In Part One, we established why the CBN’s new Baseline Standards for Automated AML Solutions rank among the world’s best. Here, we examine the risks those Standards create and the hard governance work that genuine compliance requires.
A regulatory framework is only as valuable as the quality of its implementation.
The CBN has been explicit on this point from the opening pages of its new Baseline Standards – they are designed to ensure “demonstrable effectiveness and not merely feature-based compliance or vendor-driven implementation”.
That phrase is both an aspiration and a warning. It tells institutions precisely what the CBN will be looking for when it examines compliance and what will not satisfy it.
What follows is an analysis of the ten most significant risks embedded in the new framework, explained in terms that non-technical readers can follow, with the supporting detail and specific Standards references that Compliance Officers and Risk Managers need to act on.
AI models are bound by the quality and representativeness of the data on which they are trained. Historical AML/CFT data in Nigeria may be incomplete, inconsistently labelled or reflective of past investigative priorities rather than current risk typologies. A model trained on this data inherits its gaps and distortions.
The Standards’ requirement in §5.4a.vi to incorporate credible external data sources to enhance risk scoring is sound policy, but it expands the risk surface. External feeds introduce data provenance questions – a feed that is poorly maintained, commercially motivated or (in an adversarial scenario) deliberately manipulated to influence model outputs can corrupt risk scoring in ways that standard validation does not easily detect. Adversarial manipulation of ML systems is a recognised and studied attack vector in cybersecurity research.
What institutions must do – Document data lineage (provenance, labelling standards, update frequency and quality metrics) for all training and calibration data. Maintain a risk register for external data feeds, treating each as a potential control vulnerability. Cross-reference feeds where possible to prevent single-source dependency. ISO 42001, which §6d makes mandatory, provides the governance framework for this discipline.
