The Central Bank of Nigeria (CBN) has directed banks and other financial institutions to complete a newly deployed cybersecurity self-assessment tool (CSAT) as part of efforts to strengthen resilience across the financial system.
In a March 30 circular, the apex bank said the tool aligns with its mandate under BOFIA 2020 and is aimed at evaluating the cybersecurity posture of regulated institutions.
According to the CBN, insights derived from the CSAT will support risk-based supervision and enhance regulatory oversight of cybersecurity risks across the financial system.
“Accordingly, all the referenced institutions are required to complete and submit the CSAT through a dedicated submission portal,” the circular stated.
The regulator added that access to the submission portal and guidance would be provided to chief information security officers and other relevant officials of the affected institutions.
The CBN stated that all submissions must reflect data as of December 31, 2025, and include supporting documentation where necessary.
The apex bank cautioned that submitting false, misleading, or inaccurate information would be treated as a regulatory breach and punished in accordance with BOFIA 2020.
It also noted that validation exercises, including off-site reviews and supervisory engagements, would be conducted to verify the accuracy of submissions