What CBN Is Changing in Anti-Money Laundering Rules for Banks

The Central Bank of Nigeria has introduced new baseline standards for automated anti-money laundering systems across banks and other financial institutions, as part of efforts to strengthen oversight and improve the detection of suspicious financial activity.

Under the new directive, Deposit Money Banks have 18 months from March 10, 2026, to fully comply, while other financial institutions have 24 months to meet the new requirements.

The updated framework was announced in a circular dated March 10, 2026, and signed by Akinwunmi Olubukola, Director of the Banking Supervision Department, alongside Olubunmi Ayodele Oni, for the Director of the Compliance Department.

According to the apex bank, implementation begins immediately from the date the guidelines were issued, while full compliance will be expected within the stated timelines for each category of institution. The new timetable gives institutions more time than the earlier 12-month compliance period that had previously been proposed.

The circular, titled Issuance of Baseline Standards for Automated Anti-Money Laundering Solution for Financial Institutions in Nigeria, was sent to banks, mobile money operators, international money transfer operators, payment service providers, and other financial institutions regulated by the CBN.

As part of the transition process, the CBN directed all affected institutions to submit implementation roadmaps to its Compliance Department within three months of the directive.

The regulator said the standards were introduced to protect the stability and integrity of Nigeria’s financial system. It explained that the framework covers automated tools used for anti-money laundering, counterterrorism financing, and counterproliferation financing compliance.

According to the CBN, the standards are meant to improve real-time detection and reporting of suspicious transactions while helping institutions use emerging technologies to strengthen financial crime risk management.

All institutions under the CBN’s supervision are now expected to operate automated anti-money laundering solutions. However, the level of sophistication required will depend on factors such as the size of the institution, its risk exposure, business model, transaction volume and operational complexity.

The bank said the standards are based on the CBN Act 2007 and the Banks and Other Financial Institutions Act 2020, and are designed to support existing legal and regulatory obligations rather than replace them.

The CBN also made clear that manual controls alone are no longer enough in a financial system that is becoming more digital and more complex. Institutions are expected to deploy systems that can support risk-based customer due diligence, detect suspicious activity quickly and ensure timely reporting to regulators, including the CBN and the Nigerian Financial Intelligence Unit.

The new standards cover a wide range of compliance areas, including transaction monitoring, customer due diligence, know your customer and know your business checks, sanctions screening, politically exposed persons screening, reporting, case management, audit trails, fraud monitoring, data security, vendor oversight and system integration.

Institutions dealing with high-risk sectors are expected to apply stronger monitoring measures and ensure their systems are integrated with customer risk profiles and identity verification databases. The CBN also said institutions should be able to carry out customer identification, risk assessment, sanctions checks, case tracking, reporting, governance and data protection through these systems.

The framework further encourages the use of artificial intelligence, machine learning and advanced analytics, but says such tools must undergo independent annual validation, accuracy testing, fairness reviews and bias checks.

To strengthen accountability, the CBN also requires tamper-proof audit trails, secure authentication processes, role-based workflows and compliance with the Nigeria Data Protection Act. Institutions using third-party vendors must also have clear policies covering procurement, implementation, support, incident response and exit arrangements.

For new applicants seeking fresh regulatory authorisation, the CBN said they must either show evidence of compliance or present a credible plan for meeting the standards.

The bank added that compliance will be tracked through off-site monitoring, on-site examinations, thematic reviews and other supervisory tools. It warned that institutions or responsible individuals who fail to meet the standards could face remedial directives, administrative sanctions and penalties under existing laws.