, and NAICOM each need fintech desks staffed by people who genuinely understand distributed ledger technology, algorithmic credit scoring, embedded finance, and the other technical realities of modern financial services. This is a training and recruitment challenge, and it is one that is far more tractable than the challenge of building an entirely new institution from the ground up.

Nigeria’s fintech sector is no longer a marginal sideshow. It has now become increasingly central to the country’s financial inclusion agenda, its foreign direct investment story, and its capacity to deliver financial services to the more than 38 million Nigerian adults who, according to the EFInA Access to Finance Survey, remained outside the formal financial system as recently as 2023. Every policy decision that affects the cost and ease of operating in this sector carries a direct human consequence.

The legislators who have championed the Fintech Act deserve credit for recognising that the regulatory status quo is not adequate to the moment. Their diagnosis is not wrong. Their prescription, however, risks compounding the problem they are trying to solve. Adding a new regulator to a system already characterised by overlapping mandates and uneven enforcement capacity does not produce clarity. It produces more of the same, with additional overhead.

Nigeria has an opportunity to take a different approach; one that draws on the existing authority of the presidency, the existing mandate of established regulators, and the existing dynamism of a sector that has already demonstrated what it can achieve under conditions that are far from optimal. That approach requires coordination, standardisation, and accountability rather than institutional proliferation. It requires the political will to hold existing regulators to a higher standard rather than the administrative convenience of delegating that problem to a new body.

The Senate was right to pause on this bill. The pause should be used not to refine the mechanics of a new regulator, but to reconsider whether a new regulator is the right answer at all. Nigeria’s fintech sector does not need more regulation, it only needs smarter governance of the regulation it already has.

Why are Nigerian banks afraid of open banking?

I’ve had this conversation too many times in private rooms with bankers I respect, people who have built real institutions and seen multiple cycles of this industry. So let me say it plainly: the fear is real, and it is not irrational.

A lot of the senior people in Nigerian banking today have been here long enough to watch the entire fintech story play out from the front row. Some of them started their careers around the same time I did. They remember when companies like Paystack*, Moniepoint, and Flutterwave were early-stage experiments run by small, hungry humans still figuring things out. At the time, these companies looked like side projects that banks could afford to ignore or even casually support.

Then things changed.

Those same “small boys” now sit on valuations and transaction volumes that rival, and in some cases quietly threaten, the dominance of traditional banks. That shift did not happen gradually enough for comfort. It happened fast enough to make anyone who has spent decades building a bank pause and rethink their life choices.

So when you ask why banks are nervous about open banking, you have to start from that lived experience. They have seen what happens when you underestimate speed.

“We’ve seen this movie before, and we didn’t like the ending”

There is also some institutional memory at play here that people don’t talk about enough.

The Nigerian banking industry has already fought one major defensive battle in the past. When mobile money was expanding across Africa, telcos were the dominant players in many markets. In Nigeria, banks pushed back aggressively. Leaders like Segun Agbaje and others were part of that resistance, and it worked. Telcos were kept out of fully owning mobile money in the way they did elsewhere.

That decision bought banks time. It allowed them to grow digital capabilities on their own terms and maintain control over customer relationships.

Now, from their perspective, open banking feels like opening the gates they spent years protecting.

So the hesitation is not just about technology or regulation, but about pattern recognition. They have seen what happens when new players get too much room to operate, and they are not eager to repeat that experience under a different label.

Open banking removes friction, and that is exactly the problem

Let’s strip this down to the core issue in a more honest way. Open banking standardizes access across board, and once that happens, a lot of the protective layers banks have relied on for years start to thin out. Data becomes easier to share in structured formats, payment initiation becomes more accessible, and integrations no longer require the same level of back-and-forth or commercial gatekeeping that used to slow things down. Third parties can plug into banking infrastructure with far less resistance, and they can start building customer-facing products without needing to negotiate every step of the journey.

On paper, this reads like progress, and to be fair, a lot of it is. The part that makes banks uneasy sits in what follows after that access is opened up. When friction reduces across the system, the advantage starts to shift away from who owns the infrastructure and toward who controls the customer experience.

Once you get to that point, competition takes on a different shape. Speed of execution, product intuition, and the ability to iterate without heavy internal processes begin to matter more than balance sheet size or legacy distribution. Fintech companies have spent years optimizing for exactly that environment, while banks have been structured around control, risk management, and layered approvals. That difference in operating model becomes much more visible when friction is no longer acting as a buffer.

This is where the discomfort really comes from. It is not just about opening APIs or complying with a standard, but about what happens after everything is opened up, when the barriers that once slowed everyone down are no longer there to protect incumbents from faster, more adaptive players.

The speed gap is not theoretical

If open banking goes live today in a fully functional way, there is very little stopping a player like OPay or Moniepoint from aggregating multiple bank accounts into a single interface. A customer logs into one app and sees balances across different banks in real time, with transaction histories and controls sitting in one place instead of being scattered across different banking apps.

