Anti-money laundering (AML) compliance in Nigeria is governed by the Money Laundering (Prevention and Prohibition) Act 2022, CBN regulations, and FATF standards. All licensed banks, fintechs, and payment service providers are legally required to maintain active AML programmes.
Nigeria's AML regime is built on three primary laws. The Money Laundering (Prevention and Prohibition) Act 2022 (MLPPA) is the core statute, replacing the 2011 Act with stricter obligations. The Terrorism (Prevention and Prohibition) Act 2022 covers counter-terrorism financing (CFT). The Banks and Other Financial Institutions Act 2020 (BOFIA), under Section 66, mandates all CBN-licensed institutions to comply with AML/CFT requirements.
The Central Bank of Nigeria (CBN) enforces compliance through circulars, guidelines, and on-site examinations. The Nigerian Financial Intelligence Unit (NFIU) receives and analyses suspicious transaction reports (STRs), currency transaction reports (CTRs), and foreign transfer reports (FTRs) submitted via the goAML platform.
| Report type | Trigger | Deadline |
|---|---|---|
| Suspicious Transaction Report (STR) | Any transaction that raises suspicion of money laundering or terrorism financing — no minimum amount | 24 hours from detection |
| Currency Transaction Report (CTR) | Cash transactions above NGN 5 million (individuals) or NGN 10 million (corporates) | Within 7 days |
| Foreign Transfer Report (FTR) | International transfers above USD 10,000 or equivalent | Within 1 day |
On 10 March 2026, the CBN issued Circular BSD/DIR/PUB/LAB/019/002, establishing mandatory baseline standards for automated AML solutions. All deposit money banks must achieve full compliance within 18 months (by September 2027). Fintechs, payment service providers, and mobile money operators have 24 months (by March 2028). All regulated institutions were required to submit implementation roadmaps to the CBN by 10 June 2026.
The circular mandates real-time transaction monitoring, dynamic risk scoring, automated sanctions and PEP screening, and direct integration with goAML for regulatory reporting.
The CBN has significantly increased enforcement activity. Zenith Bank was fined NGN 15.42 billion in 2025 for AML/CFT violations. Access Bank was fined NGN 35 million in 2026. The MLPPA 2022 provides for criminal prosecution of individuals, including compliance officers, in addition to institutional fines. Senior management carry personal regulatory exposure under the 2026 circular — penalties apply to both the institution and accountable individuals.
Free resource for Nigerian compliance teams
The NFIU STR/CTR Rejection Codes Reference Guide — every common goAML rejection explained with root causes and fixes.
Download the free guide