It was at the 1st National Cybersecurity Forum (NSCF) in June 2014, exactly ten years ago, that the Central Bank of Nigeria (CBN) made a shocking revelation about how Money Deposit Banks (MDBs) in Nigeria lost a total of N40 billion to internet fraudsters in the previous year, 2013.
Speaking at the forum organized by the Office of the National Security Adviser (ONSA), Taiwo Longe, the then Chief Information Security Officer (CISO) at CBN, lamented that the financial cost of cybercrimes far exceeds that of illicit drugs.
The resolutions at the forum, with other requests and demands from stakeholders in technology and legal sectors, influenced the office of the then National Security Adviser, Sambo Dasuki, to develop the first National Cybersecurity Policy and Strategy, a 61-page document in 2014. The document led to the signing into law the Cybercrime (Prevention, Prohibition, etc.) Act by former President Goodluck Jonathan at the twilight of his administration on May 15, 2015.
Since cybercrime encompasses various offences, including Computer Fraud, Cyberterrorism, Cyberextortion, Ransomware, Copyright Infringement, Child Pornography, and Espionage, among others, the Act provided an effective and unified legal, regulatory, and institutional framework for the prohibition, prevention, detection, prosecution, and punishment of cybercrimes in Nigeria.
The Act defines various cybercrimes and their corresponding penalties, including unauthorized access to computers, system interference, interception of electronic messages, computer-related forgery, fraud, and more. While it grants authorities the power to arrest, search, and seize evidence related to cybercrimes, it also outlines responsibilities for financial institutions related to cybersecurity and data protection.
Meanwhile, the National Cybersecurity Policy and Strategy was to be reviewed every five years to keep up with the ever-changing cyberspace; President Muhammadu Buhari’s administration revised it in 2021, seven years after the 2014 policy document.
Meanwhile, President Bola Ahmed Tinubu endorsed and signed the amendment to the Act in February of this year. Since then, the Office of the current National Security Adviser, Mallam Nuhu Ribadu, has been implementing and complying with the Act, with notable accomplishments in fighting financial crimes and other related offences, particularly in restoring local currency against the antics of speculators.
It is necessary to state that Senator Shehu Umar Buba, the Chairman of the Senate Committee on National Intelligence and Security, sponsored the amendments to the Act.
While presenting the bill for the amendment at the National Assembly in October 2023, Senator Buba sought, among other things, to correct errors contained in the principal Act and empower the NSA to monitor compliance with the Act. He stressed the complexity of interpreting and applying specific provisions of the Cybercrime Act 2015, which had stifled national cybersecurity efforts in the face of well-organized cyber syndicates and adversaries.
He pointed out that inadequate funding and lack of prioritization might undermine the gains of Nigeria’s digital economy and cybersecurity efforts. He, therefore, advocated the necessity of the amendment to address gaps and realign with changing realities.
The amendments passed by the National Assembly and approved by President Tinubu cover some sections of the Principal Act. They include sections on Electronic Signature, Reporting of Cyber Threats, Identity Theft And Impersonation, Cyberstalking, Conspiracy and Abetting, Manipulation of ATM/POS Terminals, Duties of Financial Institutions, Records Retention and Protection of Data, Coordination and Enforcement, establishment Of the National Cyber Security Fund, and Order of Forfeiture of Assets.
The amendment retains the power of the Office of the National Security Adviser (ONSA) to coordinate all security and enforcement agencies under the Act and provide support to all relevant security, intelligence, law enforcement agencies and military services to prevent and combat cybercrimes in Nigeria. It is also mandated to ensure the formulation and effective implementation of a comprehensive cyber security strategy and a national cyber security policy for Nigeria; establish and maintain a National Computer Emergency Response Team (CERT). The coordination centre is responsible for managing cyber incidences in Nigeria.
From all indications, the amendment has fixed some mistakes in the principal Act and gives ONSA more authority to ensure that the Act’s terms are complied with.
The modification eliminates obstacles that prevented the Act’s provisions from being properly implemented, especially the responsibilities of institutions and Organizations mentioned in the amendment. For instance, it replaces a “financial institution” with any “public or private organization” for clarity.
To avoid ambiguity, some terms, like the manipulation of ATM/POS Terminals, are clearly clarified. It added “any other payment technology means” to reflect new emerging tools.
Apart from providing a comprehensive legal framework for the investigation, prosecution, and sentencing, it also harmonizes and explains Nigeria’s strategy for combating cybercrime. For instance, on verification of customers carrying out Electronic financial transactions, financial institutions are now required to present a “National Identification Number issued by the National Identity Management Commission as additional to other valid” documents bearing names, addresses and other relevant information before issuance of cards and other related electronic devices.
Similarly, the levy paid to the National Cyber Security Fund on all electronic transactions valued by the business specified in the Second Schedule of the Act is 0.5%, equivalent to half a per cent rather than 0.005% in the principal Act.
The modification will surely increase security financial stability, safeguarding critical infrastructure, promotion cybersecurity, establishes clear punishments and strengthens collaborations.
All things considered, Nigeria’s Cybercrimes Act is an essential weapon in the fight against cybercrime and for safeguarding its population and vital infrastructure in the digital era.
sequences.
Mukhtar Ya’u Madobi, an NDA research student, is the author of “National Security Strategies: A Young Writer’s Perspective.” He wrote from Kano via ymukhtar944@gmail.com.
