Month: April 2026

Every few years, Nigeria tries to tidy up its financial system with a new idea that sounds orderly at first glance and truthfully there is something genuinely worth acknowledging in the motivation behind the newly proposed Fintech Act. The legislators who have championed it are responding to a real and visible problem: Nigeria’s financial technology sector has grown faster than the regulatory thinking applied to it, and the resulting patchwork of guidance, enforcement, and oversight has created genuine uncertainty for investors, operators, and consumers alike. The intention to bring coherence to this scene deserves credit. However, the method chosen to achieve it deserves serious scrutiny.

And yet, good intentions are not a sufficient foundation for sound policy. The proposed Fintech Act, which seeks to create an entirely new regulatory body to oversee fintech companies in Nigeria, reflects a fundamental misunderstanding of what the problem actually is and, consequently, proposes a solution that would make things considerably worse. The bill, which passed through the House of Representatives and subsequently stalled in the Senate, where lawmakers signalled the need for substantial revision, should not simply be reworked. The core premise that another regulator is the answer deserves to be challenged outright.

The very framing of “financial technology” as a unified category requiring its own standalone regulator reveals a conceptual confusion at the heart of the proposal. Finance and technology are not a single industry. They are two distinct domains whose intersection produces services that already fall within the mandates of Nigeria’s existing regulatory architecture. The Central Bank of Nigeria oversees banking and payments. The National Pension Commission governs pension fund administration. The National Insurance Commission regulates insurance. The Securities and Exchange Commission covers capital markets. The Federal Competition and Consumer Protection Commission handles consumer protection and market competition. Each of these bodies already has jurisdiction over the fintech activities that touch its domain.

No country with a mature, well-functioning financial system has resolved the complexity of fintech by collapsing all financial regulation into a single omnibus authority. The United Kingdom distributes regulatory responsibility between the Financial Conduct Authority, the Prudential Regulation Authority, and the Payment Systems Regulator, among others. In the United States, fintechs operate within a layered framework involving the Federal Reserve, the Office of the Comptroller of the Currency, the Consumer Financial Protection Bureau, and state-level regulators depending on the nature of their activities. These are not accidents of history or bureaucratic inertia. They reflect a deliberate understanding that different financial activities carry different risks and require different regulatory philosophies.

To suggest that Nigeria should do what no serious financial jurisdiction has done i.e create a single, all-encompassing fintech regulator, is to propose a solution with no precedent in the markets Nigeria aspires to emulate. The argument that technology ties all of these activities together and therefore justifies a unified regulator misunderstands what regulation is actually for. Regulation is not organised around the medium of delivery. It is organised around the nature of risk. Lending, insurance, capital raising, and payments each carry distinct risk profiles, require distinct supervisory competencies, and serve distinct segments of the public. Technology is simply the channel through which these activities now happen to be delivered, and changing the channel does not change the underlying economic function or the regulatory logic that should govern it.

Beyond the conceptual problem lies a practical one that would have real and measurable consequences for Nigeria’s economy: the cost of regulatory friction. Every time a fintech company operating in Nigeria must navigate an additional regulatory relationship, seek an additional approval, comply with an additional set of reporting requirements, or resolve an ambiguity between overlapping regulatory mandates, it incurs a cost. That cost is passed on to investors in the form of higher risk premiums, to employees in the form of slower growth, and ultimately to consumers in the form of higher prices and reduced access to services.

This is in no way a theoretical concern. The World Bank’s Doing Business indicators, before the index was retired, consistently documented how regulatory complexity translated into direct economic disadvantage for Nigeria. The country ranked 131st out of 190 economies in the 2020 Doing Business index, with burdensome start-up procedures and licensing requirements cited as significant contributors to that ranking. During the Buhari administration, the Presidential Enabling Business Environment Council under Vice President Yemi Osinbajo made the reduction of this kind of friction a central policy priority precisely because the evidence was overwhelming: friction does not just slow businesses down, it drives them toward informal or offshore alternatives, reducing tax revenues, employment, and financial inclusion in the process.

