The Central Bank of Nigeria (CBN) has directed banks to complete a mandatory cybersecurity self-assessment within three weeks as part of efforts to strengthen the financial system.
In a recent circular, the apex bank introduced a Cybersecurity Self-Assessment Tool (CSAT) to evaluate the cyber risk exposure of banks and other financial institutions.
“Institutions are required to submit their completed CSAT within the following timelines: i. Three (3) weeks – Deposit Money Banks (DMBs); ii. Five (5) weeks – All other regulated institutions.”
The CBN said the tool will assess key areas such as governance, risk management, technology systems, and incident response capabilities.
“The CSAT is a structured supervisory instrument designed to obtain comprehensive information on the cybersecurity posture of regulated institutions,” the CBN said.
It warned that all submissions must be accurate and complete, noting that false or misleading information would attract sanctions.
“Supervised institutions are reminded that all information submitted to the CBN must be accurate, complete, and verifiable…” the letter added.
