Compliance Requirements For The Nigerian Financial Intelligence Unit

Introduction

In January 2026, the European Union Commission (EU Commission) updated its list of high-risk third country jurisdictions, effectively removing Nigeria from its Anti-Money Laundering and Counter-Terrorist Financing (AML/CFT) High-Risk Third Countries List. This follows the delisting of Nigeria from the Financial Action Task Force (FATF) grey list in October 2025.

This signifies a watershed moment in the country's battle against money laundering and terrorist financing. The achievement is the direct result of a coordinated reform agenda underpinned by key legislative enhancements such as the Money Laundering (Prevention and Prohibition) Act (MLPPA), 2022, and the Terrorism (Prevention and Prohibition) Act (TPPA), 2022, which strengthened institutional capacity, and a deeper collaboration with global partners like FATF and the Inter-Governmental Action Group Against Money Laundering in West Africa (GIABA)¹.

Nigeria's removal from the grey list and high-risk jurisdictions reflects its commitment to strengthening financial integrity and signals to global investors that its Anti-Money Laundering (AML) and Counter-Financing of Terrorism (CFT) frameworks now align more closely with international standards.

The central force in attaining this feat is the Nigerian Financial Intelligence Unit (NFIU), which is Nigeria's designated financial intelligence authority, an agency responsible for receiving, analysing, and disseminating financial intelligence² that helps law enforcement and regulatory authorities disrupt illegal financial flows.

This article explains what the NFIU is, how it came to be, why it matters to businesses, and the legal obligations that flow from Nigeria's AML/CFT framework.

What is the Nigerian Financial Intelligence Unit (NFIU) And Why is it Important?

The NFIU was first established in 2004 as an agency under the Economic and Financial Crime Commission (EFCC), with the responsibility of fighting against money laundering, terrorist financing and other financial crimes in Nigeria. Following the enactment of the Nigerian Financial Intelligence Unit Act, 2018, the NFIU transitioned to an agency domiciled within the Central Bank of Nigeria (CBN)³.

In accordance with its statutory mandate, the NFIU is now responsible for the following functions including but not limited to receiving reports, analysing financial data and reports, disseminating actionable intelligence to law enforcement, monitoring compliance on reporting obligations and advising supervisory authorities as to the discharge of obligations by the reporting entities.

The major reason for strengthening the NFIU through statute was to meet international standards under the FAFT's recommendations,⁴ following our addition to the FATF grey list. Countries on the grey list and the EU Commission's list of high-risk jurisdictions are those countries with weak money laundering and terrorist financing combat systems. Being grey listed or listed on the high-risk jurisdictions, makes it harder and more expensive for a country to carry out international financial transactions, as foreign banks are required to apply stricter checks. Nigeria's reforms especially the autonomy and clear legal powers given to the NFIU, was one of the key steps taken to fix these weaknesses and restore confidence in the country's financial system.

Who Must Report to the NFIU and What Should be Reported?

One of the core functions of the NFIU is to receive and analyse reports, as its effectiveness depends largely on the information it collects. To support this function, a website was created for this purpose known as the "goAML" portal which can be accessed on https://www.goaml.nfiu.gov.ng, in line with the FAFT recommendation.

The law places reporting obligations on Financial Institutions, Other Financial Institutions and Designated Non-Financial Businesses and Professions (DNBPs), (jointly called reporting entities) to submit reports to the NFIU⁵, which must meet specific statutory information requirements⁶.

It is worthy of note that DNBPs are answerable to the Special Control Unit against Money Laundering (SCUML), an arm of EFCC in relation to the enforcement of the provisions of the MLPPA⁷.

The above reporting entities are required to file the following reports in accordance with regulatory guidelines:

1. Suspicious Transaction Reports: These are reports about transactions that look unusual or raise concerns about possible money laundering, terrorist financing, kidnapping, fraud, corruption, drug trafficking or other serious crimes. If an employee or institution suspects something is not right, they must report it within 24 hours after discovering such transaction⁸. Also, the upgraded goAML portal requires that each report must include at least one predicate offence and indicator out of the categories provided.
2. Cross border Reports: Generally, any cross-border transfer of funds or securities exceeding USD $10,000.00 (or its equivalent) must be reported to the NFIU, and the Securities and Exchange Commission (SEC) within one day of the transaction activity⁹ and to the CBN (inclusive of domestic transfer of foreign currencies) within 7 days of the occurrence of the transaction¹⁰.
3. Currency Transaction Reports: Any transactions more than N5,000,000.00 or N10,000,000.00 in case of an individual or body corporate respectively are to be reported within 7 days¹¹. DNBPs involved in cash transactions are required to submit a declaration of activities prior to commencement of their business or within 3 months from the commencement of business¹².
4. NIL Report:Where there are no transactions to report, reporting entities are required to file a NIL report with NFIU and other regulatory authorities to show compliance with the provision of the law¹³.
5. Returns: DNBPs are required to file a return with SCUML over any currency transaction or wire transfers exceeding USD$1,000.00 (or its equivalent) within 7 days from the occurrence of such transaction¹⁴. Financial institutions and Other Financial Institutions are to file monthly returns to the CBN and NFIU on all transactions involving Politically Exposed Persons (PEP)¹⁵. Money or Value Transfer Service (MVTS) operators are required to file quarterly returns to the CBN and NFIU.¹⁶

Other reports include Compliance Reports to the CBN and NFIU at the end of June and December every year¹⁷, Reports on Frozen Assets¹⁸, and Monthly Reports to the Board of Financial Institution on AML/CFT/CPF compliance¹⁹.

