Introduction: Nigerian Microfinance Banks Have a Hard Deadline  and Most Are Not Ready

Nigerian microfinance banks must now choose between two outcomes: build a compliant automated AML program by June 2026 or face the full weight of CBN enforcement. There is no middle ground.

 

The Central Bank of Nigeria's Circular BSD/DIR/PUB/LAB/019/002, issued on 10 March 2026, closes the long-standing compliance gap between deposit money banks and microfinance institutions. Every MFB from a unit-tier bank in Borno State to a national-license institution operating across 15 states is now legally required to implement an automated anti-money laundering system and submit a compliance roadmap to the CBN by 10 June 2026.

 

The assumption that smaller transaction volumes and lower-income clientele made the microfinance sector a low-risk AML environment has been formally and conclusively rejected. FATF's Mutual Evaluation of Nigeria identifies the microfinance sector as an active conduit for cash layering, informal trade-based money laundering, and proceeds from cyber fraud operations.

 

This guide explains exactly what the CBN requires, what a compliant program looks like in practice, and how your MFB can meet the June 2026 deadline.


 

Why the CBN Is Targeting Microfinance Banks in 2026

For most of the past decade, Nigerian microfinance banks operated under AML frameworks that were theoretically sound but practically informal. Branch compliance officers filed paper-based STRs. Sanctions screening was a monthly spreadsheet exercise. Customer risk profiles were assigned once at onboarding and rarely reviewed.

 

FATF's Mutual Evaluation of Nigeria exposed this gap in precise detail. The evaluation identified the microfinance sector as a key vulnerability in Nigeria's financial crime defenses, specifically because of its high cash volumes, agent banking penetration into underserved communities, and historically weaker supervisory intensity compared to commercial banks.

 

The CBN's 2026 baseline standards are Nigeria's direct legislative response ahead of its next FATF mutual evaluation cycle. The circular explicitly names "microfinance banks, mortgage institutions, finance companies, and any other CBN-regulated entity"  aligning MFBs with the same automated AML standards applied to tier-1 commercial banks, with an extended implementation timeline that provides a runway measured in months, not years.

 

The Real Cost of Inaction

Consider what happened to a mid-sized Nigerian MFB in 2024 when CBN examiners found no automated transaction monitoring in place. The institution had 43,000 active accounts, three of which were later traced to structuring activity for a Lagos-based cyber fraud syndicate. The MFB's MLRO was personally questioned, operational restrictions were imposed on its agent network, and the institution was required to engage a CBN-approved remediation firm at its own cost, a process that took eight months and disrupted its loan disbursement operations entirely.

That outcome is now the baseline risk for every MFB that fails to comply with the 2026 circular.


 

What an Automated AML System Must Do: The Five Core Requirements

1. Customer Due Diligence (CDD) Automation

2. Risk Scoring and Customer Risk Rating

3. Transaction Monitoring with Real-Time Rule-Based Alerts

4. Sanctions Screening Against All Major Lists

5. Automated STR Generation and NFIU Reporting

Youverify's AML screening solution is pre-configured for NFIU STR format compliance and CBN watchlist requirements, giving MFBs a ready-to-deploy path to the June 2026 deadline.


 

Customer Due Diligence Requirements Specific to Nigerian MFBs

1. Simplified CDD for Tier 1 Accounts

For low-value accounts, with a maximum single transaction of ₦50,000 and cumulative balance not exceeding ₦300,000  the CBN permits simplified CDD using BVN or NIN alone (biometrically matched) and a functional phone number linked to the BVN.

Simplified CDD does not reduce AML obligations. Transaction monitoring and sanctions screening apply equally to all account tiers.

 

2. Standard CDD for Tier 2 and Tier 3 Accounts

Full identity verification is required: government-issued photo ID, proof of address, and BVN linkage. For business customers, a significant segment for MFBs offering group loans and cooperative financing  KYB (Know Your Business) verification applies. This requires CAC business registration documents, beneficial ownership declarations, and business activity verification.

For a detailed breakdown of KYB obligations for business customers, see our KYB compliance step by step guide.

 

3. Enhanced Due Diligence Obligations

Under the MLPPA 2022 and CBN guidelines, EDD is mandatory for the following:

1. Politically Exposed Persons and their family members or close associates.

2. Non-face-to-face onboarded customers.

3. Customers from high-risk and monitored jurisdictions.

4. Customers exhibiting unusual patterns during initial due diligence.


 

The Five Most Common AML Compliance Gaps Found in Nigerian MFBs

Based on CBN examination findings and FATF typologies specific to Nigeria's microfinance sector, the five most frequent compliance failures are:

1. Manual STR Workflows

 

2. Outdated Sanctions Screening Lists

 

3. No Agent Channel Monitoring

 

4. Inadequate Risk Re-Rating

 

5. Weak Governance Documentation


 

AML Implementation Roadmap for Nigerian MFBs: A Practical Timeline

Given the 10 June 2026 roadmap submission deadline, MFBs have a defined and finite window. A defensible implementation sequence looks like this:

  1. Weeks 1–2: Conduct an internal AML gap assessment against the CBN baseline standards. Map existing processes against the five core requirements: CDD automation, risk scoring, transaction monitoring, sanctions screening, and STR filing.

     
  2. Weeks 3–4: Issue an RFP to AML technology vendors and shortlist solutions that integrate with your core banking platform (Temenos, Flexcube, InfiniCore, or equivalent).

     
  3. Weeks 5–8: Negotiate vendor terms, initiate contract, and begin integration planning with your core banking team.

     
  4. By 10 June 2026: Submit the implementation roadmap to the CBN, including vendor name, integration timeline, and milestone dates.

     
  5. Months 3–9: Execute deployment, user acceptance testing, staff training, MLRO workflow certification, and system go-live.

     
  6. Post-Go-Live: Establish a quarterly internal audit of AML system performance and a formal board-level reporting process for false-positive rates and STR filing volumes.


 

Conclusion: AML Compliance for Microfinance Banks in Nigeria Is No Longer Optional

The CBN Circular BSD/DIR/PUB/LAB/019/002 marks the end of the grace era for Nigerian microfinance banks. The 10 June 2026 roadmap deadline is not the finish line; it is the starting pistol. MFBs that submit a credible roadmap and then execute it with genuine operational discipline will build fraud-resistant, audit-ready institutions capable of scaling with confidence. Those that treat the circular as a documentation exercise will face escalating CBN scrutiny, personal liability for their compliance teams, and ultimately, the operational restrictions that come with being identified as a systemic AML risk.

 

Youverify's  AML and compliance platform has direct integrations with NIBSS for BVN verification, NIMC for NIN matching, and NFIU-format STR generation, meaning your MFB can move from gap assessment to compliant deployment within the June 2026 window.

To get started, Book a free demo today.


 

About The Author

Victoria is a senior compliance writer at Youverify with deep expertise in Nigerian financial regulation, CBN supervisory frameworks, and AML implementation for African financial institutions. She covers the intersection of regulatory technology and compliance program design across West Africa's banking and microfinance sectors.