The lesson from successful reforms elsewhere in Nigeria is instructive. When the Minister of Interior, Olubunmi Tunji-Ojo, undertook the reform of Nigeria’s passport issuance system, he made the process faster and more predictable, and in doing so he was able to raise prices substantially while still generating public approval. Nigerians did not complain about paying more for passports because they were no longer paying the invisible tax of time wasted, trips repeated, bribes solicited, and uncertainty absorbed. The sticker price went up; the real cost went down. Friction, in other words, is itself a form of taxation, one that falls disproportionately on those who can least afford it.

Nigeria’s fintech sector has grown precisely because the digital infrastructure that underpins it has reduced certain kinds of friction dramatically. The country now has one of the most vibrant fintech ecosystems on the African continent, with over 200 active fintech companies as of recent estimates and a digital payments market that processes transactions worth trillions of naira annually. This growth has happened in an environment of regulatory imperfection, which is itself a testament to the sector’s dynamism. A new regulatory body sitting atop the existing framework would not eliminate the imperfections. It would add to them.

The argument for the Fintech Act rests on a legitimate diagnosis: Nigeria’s existing regulators have, in a number of documented instances, been slow to respond to fintech innovation, inconsistent in their guidance, and inadequately equipped to handle the cross-cutting questions around data privacy, cybersecurity, fraud, and consumer protection in digital environments. The Nigeria Data Protection Act of 2023 has gone some way toward addressing the data dimension, but enforcement capacity remains thin. Regulatory sandboxes have been established but have not always translated into clear licensing pathways.

The error lies in concluding that because the existing regulators have gaps, the solution is a new regulator. Creating a new institution does not fill gaps in existing ones. It creates new ones, along with new coordination problems, new jurisdictional ambiguities, and new opportunities for regulatory arbitrage. The question that deserves to be asked is not how to add to the regulatory architecture, but how to make the existing architecture function at the speed and sophistication that the industry now demands.

The presidency already has the constitutional and institutional authority to do what actually needs to be done. Rather than creating a new regulator, the Federal Government should establish a high-level, cross-agency Fintech Regulatory Coordination Committee, convened under the authority of the Office of the President and tasked with producing binding minimum standards that all relevant regulators must meet in their dealings with the fintech sector.

Those standards should address several specific and measurable failures. Every regulator with jurisdiction over fintech activities should be required to operate a single, publicly accessible portal through which all licensing applications, compliance filings, and correspondence can be submitted and tracked. Where regulators maintain separate portals, those portals should conform to common standards of interface design, document requirements, and processing transparency so that companies operating across multiple regulatory relationships do not face entirely different experiences with each. Application timelines should be published, automated, and monitored. When a regulator fails to respond to an application within the stipulated period, the outcome should default in favour of the applicant, or at minimum trigger an automatic public notification that creates accountability.

The Auditor General of the Federation, whose office is constitutionally empowered to audit government agencies, should be given both the mandate and the technical capacity to audit regulatory compliance with these standards. This would require investment in the Auditor General’s office specifically in digital literacy, technology auditing competencies, and independent analytical capacity, but this is an investment of a categorically different order from the capital expenditure, staffing costs, and institutional inertia that a new regulatory body would generate.

Beyond coordination, there is a case for targeted capacity building within each existing regulator. The Central Bank, SEC, and NAICOM each need fintech desks staffed by people who genuinely understand distributed ledger technology, algorithmic credit scoring, embedded finance, and the other technical realities of modern financial services. This is a training and recruitment challenge, and it is one that is far more tractable than the challenge of building an entirely new institution from the ground up.

Nigeria’s fintech sector is no longer a marginal sideshow. It has now become increasingly central to the country’s financial inclusion agenda, its foreign direct investment story, and its capacity to deliver financial services to the more than 38 million Nigerian adults who, according to the EFInA Access to Finance Survey, remained outside the formal financial system as recently as 2023. Every policy decision that affects the cost and ease of operating in this sector carries a direct human consequence.

The legislators who have championed the Fintech Act deserve credit for recognising that the regulatory status quo is not adequate to the moment. Their diagnosis is not wrong. Their prescription, however, risks compounding the problem they are trying to solve. Adding a new regulator to a system already characterised by overlapping mandates and uneven enforcement capacity does not produce clarity. It produces more of the same, with additional overhead.

