The Central Bank of Nigeria, CBN, has issued operational guidelines for open banking in the country.
This is contained in a circular dated March 7, 2023, and signed by the Director of Payments System Management Department, Musa Jimoh.
Open banking is the sharing of financial information electronically, securely, and only under conditions that customers approve of it.
It enables third-party developers to build applications and services around the financial institution, particularly the banks that hold customer data.
The CBN said it developed the guidelines in collaboration with industry stakeholders.
“The adoption of Open Banking in Nigeria will foster customer permissioned data between banks and third-party firms to enable the building of customer-focused products and services,” the circular reads.
“It also aims to enhance efficiency, competition and access to financial services in Nigeria. All stakeholders are required to ensure strict compliance with the guidelines and all other regulations, as the CBN continues to monitor developments and issue guidance as may be appropriate”, added the Circular’
The CBN guidelines specified the responsibilities of different entities participating in open banking as well as the processes involved in the chain of exchange.
“Entities participating in Open banking shall be categorised based on the following roles. Participants shall assume a role depending on the services:
i. API Provider (AP): This refers to a participant that uses API to avail data or service to another participant. An API Provider can be a licensed financial institution/service provider, a Fast-Moving Consumer Goods (FMCG) Company or other retailers, Payroll Service Bureau etc,” the apex bank said.
“ii. API Consumer, AC,: This refers to a participant that uses API released by the, API, providers to access data or service. An API Consumer can be a licensed financial institution/service provider, an FMCG or other retailers, Payroll Service Bureau etc.
”iii. Customer: This refers to the data owner that shall be required to provide consent for release of data for the purpose of accessing financial services.”
The CBN also said it would provide and maintain an open banking registry (OBR) for the industry.
It said the OBR would be a public repository for details of registered participants.
The CBN said the OBR would be maintained to provide regulatory oversight on participants, enhance transparency in the operations of open banking and ensure that only registered institutions operate in the ecosystem.
“Each participant shall be identified by its CAC business registration number, which shall be the unique key across the OBR system,” stressed the apex bank.
“The OBR shall maintain an API interface, defined within these guidelines, which shall serve as the primary means by which API (Application Programming Interface) providers manage the registration of their API consumers.”
The apex bank said customers would be required to provide explicit consent for the use of their data.
It said customers’ consent should be obtained in the same form the agreement was presented and a copy of the consent of the customer shall be made available to the customer and preserved by the participant.