adminreporter
The Central Bank of Nigeria (CBN) has issued a strong directive compelling banks and other financial institutions to refund victims of Authorised Push Payment (APP) fraud within 48 hours after investigations are concluded, a significant step to curb rising electronic fraud across the country.
APP fraud typically occurs when customers are manipulated into willingly sending money to fraudsters posing as legitimate individuals or organisations. Unlike account-compromise fraud, APP scams rely heavily on social engineering and exploit customer trust.
The new mandate, released through a circular addressed to all banks, OFIs, and the general public obtained by Fintech Insights, sets strict timelines for investigation, resolution, and reimbursement of victims. The document, titled “Draft Guidelines for Handling Authorised Push Payment Fraud,” was signed by Rita I. Sike, Director of the Financial Policy & Regulation Department.
According to the CBN, financial institutions must maintain a fair, transparent, and timely reimbursement process, noting that victims are eligible for compensation once investigations confirm the fraud. Refunds must be completed within 48 hours after a documented investigation is finalised.
Stricter Investigation Requirements
Where multiple financial institutions are involved in a single APP fraud case, the originating bank must begin investigation immediately and notify the receiving bank within 30 minutes of receiving the customer’s report. Institutions must jointly investigate the fraud, determine liabilities, and agree on reimbursement terms.
Joint investigations must be concluded and customers reimbursed within 16 working days from the date of initial reporting. All data exchanges must comply with the Nigeria Data Protection Act of 2023.
The CBN emphasised that the draft guidelines are part of ongoing efforts to strengthen financial stability and address the rapid rise in APP fraud fueled by increased use of digital channels such as USSD, mobile apps, and instant transfers.
Why the New Rules Matter
While digital banking has improved financial inclusion and convenience, it has also led to a surge in electronic fraud, undermining consumer trust. APP fraud has become particularly concerning because victims voluntarily authorise transfers under deception.
The CBN said its intervention aligns with its mandates under the CBN Act 2007 and BOFIA 2020 to maintain a safe and resilient financial system. The guidelines complement existing regulatory frameworks, including the Consumer Protection Framework.
Clear Expectations for Customers and Banks
Victims must report APP fraud within 24 hours, with a possible 48-hour grace period. Reports must include key details such as transaction date, amount, beneficiary account, and any supporting evidence.
Financial institutions must:
Acknowledge complaints within 24 hours
Issue a unique case reference number
Immediately commence investigation
Conclude investigations within 14 working days
Communicate decisions clearly, especially if reimbursement is denied
The CBN may also direct NIBSS or relevant entities to withhold settlements on fraudulent transactions and extend such holds to subsequent beneficiary institutions.
Banks that fail to comply with the timelines without valid justification risk regulatory sanctions for breaching consumer protection obligations.
However, if a victim fails to report the fraud within 72 hours without reasonable excuses such as illness or delayed awareness, the bank may not be required to issue a refund except where internal control failures or staff negligence contributed to the loss.
A Stronger Consumer Protection Framework
Overall, the draft guidelines reinforce the CBN’s drive to safeguard consumers, strengthen trust in digital payments, and ensure swift resolution of APP-related fraud cases. The central requirement remains clear: victims must be reimbursed within 48 hours once investigations conclude.