That alone starts to change behaviour in meaningful ways, because convenience tends to win over habit when given enough time.

Now take it one step further. The same app could introduce a simple toggle that automatically sweeps funds from a traditional bank account into a primary account the moment money lands, based purely on user preference and ease of use rather than any issue with the bank itself. Over time, small features like that begin to influence where customers choose to keep their money and how they interact with it daily.

This is not a far-fetched scenario. It lines up directly with how product teams in fast-moving fintech companies think and build, especially when they are given standardized access to financial infrastructure.

The uncomfortable part for banks sits in how differently these products get built. By the time a fintech product manager has designed, tested, and shipped something like this, the equivalent idea inside a bank may still be working its way through internal reviews, risk assessments, and multiple layers of approval. That difference in pace comes from how these institutions are structured and how decisions are made within them.

Fraud is no longer someone else’s problem

There is another dimension that makes this even more sensitive, and that is fraud.

Historically, when fraud happened in many fintech-driven transactions, the burden often sat with the fintech or even the customer, depending on how the flow was structured and where the failure occurred. That reality quietly influenced how aggressively some of these systems were designed, because the party taking the risk was not always the one enabling the access.

That posture is changing, and it is changing in a way banks cannot ignore.

The Central Bank of Nigeria has made its position clearer over time, even if it has not always been spelled out in one single document. The expectation now leans toward banks carrying more responsibility when things go wrong, especially as they remain the licensed custodians of customer funds. The regulatory “body language,” as people like to call it, has shifted in a direction that places more accountability on the institutions at the core of the system.

So when banks look at open banking, the question they are asking is very practical and grounded in experience. If access is widened and multiple parties can initiate transactions or pull data, what happens when something breaks along that chain, and more importantly, who ultimately absorbs the loss and manages the fallout?

That question becomes harder to answer in an environment where fraud tactics are constantly evolving, and where increased connectivity can introduce new attack surfaces that did not previously exist at scale.

The regulator is stealthily solving a different layer of the problem

Interestingly, while all of this is happening, there are parallel regulatory efforts that many people are not paying enough attention to, even though they will have just as much impact on how the system evolves.

There is already movement toward deeper integration of AML and KYC systems across institutions, and the direction is becoming harder to ignore. Within a defined timeframe, banks will be expected to make decisions using more than just transaction patterns, with a growing emphasis on richer identity data and more contextual risk signals that travel with each transaction.

This begins to change how risk is assessed in a practical way.

Instead of focusing primarily on how frequently money moves or how large the amounts are, institutions will increasingly pay attention to who is behind those transactions, whether they appear on any sanction lists, and whether their behaviour aligns with what is known about their income and profile. Over time, this kind of intelligence allows for more informed decisions, especially in an environment where transactions are moving faster and across more connected systems.

So while open banking raises valid concerns about access, speed, and control, the regulatory side is quietly building a more data-informed risk framework in the background, one that is meant to keep up with that increased connectivity.

Both developments are unfolding at the same time, and banks are left with the task of reconciling wider access with tighter expectations around risk and accountability.

So should banks resist, or should they adapt?

This is where I tend to disagree with the idea that fear should drive strategy. I understand why banks are cautious. In fact, I think the fear is justified. If I were sitting in their position, I would not dismiss these risks either.

What I would not do is assume that slowing down open banking will stop the underlying shift. Because the truth is, the ecosystem is already moving in that direction, with or without formal standardization.

Larger fintechs are growing. Their capabilities are expanding. The technical barriers to integration are getting lower over time. If the official version of open banking takes too long, the market will find unofficial ways to approximate it.

At that point, banks lose even more control over how the system evolves. What makes this situation more interesting is that banks are not as helpless as the narrative sometimes suggests.

We have already seen examples of banks building their own platforms and ecosystems. Access Bank has Hydrogen. GTBank has Habari. Stanbic has Zest. These are not small experiments but deliberate attempts to extend beyond traditional banking interfaces.

At the same time, transaction flows are already shifting. Not everything is going through the traditional NIBSS rails anymore. Banks and fintechs alike are building alternative pathways that give them more control over how money moves.

Then you have virtual accounts, which have quietly become one of the most important tools in modern lending and collections. Banks like Providus, Sterling, and Wema have played significant roles in shaping that infrastructure. A large portion of loan repayments today depends on these systems.

So it is not accurate to say banks cannot adapt. They clearly can. Because one way or another, this evolution will happen. The only real question is whether banks shape it while they still can, or spend the next decade reacting to decisions made somewhere else.
* I am currently the board chair at Paystack

AI will only help those with agency

AI will help those with agency and screw up everyone else. The distance between the 1% and the rest will be the widest the world has ever seen.

