Over the last nine months, and very much in line with what I predicted at the start of the year, the Central Bank of Nigeria has been engaged in a sustained and deliberate effort to confront fraud across the financial system. It has not been loud, it has not been performative, and it has not relied on dramatic announcements designed to impress headlines.
What has happened instead feels intentional and steady, driven by new leadership at the top of the bank and reinforced by renewed seriousness across several departments that matter deeply to payments, banking supervision, and financial stability.
If you have spent enough time building or operating financial products in Nigeria, you quickly learn that this country has never lacked rules. Our regulatory frameworks around KYC and CDD are solid.
They are detailed, well documented, and in many respects comparable to what you find in markets people like to call more advanced. The challenge has always lived elsewhere. It lives in what happens after those rules exist, in how consistently they are applied, and in whether anyone feels genuine pressure to enforce them when enforcement becomes inconvenient.
For a long time, the gap between regulation and enforcement created a permissive environment. People learned what they could get away with. Fraudsters, in particular, understood the system extremely well. They observed patterns, tested boundaries, and refined their methods based on the absence of consequences.
Over time, fraud became easier to execute and harder to reverse. Banks lost money. Customers lost money. Ordinary Nigerians received messages and emails from people pretending to be trusted contacts. Funds moved quickly across institutions, and by the time anyone reacted, the trail had usually gone cold.
When fraud happened and urgency was optional
One of the most revealing aspects of the system during that era was how banks responded or failed to respond once fraud occurred. Reporting a stolen fund often felt like shouting into a void, and there was rarely a sense of urgency, accountability, or even recognition that the problem mattered beyond the immediate customer. The processes were slow, the communication was minimal, and the expectation was that you would wait indefinitely while your money effectively disappeared.
We experienced this first-hand on September 1, 2023. Lendsqr was hit by a fraud attack. The amount lost was small, nothing that could have threatened the business, but the experience was enough to show how broken the response system was. We immediately escalated the incident via email to one of the largest banks in Nigeria, fully expecting a structured investigation to kick off. The response we received was silence. Days passed. Nothing happened. It was only when I called on the personal intervention of an executive director at the bank that the situation started moving. The layers of bureaucracy that normally slow everything down were suddenly cut through, and we got resolution.
That incident leaves a lasting impression because it forces a sobering question. If it takes access to someone at the very top to resolve a fraud case within a reasonable timeframe, how do ordinary Nigerians ever recover their funds or even get proper attention? Most people have no idea who an executive director is. They don’t have informal channels to escalate issues. They submit complaints, receive reference numbers, and are left waiting while funds vanish. Confidence erodes, frustration sets in, and resignation becomes the default response.
This environment created a culture where fraud felt low risk to those committing it. The system’s slow pace and lack of coordination made it almost predictable. Criminals learned that moving money quickly and quietly often guaranteed they could escape before anyone cared enough to intervene. Experiencing that personally, as someone deeply embedded in the ecosystem, reinforces how critical consistent enforcement is, and why the changes the CBN has implemented over the past months are not just welcome but are essential for the survival of trust in Nigerian payments.
The moment enforcement became real for everyone
The mechanics of fraud exploitation were predictable. Funds would be taken from one account and moved rapidly across multiple banks. Sometimes recipient banks would attempt intervention, assuming the right teams were engaged early enough. In many cases, the funds would pass through fintech platforms as well, adding another layer of complexity and finger-pointing. Responsibility became fragmented. Each institution focused narrowly on its own exposure, while the broader flow continued unchecked.
This fragmentation allowed fraud to scale. Speed worked in favour of bad actors. By the time investigations began, money had already changed hands multiple times. Recovery became unlikely, and lessons rarely translated into systemic fixes.
The tone changed when the CBN decided to enforce existing rules in a way that affected everyone involved. There was a notable case involving one of Nigeria’s oldest and largest banks, where fraudulent funds moved through multiple institutions. Instead of allowing the usual back-and-forth, the CBN debited every bank that had received the funds and reversed the transaction chain.
That single action landed heavily across the industry. It demonstrated that tracing and reversing fraud was possible when the regulator chose to act decisively. It also made it clear that participation in the chain carried consequences, regardless of where the fraud originated.
At the same time, it was obvious that isolated interventions would not be enough. Fraud at scale requires systemic responses, and what followed was far more important than any one enforcement action.
Moving from reactions to structure and consistency
Over the months that followed, the CBN introduced and enforced a series of coordinated measures aimed at the most common fraud pathways. These changes did not arrive all at once. They were layered gradually, touching different parts of the ecosystem.
POS operations received increased scrutiny, which forced banks to become far more serious about merchant onboarding and monitoring. This focus makes practical sense, because cash conversion remains a critical exit point for fraudulent funds. When those exits narrow, the economics of fraud begin to change.
Banks were also given explicit responsibilities and timelines when fraud is reported, even in scenarios where customers were misled through impersonation or social engineering. Investigations now operate within defined windows, with a maximum of 14 days, and immediate containment actions expected within 48 hours. This clarity matters because it removes ambiguity around accountability.
Banks hold people’s money under license. That responsibility carries obligations that extend beyond processing transactions. KYC requirements exist to ensure institutions understand who their customers are and how they behave financially. When a customer profile suggests low income activity and sudden, large transaction volumes appear, that discrepancy should trigger action long before fraud becomes a headline.
Excuses such as being unable to locate a customer after the act reflect deeper failures in compliance and monitoring. Fraudulent activities are not edge cases, they are precisely the scenarios these institutions are designed to expect and address.
Why this fight mattered for the entire ecosystem
Over the past few months, fraud volumes have declined noticeably. This shift has little to do with goodwill and everything to do with friction. When funny money becomes harder to move, harder to convert to cash, and harder to hide across institutions, fraudulent activity loses momentum.
Limits on cash withdrawals, tighter controls around fund movement, and closer monitoring have all contributed to this outcome. Some measures, like proposed GPS requirements on merchant POS, proved difficult to implement at scale and remain unresolved.
That experimentation is part of the regulatory process, and not every idea will translate cleanly into practice. What matters is that enforcement has become consistent enough to influence behaviour.
This consistency matters because Nigeria’s payments infrastructure is one of the few areas where the country consistently punches above its weight. It supports commerce, enables innovation, and underpins everyday economic activity. Allowing fraud to spiral unchecked would have undermined trust at a foundational level. Once trust erodes, recovery takes years.
By intervening when it did, the CBN protected something bigger than individual transactions. It preserved confidence in digital payments and gave builders room to focus on long-term value creation rather than constant damage control.
Credit where it is due
It is important to acknowledge the work being done within the CBN. Directors across payments supervision, payment policy, banking supervision, and related departments have taken on the hard task of enforcement, not just policy drafting. Rules were backed by action, and action produced results.
As fraud pressure continues to ease, the ecosystem gains breathing room. Founders, banks, and fintech operators can invest energy into building safer, more sustainable solutions that serve real needs. Nigeria already has users and attention. With stronger enforcement backing the system, there is a real opportunity to channel that scale into durable progress.
That, more than anything, is why this fight against fraud matters.