Skip to main content

Nigerian Tax Calculator & Compliance Platform - KeepAm

    We use essential cookies to keep things running smoothly. Our analytics are privacy-friendly and don't track you. Learn more

    KeepAm
    Published March 2026

    CBN AML Baseline Standards: Complete Guide for Nigeria 2026

    In March 2026, the Central Bank of Nigeria published new baseline standards for automated Anti-Money Laundering systems. Here's what it means for accountants, fintechs, and their business clients — and how to stay compliant.

    Calculate Your Tax

    Last updated: March 2026

    What is CBN AML Baseline Standards?

    Quick Answer

    The CBN now requires all regulated entities to implement automated AML systems with risk-based profiling, real-time monitoring, and immutable audit trails. Accountants managing client finances must ensure records meet these standards. KeepAm's built-in fraud scoring, anomaly detection, and audit-trail architecture already align with the core requirements.

    Who Must Comply?

    The CBN circular applies to a broad range of entities operating in Nigeria's financial ecosystem. While the automated-system mandates target banks and fintechs first, record-keeping obligations extend to all regulated professionals.

    Banks & Financial Institutions

    Commercial banks, merchant banks, microfinance banks, and development finance institutions.

    Fintechs & Payment Processors

    Mobile money operators, payment service providers, and electronic payment platforms.

    Designated Non-Financial Institutions

    Accountants, auditors, tax consultants, lawyers, real-estate agents, and dealers in precious metals (DNFIs).

    Other Reporting Entities

    Insurance companies, pension fund administrators, capital-market operators, and bureau de change.

    Key Requirements: The 6 Pillars

    The CBN baseline standards are organized around six core pillars that every automated AML system must address. Here's what each pillar requires.

    1. Risk-Based Profiling

    Entities must assign risk scores to customers and transactions using machine-learning models. The CBN specifically requires model explainability — you must be able to demonstrate why a transaction was flagged, not just that it was flagged.

    2. Transaction Monitoring

    Continuous, real-time monitoring of customer transactions for suspicious patterns. Systems must detect velocity anomalies, unusual geographic activity, structuring attempts, and deviations from established customer profiles.

    3. Sanctions Screening

    Automated screening of customers and counterparties against sanctions lists (UN, OFAC, EU, and Nigeria's own NFIU lists). Systems must support fuzzy matching and near-real-time list updates.

    4. Record Keeping

    All transaction data, risk assessments, and case decisions must be retained for a minimum of 5 years in immutable, auditable logs. Records must be producible for regulatory examination within 72 hours of request.

    5. Model Governance

    AML models must be independently validated at least annually. Entities must maintain documentation of model design, training data, performance metrics, and bias assessments. Model drift must be monitored continuously.

    6. Case Management

    A structured workflow for investigating alerts — from initial triage through investigation, escalation, and resolution. Every case must have an audit trail showing who reviewed it, what decision was made, and when.

    Implementation Timeline

    The CBN has set a phased compliance schedule to give different entity types adequate preparation time.

    MilestoneDeadlineWho
    Compliance roadmap submissionJune 2026All regulated entities
    Banks — full complianceSeptember 2027Commercial & merchant banks
    Fintechs — full complianceMarch 2028Payment processors, MMOs
    DNFIs — record-keeping alignmentDecember 2027Accountants, auditors, lawyers
    Annual model validation (ongoing)Every 12 monthsAll entities with automated systems

    What This Means for Accountants

    While accountants aren't required to build their own automated AML systems, the standards create three important obligations and one major opportunity.

    Record-Keeping Standards

    Client financial records you manage must meet the 5-year retention, immutability, and 72-hour production requirements. Paper-based or spreadsheet-based systems will increasingly fail regulatory scrutiny.

    Client Advisory Duty

    Accountants advising banks, fintechs, or other regulated entities have a professional duty to understand these standards. Clients will expect you to help them assess readiness and identify gaps.

    Advisory Opportunity

    The compliance gap is large. Many SMEs and fintechs lack internal expertise. Accountants who understand AML requirements can offer high-value advisory services — from gap assessments to compliance-roadmap preparation.

    Review all client record-keeping practices against the 5-year retention standard
    Ensure audit trails exist for every financial transaction you manage
    Advise bank and fintech clients on compliance-roadmap preparation (due June 2026)
    Assess whether your current tools produce immutable, exportable logs
    Consider offering AML-readiness advisory as a new service line

    How KeepAm Keeps You AML-Ready

    KeepAm isn't a standalone AML platform — it's a tax compliance tool whose architecture already incorporates key AML-aligned controls. Here's how our existing capabilities map to CBN requirements.

    Risk-Based Fraud Scoring

    CBN: ML Model Explainability

    Real-time scoring engine assigns risk levels to transactions with explainable risk factors — directly addressing CBN's requirement for transparent, auditable ML models.

    Login Anomaly Detection

    CBN: Transaction Monitoring

    Behavioral profiling detects unusual country, device, and time-of-day patterns, satisfying CBN's mandate for continuous monitoring of customer activity.

    Immutable Audit Trails

    CBN: Record Keeping & Reporting

    Every action is logged across activity_logs, compliance_events, and sensitive_access_logs — meeting CBN's 5-year record-retention and regulatory-reporting requirements.

    Case Management & Review

    CBN: Alert & Case Workflow

    Admin review workflow for flagged activities with resolution tracking, notes, and escalation paths — aligned with CBN's alert-management and case-lifecycle standards.

    Already Aligned

    Every KeepAm account benefits from these controls by default. No add-ons, no extra configuration. Your financial records are AML-ready from day one.

    View Our Security Architecture

    Penalties for Non-Compliance

    ViolationPenaltyNotes
    Failure to implement automated AML systemUp to ₦10,000,000 per violation-
    Inadequate transaction monitoring₦5,000,000 + mandatory remediation-
    Missing or incomplete audit trails₦2,000,000 – ₦5,000,000-
    Failure to file Suspicious Transaction Reports (STRs)₦1,000,000 per unreported transaction-
    Non-submission of compliance roadmap by deadlineRegulatory warning + ₦1,000,000-
    Director/officer personal liabilityUp to 3 years imprisonmentUnder ML(PP) Act 2022

    Avoid penalties: Set up reminders for all filing deadlines. KeepAm sends automatic notifications before each due date.

    Frequently Asked Questions

    Stay Compliant with KeepAm

    Track all your tax obligations, get deadline reminders, and generate filing-ready reports with KeepAm.

    Start Free Try Calculator