Nigeria has an opportunity to take a different approach; one that draws on the existing authority of the presidency, the existing mandate of established regulators, and the existing dynamism of a sector that has already demonstrated what it can achieve under conditions that are far from optimal. That approach requires coordination, standardisation, and accountability rather than institutional proliferation. It requires the political will to hold existing regulators to a higher standard rather than the administrative convenience of delegating that problem to a new body.

The Senate was right to pause on this bill. The pause should be used not to refine the mechanics of a new regulator, but to reconsider whether a new regulator is the right answer at all. Nigeria’s fintech sector does not need more regulation, it only needs smarter governance of the regulation it already has.

I’ve had this conversation too many times in private rooms with bankers I respect, people who have built real institutions and seen multiple cycles of this industry. So let me say it plainly: the fear is real, and it is not irrational.

A lot of the senior people in Nigerian banking today have been here long enough to watch the entire fintech story play out from the front row. Some of them started their careers around the same time I did. They remember when companies like Paystack*, Moniepoint, and Flutterwave were early-stage experiments run by small, hungry humans still figuring things out. At the time, these companies looked like side projects that banks could afford to ignore or even casually support.

Then things changed.

Those same “small boys” now sit on valuations and transaction volumes that rival, and in some cases quietly threaten, the dominance of traditional banks. That shift did not happen gradually enough for comfort. It happened fast enough to make anyone who has spent decades building a bank pause and rethink their life choices.

So when you ask why banks are nervous about open banking, you have to start from that lived experience. They have seen what happens when you underestimate speed.

“We’ve seen this movie before, and we didn’t like the ending”

There is also some institutional memory at play here that people don’t talk about enough.

The Nigerian banking industry has already fought one major defensive battle in the past. When mobile money was expanding across Africa, telcos were the dominant players in many markets. In Nigeria, banks pushed back aggressively. Leaders like Segun Agbaje and others were part of that resistance, and it worked. Telcos were kept out of fully owning mobile money in the way they did elsewhere.

That decision bought banks time. It allowed them to grow digital capabilities on their own terms and maintain control over customer relationships.

Now, from their perspective, open banking feels like opening the gates they spent years protecting.

So the hesitation is not just about technology or regulation, but about pattern recognition. They have seen what happens when new players get too much room to operate, and they are not eager to repeat that experience under a different label.

Open banking removes friction, and that is exactly the problem

Let’s strip this down to the core issue in a more honest way. Open banking standardizes access across board, and once that happens, a lot of the protective layers banks have relied on for years start to thin out. Data becomes easier to share in structured formats, payment initiation becomes more accessible, and integrations no longer require the same level of back-and-forth or commercial gatekeeping that used to slow things down. Third parties can plug into banking infrastructure with far less resistance, and they can start building customer-facing products without needing to negotiate every step of the journey.

On paper, this reads like progress, and to be fair, a lot of it is. The part that makes banks uneasy sits in what follows after that access is opened up. When friction reduces across the system, the advantage starts to shift away from who owns the infrastructure and toward who controls the customer experience.

Once you get to that point, competition takes on a different shape. Speed of execution, product intuition, and the ability to iterate without heavy internal processes begin to matter more than balance sheet size or legacy distribution. Fintech companies have spent years optimizing for exactly that environment, while banks have been structured around control, risk management, and layered approvals. That difference in operating model becomes much more visible when friction is no longer acting as a buffer.

This is where the discomfort really comes from. It is not just about opening APIs or complying with a standard, but about what happens after everything is opened up, when the barriers that once slowed everyone down are no longer there to protect incumbents from faster, more adaptive players.

The speed gap is not theoretical

If open banking goes live today in a fully functional way, there is very little stopping a player like OPay or Moniepoint from aggregating multiple bank accounts into a single interface. A customer logs into one app and sees balances across different banks in real time, with transaction histories and controls sitting in one place instead of being scattered across different banking apps.

That alone starts to change behaviour in meaningful ways, because convenience tends to win over habit when given enough time.

Now take it one step further. The same app could introduce a simple toggle that automatically sweeps funds from a traditional bank account into a primary account the moment money lands, based purely on user preference and ease of use rather than any issue with the bank itself. Over time, small features like that begin to influence where customers choose to keep their money and how they interact with it daily.

