REDEFINING AML COMPLIANCE: UNDERSTANDING CBN’S BASELINE STANDARDS FOR AUTOMATED AML SOLUTIONS FOR FINANCIAL INSTITUTIONS

/0 Comments/in , /by

BY ADERONKE ALEX-ADEDIPE AND HILLARY OKOROTIE

Introduction

Amid the growing imperative for financial security in today’s rapidly digitizing landscape and evolving compliance demands, the Central Bank of Nigeria (CBN) issued its Baseline Standards for Automated Anti-Money Laundering (AML) Solutions for Financial Institutions (“AML Solutions”) on March 10, 2026. This was followed by a Guidance Note on implementation, released on March 31, 2026.

In this newsletter, we provide an overview of the requirements of the AML Solutions for financial institutions.

What is the Purpose of the AML Solutions?

The AML Solutions is aimed at establishing a structured and automated system for the identification and reporting of suspicious transactions and strengthening adherence to AML, Combating the Financing of Terrorism (CFT), and Countering Proliferation Financing (CPF) regulatory requirements. It also applies to all financial institutions operating in Nigeria.

What are Some of the Obligations of Financial Institutions?

  1. Customer Due Diligence (CDD), Know Your Customer (KYC) and Know Your Business (KYB): Financial institutions are required to implement effective CDD, KYC and KYB frameworks supported by automated or semi-automated onboarding, instant identity verification, and integration with national identity databases such as the Bank Verification Number (BVN) and National Identification Number (NIN) systems. They must also ensure proper documentation of beneficial ownership, maintain accurate and up-to-date customer data.

AML Solutions must support end-to-end CDD, KYC, KYB, and enhanced due diligence processes, including automated risk profiling and behavioral transaction analysis. They must also enable continuous data integration of KYC/KYB data with customer risk profile to provide investigators with a unified view of customer profiles and transactional history for effective monitoring and decision-making.

  1. Sanction Lists & Politically Exposed Person (PEP) Screening: Financial institutions are required to conduct sanctions and screening of PEP at onboarding and on a continuous basis. They are also required to maintain clear procedures for reviewing, escalating, and resolving alerts and being able to demonstrate the effectiveness of their screening processes with proper documentation. AML Solutions must integrate domestic/international sanctions and watchlists with instant updates, automatically flagging or blocking transactions on confirmed matches in line with regulatory requirements.
  2. Risk Assessment & Transaction Monitoring: Financial institutions are required to conduct and document periodic business risk assessments and ensure AML systems reflect these risk profiles. The AML Solutions must assess transactions based on risk and identify possible money laundering activities. It should generate explainable alerts and enable pre-emptive actions to support decision-making.
  3. Reporting & Governance: Financial institutions must ensure accurate, complete, and timely regulatory reporting, supported by internal reviews and approval processes. The AML Solutions must be implemented to ensure automated or semi-automated generation of the required reports. They are also required to establish governance frameworks covering system ownership, access controls, model validation, and periodic audits.
  4. Security & Data Protection: There is also a requirement that all data processed and stored within AML systems comply with the scope of the Nigeria Data Protection Act (NDPA) 2023 and other applicable regulations.

The AML Solutions must support this by securely collecting and storing relevant data, applying security controls such as encryption in transit, at rest, and in use, enforcing role-based access and secure authentication.

What is the Compliance Timeline for the AML Solutions?

The compliance timeline for the AML Solutions is 18 months for deposit money banks and 24 months for other financial institutions. However, all financial institutions are required to prepare and submit a detailed implementation plan to the CBN within 3 months of the issuance of the AML Solutions. The implementation plan must provide a clear and detailed roadmap on the steps the financial institution intends to implement to meet all obligations set out in the AML Solutions.

What is the Risk of Non-Compliance?

Where financial institutions fail to implement the AML Solutions or does so in a manner that results in ineffective AML/CFT/CPF controls, they may be subject to penalties. This liability extends not only to the financial institutions but also to personnel responsible for the implementation of the AML Solutions. Applicable penalties will be imposed in accordance with existing regulations, including the CBN AML-CFT-CPF Administrative Sanctions Regulations 2023, the Banks and Other Financial Institutions Act, and other relevant regulatory frameworks.

Conclusion

The AML Solutions imposes clear and enforceable obligations on financial institutions to implement effective, technology-driven frameworks for detecting and monitoring money laundering and other related activities. It is therefore imperative for financial institutions to promptly implement these requirements in line with the prescribed timelines.

You might also like
KEY REGULATORY UPDATE: CBN GUIDELINES ON INSTANT PAYMENT FUNCTIONALITIES AND MOBILE BANKING SECURITY
REGULATORY UPDATE: NDPC EXTENDS DATA AUDIT FILING DEADLINE
VIRTUAL ASSET SERVICE PROVIDER (VASP) LICENCES IN KENYA & NIGERIA – WHAT YOU NEED TO KNOW
New CBN Measures on Diaspora Remittances: What They Mean for Market Participants
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *