Nigeria's financial regulator has given data centre operators until January to comply with sweeping new rules requiring all data related to the country's banking and payments systems to be hosted locally — a mandate that is already exposing gaps in infrastructure capacity and raising questions about foreign investment in Africa's largest economy.

CBN's Local Hosting Directive Takes Effect

The Central Bank of Nigeria issued the mandate requiring financial institutions and payment service providers to store customer data within the country's borders. The directive targets a sector that has grown rapidly as mobile money and digital banking expand across West Africa. Officials at the CBN confirmed the January deadline in correspondence reviewed by local media, though the regulator declined to specify which exact date without further formal announcement.

Nigeria's CBN Mandate Forces Data Centre Rush — By January Deadline — Artificial Intelligence
Artificial Intelligence · Nigeria's CBN Mandate Forces Data Centre Rush — By January Deadline

The policy marks a significant shift from previous guidance, which allowed data to be stored overseas as long as adequate security measures were in place. Now, every transaction record, customer profile, and system log generated by Nigeria's banking sector must reside on servers physically located within Nigeria.

Infrastructure Gaps Threaten Compliance

<

Industry executives say meeting the January deadline has become a race against time. A survey by the Nigeria Data Protection Commission found that fewer than half of licensed data centres currently operating in Lagos, Abuja, and Port Harcourt meet the tier certifications required under the new framework. Several smaller providers lack the redundancy systems and physical security standards the CBN now demands.

One major international cloud provider recently announced a joint venture with a Lagos-based operator to expand local capacity, a move industry watchers see as a direct response to the mandate. The partnership aims to add several hundred rack units of new hosting space before the compliance window closes.

Foreign Investors Reassess Strategies

The directive has created a complicated calculus for multinational companies that had previously routed Nigerian data through European or American data centres. Several firms have begun relocating operations, but the process involves significant capital expenditure and technical complexity. Legal experts in Lagos warn that companies missing the January deadline could face regulatory penalties, licence suspensions, or mandatory cessation of certain digital services.

The CBN has remained firm, arguing that data sovereignty protects consumers and strengthens the national financial infrastructure. The governor of the CBN, in remarks delivered at a fintech conference, stated that Nigeria cannot rely on foreign jurisdictions to safeguard the financial records of its 200 million citizens. That position has resonated with national security advocates but has alarmed international partners accustomed to global data flows.

Market Implications and Cost Pressures

Local data centre operators are suddenlyFielding far more inquiries than anticipated. Pricing for colocation services in major Nigerian cities has already moved upward as demand outstrips supply. Analysts tracking the sector estimate that compliance-related infrastructure spending could exceed several hundred million dollars across the industry, though precise figures remain difficult to confirm as deals are still being negotiated.

Banks and payment firms are weighing the costs of building proprietary data centres against the ongoing expense of leasing space from third-party providers. Smaller fintech companies, many of which operate on thin margins, face the steepest challenge. Some have begun exploring mergers or partnerships simply to pool resources and share hosting infrastructure.

What Comes Next

Regulators are expected to release detailed enforcement guidelines before the January deadline arrives. The Data Protection Commission has scheduled a series of industry consultations in Abuja over the coming weeks. Companies that have already achieved compliance will likely gain preferential treatment in regulatory reviews, according to officials familiar with the review process.

The true test will arrive when the deadline passes and auditors begin examining whether the sector has truly moved its data home. Industry insiders suggest that some grace period for technical corrections may be built into the final enforcement rules, though nothing has been confirmed. For now, every data centre operator in Nigeria is counting down the days until January.

See Also

Editorial Opinion

Officials at the CBN confirmed the January deadline in correspondence reviewed by local media, though the regulator declined to specify which exact date without further formal announcement.The policy marks a significant shift from previous guidance, which allowed data to be stored overseas as long as adequate security measures were in place. Now, every transaction record, customer profile, and system log generated by Nigeria's banking sector must reside on servers physically located within Nigeria.Infrastructure Gaps Threaten Compliance

— networkherald.com Editorial Team
Poll
Do you believe this story will have a lasting impact?
Yes55%
No45%
529 votes
Alex Turner
Author
Alex Turner is a technology journalist covering artificial intelligence, machine learning, and the software industry. Based in New York, he tracks the development of large language models, AI regulation, and the companies reshaping enterprise software and consumer applications.

Alex has reported on AI developments from Silicon Valley to Brussels, covering everything from foundation model releases to regulatory hearings in the US Congress. He holds a degree in computer science from MIT and has contributed to leading technology publications for eight years.