This is not a far-fetched scenario. It lines up directly with how product teams in fast-moving fintech companies think and build, especially when they are given standardized access to financial infrastructure.

The uncomfortable part for banks sits in how differently these products get built. By the time a fintech product manager has designed, tested, and shipped something like this, the equivalent idea inside a bank may still be working its way through internal reviews, risk assessments, and multiple layers of approval. That difference in pace comes from how these institutions are structured and how decisions are made within them.

Fraud is no longer someone else’s problem

There is another dimension that makes this even more sensitive, and that is fraud.

Historically, when fraud happened in many fintech-driven transactions, the burden often sat with the fintech or even the customer, depending on how the flow was structured and where the failure occurred. That reality quietly influenced how aggressively some of these systems were designed, because the party taking the risk was not always the one enabling the access.

That posture is changing, and it is changing in a way banks cannot ignore.

The Central Bank of Nigeria has made its position clearer over time, even if it has not always been spelled out in one single document. The expectation now leans toward banks carrying more responsibility when things go wrong, especially as they remain the licensed custodians of customer funds. The regulatory “body language,” as people like to call it, has shifted in a direction that places more accountability on the institutions at the core of the system.

So when banks look at open banking, the question they are asking is very practical and grounded in experience. If access is widened and multiple parties can initiate transactions or pull data, what happens when something breaks along that chain, and more importantly, who ultimately absorbs the loss and manages the fallout?

That question becomes harder to answer in an environment where fraud tactics are constantly evolving, and where increased connectivity can introduce new attack surfaces that did not previously exist at scale.

The regulator is stealthily solving a different layer of the problem

Interestingly, while all of this is happening, there are parallel regulatory efforts that many people are not paying enough attention to, even though they will have just as much impact on how the system evolves.

There is already movement toward deeper integration of AML and KYC systems across institutions, and the direction is becoming harder to ignore. Within a defined timeframe, banks will be expected to make decisions using more than just transaction patterns, with a growing emphasis on richer identity data and more contextual risk signals that travel with each transaction.

This begins to change how risk is assessed in a practical way.

Instead of focusing primarily on how frequently money moves or how large the amounts are, institutions will increasingly pay attention to who is behind those transactions, whether they appear on any sanction lists, and whether their behaviour aligns with what is known about their income and profile. Over time, this kind of intelligence allows for more informed decisions, especially in an environment where transactions are moving faster and across more connected systems.

So while open banking raises valid concerns about access, speed, and control, the regulatory side is quietly building a more data-informed risk framework in the background, one that is meant to keep up with that increased connectivity.

Both developments are unfolding at the same time, and banks are left with the task of reconciling wider access with tighter expectations around risk and accountability.

So should banks resist, or should they adapt?

This is where I tend to disagree with the idea that fear should drive strategy. I understand why banks are cautious. In fact, I think the fear is justified. If I were sitting in their position, I would not dismiss these risks either.

What I would not do is assume that slowing down open banking will stop the underlying shift. Because the truth is, the ecosystem is already moving in that direction, with or without formal standardization.

Larger fintechs are growing. Their capabilities are expanding. The technical barriers to integration are getting lower over time. If the official version of open banking takes too long, the market will find unofficial ways to approximate it.

At that point, banks lose even more control over how the system evolves. What makes this situation more interesting is that banks are not as helpless as the narrative sometimes suggests.

We have already seen examples of banks building their own platforms and ecosystems. Access Bank has Hydrogen. GTBank has Habari. Stanbic has Zest. These are not small experiments but deliberate attempts to extend beyond traditional banking interfaces.

At the same time, transaction flows are already shifting. Not everything is going through the traditional NIBSS rails anymore. Banks and fintechs alike are building alternative pathways that give them more control over how money moves.

Then you have virtual accounts, which have quietly become one of the most important tools in modern lending and collections. Banks like Providus, Sterling, and Wema have played significant roles in shaping that infrastructure. A large portion of loan repayments today depends on these systems.

So it is not accurate to say banks cannot adapt. They clearly can. Because one way or another, this evolution will happen. The only real question is whether banks shape it while they still can, or spend the next decade reacting to decisions made somewhere else.
* I am currently the board chair at Paystack