CBN Proposes New Rules to Separate Banks From Fintech Affiliates, Bans Intra-Group Loans Without Approval

The Central Bank of Nigeria (CBN) has released an exposure draft this week requiring banks, fintech subsidiaries, microfinance institutions, and holding companies in Nigeria to operate as structurally independent entities, prohibiting intra-group loans and guarantees without prior regulatory approval, in a sweeping move to prevent financial contagion across corporate groups.

CBN Releases Exposure Draft on Ring-Fencing Operations of Closely Linked Entities

The CBN has proposed a regulatory framework seeking to ring-fence the operations of closely linked financial entities in Nigeria to promote a stable financial system. The draft, published for stakeholder consultation, marks one of the most significant structural reforms to hit Nigeria's banking and fintech sector in years.

The proposal is contained in the Exposure Draft Guidelines on Ring-Fencing Operations of Closely Linked Entities, signed by Dr. Rita I. Sike, Director of Financial Policy and Regulation, and circulated to stakeholders for consultation. The timing is deliberate, arriving as Nigeria's digital finance ecosystem records accelerating growth and increasingly complex group structures.

What the New CBN Draft Rules Actually Require

The proposed guidelines draw a hard line between affiliated financial entities. Under the proposed guidelines, banks and closely linked entities, including fintech subsidiaries, microfinance institutions, and holding companies, will be required to operate independently and maintain adequate capital and liquidity levels. The draft rules mandate that all transactions between affiliated entities must be conducted on arm's-length terms, properly documented, and disclosed to the CBN.

The guidelines state that the board of a closely linked entity shall ensure that the entity is legally, structurally, and operationally independent of other entities that it is closely linked to. Each closely linked entity shall maintain its own governance, risk-management, and control framework, including a dedicated board.

That means a fintech subsidiary sharing a parent with a deposit money bank can no longer rely on informal intra-group arrangements. Every transaction must stand on its own documented merit, fully visible to the regulator.

RELATED

CBN Bans Intra-Group Loans and Guarantees Without Prior Approval

Here is the sharpest edge of the new framework. The apex bank stated: "Except with the prior written approval of the CBN, no closely linked entity shall extend a loan to, or guarantee the obligations of another."

This single clause restructures the financial architecture of Nigeria's largest banking groups, many of which have fintech arms, payment subsidiaries, and microfinance units operating under the same corporate umbrella. According to the draft guidelines, financial institutions with close ownership or operational ties must seek written approval from the CBN before extending credit facilities to affiliated entities or standing as guarantors for their financial commitments.

The central bank is not closing the door on intra-group support entirely. It is ensuring every movement of capital across group boundaries passes through a regulatory filter first.

Preventing Financial Contagion Across Corporate Groups

The CBN has spelled out the core risk it is targeting. The framework seeks to prevent financial distress in one company within a corporate group from spreading to other entities, particularly licensed deposit-taking institutions.

Nigeria has witnessed rapid consolidation in its financial sector, with several banking groups acquiring or incubating fintech platforms. This creates interconnected exposure where trouble in one entity can travel quickly to a regulated deposit-taking bank. The CBN warned that excessive interconnectedness could allow losses in one subsidiary to spill into regulated banking operations.

The ring-fencing approach directly addresses this risk by forcing each entity to stand on its own capital and liquidity foundation, regardless of the group's overall financial health.

Customer Funds and Data Cannot Flow Freely Between Affiliates

The draft goes beyond capital rules. It specifically protects customers whose funds or personal data could be swept into group-level operations without their knowledge.

The framework emphasises consumer protection, banning misrepresentation of services outside licensed activities and prohibiting the use of customer funds for intra-group lending or debt servicing.

On data, the CBN draws an equally firm boundary. The CBN proposed tighter controls on customer data, requiring data to be stored independently and prohibiting its sharing among affiliated entities without the explicit consent of customers, except as permitted under the Nigeria Data Protection Act. The draft guidelines stated: "Sharing of customer data between closely linked entities without explicit consent of the customer is prohibited."

These provisions align the CBN's framework with Nigeria's broader data privacy obligations, signalling that regulatory convergence between financial and data regulators is now underway.

Non-Operating Holding Companies and Capital Buffers Now Required

The framework also reshapes the structural requirements for groups that choose to maintain multiple licensed entities. The proposed framework requires promoters of closely linked entities to establish a non-operating holding company structure. Such holding companies would be required to maintain regulatory capital at least 20 per cent above the combined minimum capital requirements of their subsidiaries.

The regulator also indicated that promoters of closely linked entities may be required to establish non-operating holding company structures or consolidate operations under a single licence where necessary.

That 20 percent capital buffer above subsidiary minimums is a significant financial commitment. It means group owners cannot operate lean holding structures while their subsidiaries absorb all the capitalisation requirements.

Shared Services Face Stricter Oversight Under the New Rules

Many banking groups run shared technology, compliance, and operational services across subsidiaries as a cost-saving strategy. The CBN's draft directly targets this practice.

Shared services will face stricter oversight, requiring service-level agreements, independent audits, and CBN approval. Groups can no longer rely on informal arrangements where one subsidiary effectively subsidises the operational capacity of another without documented contracts and regulatory visibility.

This requirement will compel major Nigerian financial groups, including those operating payment platforms, agency banking networks, and microfinance banks under the same parent, to formalise and price every shared service as if it were an external transaction.

Sanctions, Licence Revocation on the Table for Non-Compliance

The CBN has attached serious consequences to non-compliance. These may include monetary penalties, replacement of management personnel, or the revocation of operating licences, in accordance with the provisions of the Bank and Other Financial Institutions Act (BOFIA) 2020 and other applicable regulations.

The mention of BOFIA 2020, Nigeria's primary banking law, signals that the CBN views this as a legally enforceable framework, not simply guidance. The CBN stated that the guidelines shall be read in conjunction with the provisions of the CBN Act 2007, the Banks and Other Financial Institutions Act 2020, other subsidiary legislation made under the Acts, as well as written directives, notices, circulars, frameworks, and other guidelines that the CBN and other regulators in the financial services sector have issued.

Timeline: Rules Expected to Take Effect Later in 2026

The CBN is not rushing implementation. The proposed rules are expected to take effect later in 2026 following stakeholder consultations and final regulatory approval. The initiative forms part of the CBN's broader efforts to strengthen transparency, consumer protection, and resilience within Nigeria's financial services sector as digital financial services continue to expand.

The CBN said it will make the guidelines available to stakeholders, including banks, payment service providers, financial institutions, and members of the public, for review and comment. The regulator explained that where a CBN-regulated entity is closely linked to an entity regulated by another financial services regulator, it will collaborate with the relevant regulator to extend the scope of the guidelines to that entity.

The consultation window provides industry players an opportunity to engage before the rules are finalised. But the direction of travel is now clear: the era of loosely governed financial conglomerates in Nigeria is coming to an end.

What This Means for Nigeria's Fintech Sector

Nigeria's fintech ecosystem has grown dramatically over the last decade, with major players like Moniepoint, OPay, and PalmPay processing billions of naira in daily transactions. Many operate within or alongside banking groups, sharing infrastructure, capital, and branding.

The CBN's ring-fencing rules will require these groups to clearly separate their regulated and unregulated operations. The cost of structural compliance, covering dedicated boards, independent audits, arm's-length contracts, and elevated holding company capital, will be substantial.

At the same time, the framework reduces systemic risk and builds long-term confidence in Nigeria's financial system, a necessary condition for attracting institutional investment into the sector at scale.