In a significant move against financial crimes, the Central Bank of Nigeria (CBN) has unveiled its Customer Due Diligence Regulations 2023, imposing stricter measures on financial institutions under its regulatory purview.
The latest regulations aim to strengthen compliance with anti-money laundering (AML) and counter-terrorism financing (CFT) provisions while aligning with international best practices.
The CBN’s new regulations introduce a crucial requirement for financial institutions to collect and verify customers’ social media handles as part of their Know Your Customer (KYC) process.
By including social media verification in the KYC requirements, the CBN intends to enhance the accuracy and depth of customer identification and fortify the fight against money laundering, terrorism financing, and proliferation financing.
Under the new regulations, financial institutions are obligated to establish internal processes and procedures for conducting comprehensive customer due diligence measures for both potential and existing customers, including occasional customers.
These measures include obtaining specific information such as legal names, addresses, contact details, identification documents, account types, nature of banking relationships, signatures, and the identification of politically exposed persons (PEPs).
To verify customer identities, financial institutions must rely on reliable and independent source documents, data, or information. This involves confirming personal details, including date of birth, residential address, contact details, and the validity of official documentation for individuals.
For legal entities or arrangements, financial institutions are required to conduct searches on public registries or databases, review annual reports or relevant financial statements, and examine board resolutions.
Record-keeping and maintaining up-to-date customer information are also emphasized in the new regulations. Financial institutions must retain records obtained through customer due diligence measures, account files, business correspondence, and analysis results for at least five years after the termination or cessation of a business relationship or an occasional transaction.
Additionally, regular reviews of existing customer records are mandated based on risk categories, with high-risk customers requiring annual reviews, medium-risk customers requiring reviews every 18 months, and low-risk customers requiring reviews every three years.