Beyond reporting obligations, reporting entities are also obligated to implement other measures including establishing internal controls and compliance frameworks²⁰on AML/CFT, Know Your Customer (KYC)²¹, Customer Due Diligence (CDD)²²; risk management and assessment²³; appointing a compliance officer²⁴; developing systems to monitor and report suspicious activity²⁵; training of employees on AML/CFT/CPF measures²⁶; keeping records and submitting registers²⁷; and maintaining records for at least 5 years after a transaction is completed²⁸.

Failure to comply with reporting obligations and other provisions of the law as it relates to combating money laundering²⁹ and terrorism attracts a fine, imprisonment, both fine and imprisonment, suspension of licence for financial institutions³⁰ and other administrative penalties³¹.

Implications for Nigerian Businesses

Nigeria's removal from the FATF grey list and the EU Commission's list of high-risk jurisdictions does not mean that businesses can relax their compliance efforts. On the contrary, it signals stronger regulatory oversight and places a greater responsibility on businesses to remain compliant, vigilant, and proactive.

The NFIU and Nigeria's AML/CFT legal framework are important for businesses that operate under any of the reporting entities. Compulsory reporting and rigorous documentation not only ensure legal compliance but also enhance Nigeria's financial stability and the overall credibility of its business environment.

Below is a schedule of checklist that every business must comply with to meet statutory requirements:

1. Determine if your business is a reporting entity in Nigeria i.e. if your business receives, pays, transfers, or manages money or value for customers or facilitates high-value transactions, then you qualify as a reporting entity;
2. Appoint a compliance officer or a money laundering reporting officer (preferably a lawyer). Ensure such a person is registered on the goAML portal as a user reporting entity;
3. Registration with NFIU as a reporting entity on the goAML portal. This entails registering with the business' industry regulator such as the CBN, SEC, CAC, SCUML etc.; submitting a letter of introduction to NFIU accompanied with CAC registration documents, licence operation issued by industry regulator, evidence of the appointment of a compliance officer, and evidence of the regulators' approval of the compliance officer;
4. Curate an internal AML/CFT framework. It is important for your business to have documented internal controls, proportionate to its size and risk profile;
5. Conduct risk assessment and risk management;
6. Conduct Know-Your-Customer (KYC) and Customer Due Diligence activities;
7. Ensure you file mandatory reports to the NFIU within the stipulated time frames;
8. File reports to all industry regulators within the stipulated time frames;
9. Maintain record keeping obligations; and
10. Staff awareness and training in prevalent AML/CFT requirements e.g. the recent upgrade to the goAML portal will require training to interact with the platform properly.

Conclusion

For any business that handles customer funds, facilitates high-value transactions, or operates in sectors such as fintech, real estate, professional services, or cross-border trade, AML/CFT compliance is no longer just a "banking issue", it has become a critical factor for business survival. Nigeria's exit from the FATF grey list and the EU Commission's high-risk list does not mean that the regulatory burden has eased; on the contrary, expectations have heightened. Regulators now demand consistent, proactive, and thorough compliance, rather than occasional or reactive reporting.

This means businesses must embed AML/CFT principles into their daily operations, train staff rigorously, maintain accurate records, and continually assess and manage risk. Firms that take these obligations seriously not only avoid legal and financial penalties but also strengthen trust with customers, investors, and international partners.

In today's global financial environment, compliance is no longer optional, it is an essential foundation for sustainable growth, credibility, and long-term success.

Footnotes

1. O Bayo, 'Presidential Address on the Delisting of Nigeria from the FATF Grey List' (2025) https://statehouse.gov.ng/president-tinubu-welcomes-the-delisting-of-nigeria-from-the-fatf-grey-list-says-nigeria-is-committed-to-global-financial-transparency/ accessed 29 January 2026

2. Section 2(1) NFIU Act, 2018

3. Section 2 (2) NFIU Act, 2018

4. The FAFT Recommendations by the International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation

5. Section 3(1) (b) NFIU Act, 2018, Section 30 MLPPA, 2022

6. Section 11 Money Laundering (Prevention and Prohibition) Act, 2022 (MLPPA)

7. Section 17 MLPPA, 2022

8. Section 7 MLPPA, 2022, Section 84 TPPA, 2022 and Regulations 4, 37 & 39(11) CBN (Anti-Money Laundering, Combating the Financing of Terrorism and Countering Proliferation Financing of Weapons of Mass Destruction in Financial Institution) Regulations, 2022

9. Section 3 MLPPA, 2022

10. Regulation 40(2)(4) CBN (AML/CFT/CPF) Regulations, 2022

11. Section 2 and 11 MLPPA, 2022 and Regulation 40(1) CBN (AML/CFT/CPF) Regulation, 2022

12. Section 6 MLPPA, 2022

13. Regulation 13 CBN (AML/CFT/CPF) Regulation, 2022 and Guideline 3 NFIU Guidelines 2012

14. Ibid

15. Regulation 29 CBN (AML/CFT/CPF) Regulation, 2022

16. Regulation 32 Ibid

17. Regulation 42 (4) Ibid

18. Regulation 6 Ibid

19. Regulation 9 Ibid

20. Section 10 MLPPA, 2022 and Regulation 8 CBN (AML/CFT/CPF) Regulation, 2022

21.Section 4 MLPPA, 2022

22. Ibid and Part IV, V and IX CBN (AML/CFT/CPF) Regulations, 2022

23. Ibid

24. Ibid

25. Ibid

26. Regulation 41 CBN (AML/CFT/CPF) Regulation, 2022

27. Section 5 MLPPA, 2022

28. Section 8 MLPPA, 2022, Sect 83 TA, 2022 and Regulation 33 CBN (AML/CFT/CPF), 2022

29. Section 18-20 MLPPA, 2022 and Regulation 70 CBN (AML/CFT/CPF), 2022

30. Section 10 MLPPA, 2022

31. Section 27 MLPPA, 2022

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.