The Central Bank of Nigeria (CBN) has set a maximum transaction limit of N20,000 within the first 24 hours of activating a mobile banking application on a new device.
This is contained in a CBN circular issued to all financial institutions, dated March 12, 2025, and signed by the apex bank’s Director of Payments System Policy Department, Musa Jimoh.
The new rule forms part of security requirements measures for banks and other financial services providers, including mobile money operators such as PalmPay, Opay, Moniepoint, and Paga, among others.
What the CBN is saying
According to the banking regulator, the new directive is part of measures aimed at strengthening fraud prevention and improving security in Nigeria’s digital payments ecosystem.
Under the new rule, the CBN said mobile financial services applications (apps) shall only be enabled on one device at a time, and customers cannot operate the apps concurrently on multiple devices.
- “Migration to another device shall trigger automatic re-activation and authentication.
- “For new accounts, transaction limits (inflow and outflow) shall be imposed on a newly activated mobile financial services app in the first 24-hours of activation.
- “The limit shall be as determined by the financial institution, subject to a maximum transaction limit of N20,000.00.” the bank stated.
For existing accounts, CBN said transaction limits (outflow) should be imposed on a newly activated mobile financial services app in the first 24-hours of activation.
- “The limit shall be as determined by the financial institution, subject to a maximum transaction limit of N20,000.00.” it added.
More insights
As part of the updated framework, financial institutions must introduce a voluntary opt-in and opt-out feature that allows customers to disable or enable instant payment services at any time.
When a customer opts out, they will be unable to carry out online instant transfers either within the same bank or to other banks, although they can still visit their financial institution physically to carry out transactions.
- The CBN also said customers should be allowed to voluntarily adjust their transaction limits, subject to existing regulatory thresholds of N25 million for individuals and N250 million for corporate accounts.
- According to the directive, any adjustment to these limits must undergo enhanced due diligence and risk assessment by the financial institution and will take effect only after successful completion of multi-factor authentication.
- The circular further requires all financial institutions to deploy enterprise fraud monitoring systems capable of detecting suspicious transactions in real time for both incoming and outgoing payments.
This is expected to strengthen the detection and restriction of fraudulent transactions across the financial system.
The regulator also introduced additional safeguards for digital account opening and account reactivation.
Under the new requirements, accounts opened online must undergo liveliness checks to confirm that the account holder is physically present during the process.
Financial institutions are also required to validate all online account openings or reactivations in real time with the Bank Verification Number (BVN) or National Identification Number (NIN) databases.
The CBN said the new minimum standards for instant payment services will take effect from July 1, 2026, and apply to all financial institutions offering instant payment services in Nigeria.
What you should know
Earlier this year, the CBN had urged banks and other financial institutions to take prompt action in addressing emerging electronic fraud threats to safeguard Nigeria’s expanding digital payments ecosystem.
According to the bank, threats such as social engineering, SIM-swap abuse, insider compromise, and Authorised Push Payment (APP) scams were placing increasing pressure on Nigeria’s payment systems.
It, however, noted that fraud losses have declined despite the rapid growth in digital transactions, due largely to coordinated actions across the industry.