A few weeks ago, the “devil” made me do something I never knew I could do: I started building an internal HRMS for my team. Not because we couldn’t afford one. That part is important to highlight. But then, being a legendary cheapskate, maybe I couldn’t? You won’t know 🤐

We had been using Freshteam for a while, and like clockwork, Freshworks did what Google often does when they’re bored: announced they wouldn’t be supporting Freshteam anymore. So, we did what most sensible teams would do in that situation; find a safe harbor. We decided to move to Zoho.

I was sitting around quietly, minding my own business and then my CTO casually mentioned that with the Pro version of Codex from Open AI, we could pretty much build anything we wanted. That statement stayed with me longer than it should have; I ruminated over it like a hungry cow.

Because once you actually believe that, even for a second, it starts to make your existing decisions look a bit lazy. And then my HR comes in, not particularly patient about these things, and says we should just build our own system. I dragged my feet at first, mostly because building internal tools always sounds easier in theory than it plays out in practice. We eventually did it anyway.

By April 1, we’re launching our own internal HRMS. Not a scrappy prototype, not a “good enough for now” system, but something that is genuinely better than what we were paying for. More aligned with how we work, more polished in the areas that actually matter to us, and without all the unnecessary bulk that comes with off-the-shelf tools trying to serve everyone at once. We are not commercializing it. At best, I might give it to a few friends for free and leave it at that.

But then I’m broke, maybe if someone gives me some benjamins, I could sell it to them, alongside a few of my annoying employees as extras 🤣.

Jokes apart, at a team lead meeting, someone asked a question that has been sitting at the back of my mind ever since: if we could build something as good as Freshteam, what exactly stops someone else from building something as good as Lendsqr?

That question is uncomfortable in a very precise way – like when your least favorite cousin’s annoying son asks if they could stay over your place for the summer. Because it forces you to confront something most people would rather avoid. The barrier to entry is thinning out in real time. And if you’re paying attention, you can feel it happening. But most people never pay attention, do they?

Everyone now has the same tools

When AI started becoming genuinely useful for writing and code, I was excited in the way most people were. It felt like the advantage had suddenly increased. Things that used to take days could now be done in hours, sometimes minutes.

One of my engineers even told a story where a team met a customer (not Lendsqr), and delivered a feature the customer wanted right on the call. It was crazy!

But that excitement didn’t last in its pure form. At some point, a more annoying thought crept in. The same capability I’m enjoying is not exclusive to me. It is available to my customers and even more dangerously, my competitors. It is available to people who want to compete with me but haven’t even started yet. It is available to customers who may decide one day that they no longer need us.

So the question becomes obvious. If everyone has access to the same tools, what actually separates outcomes? It is tempting to assume that equal access leads to equal results. That logic feels smart, but it does not survive even basic scrutiny. Baby dinosaurs like us from the 80s and 90s have seen this play out before when the internet first came to be.

We have always had access

Take writing as an example. Someone like J.K. Rowling did not emerge in a world where storytelling tools were scarce. Writing materials have been widely available for a long time. Today, it is even more extreme. Google Docs is free for anyone who can breathe. That is over two billion people with access to a writing tool that is more powerful than what many professionals used less than a decade ago.

Yet the number of people who actually sit down, stay with an idea, and turn it into a complete, coherent novel remains very small. And the few who do are writing such crap you could suffer from a bad case of nausea. It is not because people lack ideas; ideas are cheap and widely distributed. It is also not because people lack tools; the tools are sitting in their pockets.

The gap comes from something far less glamorous. Most people do not have the discipline to continue once the initial excitement fades. The largest middle stretch of any meaningful project is usually boring, frustrating, and slow. That is where most attempts quietly die and I guess, if god’s real, he designed it that way.

You see the same pattern everywhere else. People start YouTube channels, record a few videos, share them with friends, and then disappear. Not because the platform stopped working or because the camera failed them. They simply lost the will to continue when it stopped being immediately rewarding.

AI does not fix that problem. If anything, it quite frankly exposes it more clearly.

So what actually matters now

After sitting with all of this for a while, I keep arriving at the same conclusion, and it is one that becomes harder to ignore the more you pay attention to how people actually work. AI tends to amplify people who already move with intent, and in practice, that amplification shows up unevenly because not everyone brings the same level of intent into the process.

From what I have observed, there are a few traits that consistently show up in people who are able to extract real value from these tools, and they are not particularly new or exotic. They have always mattered, but AI has a way of making their absence more obvious.

Agency: the part no one can automate for you

This is the most visible factor, and somehow still the one people sidestep the most. Nothing really progresses without someone deciding to take action and following through on it, and that reality has stayed constant even as the tools around us have improved. What has changed is how little friction now exists between intention and execution, which makes inaction stand out more sharply than it used to.

