Nigeria’s CBN writes AI into its anti-money laundering rules in a historic first

Nigeria’s Central Bank has formally recognised artificial intelligence as a tool for fighting financial crime, embedding AI and machine learning into new baseline standards that require banks, fintechs, and payment companies to deploy automated anti-money laundering systems.

The guidelines, released on Tuesday, mark the first time the CBN has explicitly written AI into its anti-money laundering (AML) framework, pushing Nigeria’s financial institutions away from largely manual compliance processes toward technology-driven monitoring.

The move marks a shift in how financial crime is monitored in Nigeria’s banking system. As Nigeria’s financial system becomes increasingly digital, driven by mobile banking, fintech platforms, and instant payments, the CBN is saying traditional compliance tools are no longer sufficient to detect sophisticated financial crime.

“As financial services become increasingly digitised and complex, manual AML/CFT/CPF controls are no longer sufficient to manage evolving risks,” the CBN said in its new framework.

Financial institutions are now expected to deploy automated AML systems capable of supporting risk-based customer due diligence, detecting suspicious activity, and enabling timely reporting to regulators, including the CBN and the Nigerian Financial Intelligence Unit.

The standards align with recommendations from the Financial Action Task Force (FATF) and aim to ensure that AML technologies deployed by financial institutions deliver measurable effectiveness rather than merely satisfying regulatory checklists.

According to the regulator, the framework is designed to strengthen Nigeria’s ability to detect and report money laundering, terrorism financing, and proliferation financing while improving overall financial crime risk management.

Nigeria was removed from the FATF grey list in 2025, after strengthening its anti-money-laundering regimes and improving transparency in its financial systems.

The rise of AI in financial crime detection

One of the most significant aspects of the new rules is the explicit recognition of AI and machine learning in financial crime detection.

The guidelines encourage financial institutions to use technologies such as anomaly detection, behavioural pattern recognition, and automated risk scoring to identify potentially suspicious activity.

Matching logic capable of detecting name variations and similarities, which may include AI- or fuzzy-matching techniques, is encouraged.

However, the CBN also warned that AI-driven systems must remain transparent and subject to governance oversight. Financial institutions deploying machine learning models must perform independent validation of those models at least annually to ensure they remain accurate and unbiased.

Where AI/ML-based models are used to support adaptive learning and model calibration, the CBN advised that there must be a documented governance framework, including human oversight and explainability

The systems must also provide explainable insights into why an alert was triggered, allowing human investigators to understand the factors behind suspicious transaction flags.

The requirement reflects a growing global concern about algorithmic transparency in financial compliance systems. 

In its 2026 compliance predictions, Thomson Reuters, a global content and technology company, warned that while AI promises to strengthen compliance monitoring, human oversight remains essential. 

The firm said financial institutions must continue to validate AI-generated outputs and conduct regular audits to ensure accuracy, maintain trust in the financial system, and preserve accountability.

A compliance overhaul for the financial sector

The new standards apply broadly across Nigeria’s financial system, including banks, mobile money operators, international money transfer operators, and other regulated financial institutions.

Under the framework, institutions are expected to deploy integrated AML platforms capable of performing a range of functions, including automated customer due diligence and risk profiling, sanctions and politically exposed persons (PEP) screening, transaction monitoring for suspicious activity, case management and regulatory reporting, and fraud detection across financial channels.

The systems must also integrate with core banking platforms, customer onboarding systems, and transaction processing infrastructure to create a unified view of customer risk.

This means banks and fintechs will increasingly rely on systems that combine identity data, transaction histories, and behavioural analysis to detect suspicious financial activity in real time.

According to the regulator, these systems must assess transactions in the context of a customer’s profile rather than analysing raw transaction data alone.

Beyond money laundering detection, the guidelines also push financial institutions toward real-time fraud monitoring, particularly across digital payment channels.

The CBN requires systems capable of monitoring transactions across cards, electronic channels, deposits, and lending platforms to identify unusual patterns that could indicate fraud.

Fraud monitoring controls for card and digital channels must be calibrated to operate in real time or near real time to allow institutions to intervene before fraudulent transactions are completed.

The new directive comes as fraud in Nigeria’s financial sector continues to surge. Data from the Financial Institutions Training Centre (FITC) shows fraud losses jumped 603% to ₦3.29 billion ($2.27 million) in the first quarter of 2025, with 12,347 cases reported.

The move also fits into the CBN’s long-running effort to tighten fraud oversight across the financial system. In 2011, the regulator established the Nigeria Electronic Fraud Forum (NeFF) to enable information sharing among financial institutions on emerging fraud threats. Four years later, it mandated banks to set up dedicated fraud desks to support customers affected by electronic fraud.

In 2023, the CBN strengthened Know Your Customer (KYC) rules, requiring customers to provide a Bank Verification Number (BVN) or National Identification Number (NIN) to open accounts or wallets. The following year, it instructed the Nigeria Inter-Bank Settlement System (NIBSS) to begin debiting the accounts of banks that receive fraud proceeds, a move designed to increase accountability across the payment ecosystem.

Further guidelines issued in December 2025 required customers to report fraudulent transactions within 72 hours, while giving banks and fintechs a 16-working-day window to investigate cases and process refunds.

The latest rules go even further, pushing financial institutions toward a unified financial crime risk architecture where fraud monitoring and anti-money-laundering systems share data and analytics models.

Such integration would allow banks and fintechs to identify links between fraud activity and potential money laundering operations.

Implementation timeline

Financial institutions are expected to submit implementation roadmaps to the CBN within three months of the circular’s issuance.

Deposit money banks have 18 months to fully comply with the new standards, while other financial institutions have up to 24 months to implement compliant systems.

The CBN said it will monitor compliance through supervisory reviews and inspections, with institutions that fail to meet the requirements facing potential regulatory sanctions.