It is difficult to ignore how often people still operate below even this new baseline. You see CVs that are poorly structured and clearly rushed, even though it takes very little effort to clean them up with the tools available today. You remind someone to submit something important and they still find a way to delay it without any real constraint forcing that delay.

We are operating in an environment where rewriting, refining, and structuring output can happen almost instantly, yet that small initial step still does not happen as often as it should. At that point, the constraint reveals itself quite clearly as a matter of willingness rather than capability.

AI responds to direction, and without that initial push, there is nothing for it to build on. The system does not originate effort on your behalf, so whatever momentum exists still has to come from you.

Taste: knowing when something is actually good

This one is less talked about, but it shows up everywhere once you start paying attention. You don’t need to be wildly creative to have taste, you just need to carry a clear internal standard that pushes you to look at something and say this is not good enough yet, this can still be better. That simple insistence on quality is where a lot of the difference comes from.

You’ll be very surprised how many people don’t have taste. I’ve seen wealthy people, especially in Nigeria, who can afford anything and still end up building and living in complete rubbish. The quality of what comes out at the end does not match the resources that went in, and you see the same thing with clothes where people spend good money with tailors and still end up with something poorly sewn.

So even when the materials are there and the money is there, the outcome still falls short because nobody is really steering it toward something better.

AI behaves in a similar way. It will give you something that works and something that looks acceptable, but if you don’t push it further with a clear sense of what “good” looks like, it will settle there. And when it settles there, you end up with something that feels common, which means it does not stand out in any meaningful way.

By the way, taste isn’t about perfection. Far from it, it’s putting the extra efforts, within immediate control, to release things that can be as good as you could push it, NOW!

Grit: staying long enough for it to get good

There is also the matter of staying with something long enough for it to mature into what you actually had in mind.

Very few outputs land exactly where you want them on the first attempt, especially when you are working with something as iterative as AI. You start with a prompt, get a response that is close but incomplete, and then begin the process of refining, adjusting, and pushing it further. That loop is where most of the real work happens, and it demands a level of patience that many people underestimate.

When that patience is missing, the process gets cut short and the output remains shallow. When it is present, you begin to see the compounding effect of small improvements, each one bringing the result closer to something that feels deliberate and well-formed.

The system itself does not carry that process forward independently. It does not return to your work unprompted or continue refining in the background. The continuity has to come from you, which means the outcome is tightly linked to how long you are willing to stay engaged.

Curiosity: the engine behind improvement

The last piece, which often sits underneath everything else, is curiosity. People who get the most out of AI tend to engage with it in a more exploratory way. They are not just issuing instructions and moving on; they are probing, questioning, and trying to understand why something works the way it does. They push on responses, test variations, and look for ways to improve what they are seeing.

That orientation changes how the tool gets used. Instead of settling for the first acceptable output, they treat it as a starting point and keep working it until it aligns more closely with what they had in mind.

Without that curiosity, usage tends to stay at a surface level, where outputs are generated quickly but rarely developed further. Over time, that produces work that blends into everything else, because it follows the same obvious paths without any real effort to go beyond them. If you never push the envelope, how do you know how far you could go or what you could discover?

The nasty and unfriendly conclusion, and where you and I land on it

AI is going to make the top 1% dramatically better, and the distance between them and everyone else will grow in a way that becomes hard to ignore.

That outcome follows the same pattern we’ve always seen. The tools are now widely available, but agency, taste, grit, and curiosity are not evenly distributed, and those are the things that actually determine what gets built and how far it goes. Some new people will break into that top 1% because they know how to use these tools properly, and some of the people sitting comfortably at the top will fall out because they were there due to structural advantages rather than genuine excellence. The composition will change, but the gap itself will remain.

For example, just this morning, one of my children, a world-class security expert, told me he vibe-coded a Drata/Vanta replacement, got on a call with a CISO and sold it for $20k 🤯. If I could net $20k every weekend, I shall turn Mondays to Fridays to weekend days as well.

Just a month ago, my good friend and the co-founder of Carbon, Ngozi Dozie, had chronicled what he did with just a $20 Claude Code subscription. He was addicted but in a positive way – he found freedom and tasted the forbidden fruit.

But for me, personally, here’s the sober truth and this is less of an abstract observation and more of a direct challenge I’ve placed in front of myself. If the tools are this good, and the access is this open, and I still cannot produce something that is genuinely world-class, then I have to be honest about what that means. It means the problem was never the tools and it points back to whether I actually have the agency to do the work, the taste to know when it is good, the grit to stay with it, and the curiosity to keep pushing it further.

I intend to find out, and I’m choosing to believe the answer is yes. And I think that choice, made deliberately, held onto stubbornly, and acted on consistently is exactly what separates the people who will thrive in what’s coming from the people who will spend the next decade wondering why AI didn’t do more for them. May that never be my case.