By Reuben Abati
The report that President Bola Tinubu has now ordered the Central Bank of Nigeria (CBN) to suspend the implementation of the proposed Cybersecurity Levy must come to many Nigerians as some sort of relief, but before we deal with the sense or non-sense of the levy itself, where does this leave the autonomy of the CBN? The Presidency has tried to walk back the narrative by saying that the directive is to the Office of the National Security Adviser (ONSA), and not the CBN, but come off it, it is the CBN that has given a directive to the banks, ONSA is to manage the fund, and receive 40% of whatever is collected by the CBN.
It is therefore not surprising that many civil society groups and experts have raised questions about the law, the process, and the policy. These include the Nigerian Labour Congress (NLC), the Trade Union Congress (TUC), NACCIMA, KPMG, Afenifere, Northern Elders Forum, Coalition of Northern Groups, Centre for the Promotion of Private Enterprise (CIPPE), BudgIT, SERAP and others. The CBN directive is based on Section 44 (2) of the Cybercrime Prevention and Prohibition Act of 2024, itself an amendment of the same law of 2015.
In an informed opinion, Femi Falana, SAN, has raised the point that the CBN misinterpreted the law and that the act itself is contradictory. His specific reference is to the fact that the CBN wrongly directed all financial institutions to apply the levy at the point of electronic transfer origination, and to be so explicitly noted in customer accounts under the description Cybersecurity Levy and remitted to the CBN. Falana argues that the erroneous impression has been created that the levy is payable by individual customers using the services of commercial banks, payment system banks, non-interest banks, merchant banks, mobile money operators, and payment service providers. The phrase “businesses” in the 2015 Act has been substituted for “business” in the 2024 amendment, and there is confusion as to whether the levy is 0.005% or 0.5%. He argues further that the CBN owes Nigerians an apology for the misleading interpretation of the clear and unambiguous provisions of the Act to wit: Section 42(a) which makes it clear that the levy shall be applicable to GSM providers, Internet service providers, banks and other financial institutions, insurance companies and the Nigerian Stock Exchange.
Falana’s position was subsequently on all fours with the decision of the House of Representatives that the implementation of the levy should be suspended because, as Hon. Kingsley Chinda puts it, it contradicts the Second Schedule of the Act. Last Thursday, Hon. Chinda, representing Obio/Akpor constituency moved a motion for the immediate halt and modification of the levy announced by the CBN on May 6. The House concurred, and so resolved. However, the Senate speaking through Senator Shehu Umar Buba, Chair of the Senate Committee on National Security and Intelligence, argued that the CBN circular is in line with the Act as amended and that there are exemptions duly stated in the law. These exemptions, 16 in all are listed in the appendix to the CBN circular, but what we see is apparent confusion even among the lawmakers, despite the fact that the best way to know the value of any law is through its implementation.
This is one clear instance in which the implementation of a law has been subjected to a rigorous test and robust opinion by those it is meant to serve. The law has raised some interesting questions that should serve as a necessary guide: Can public institutions be funded directly by bank deposits with the CBN as a collecting agent? Can the Office of the National Security Adviser receive unappropriated funding for its activities? Since banks already charge fees for electronic transfers, does the electronic transfer levy for cybercrime protection not amount to double taxation? Should ONSA be a revenue-collecting agency? And how do we reconcile the obvious confusion in the law?
Olisa Agbakoba, SAN has since added his voice to the controversy by noting that the cybersecurity levy is unconstitutional. It runs counter to the letter and spirit of Section 162(1) and 162(3) of the 1999 constitution which make it clear that all federally collected revenue must go into the Federation Account and “shall be distributed among the federal and state governments and the local government councils in each state on such terms and in such manner as may be prescribed by the National Assembly”. A combined reading of both sections is instructive. It has been argued that some agencies such as the Federal Inland Revenue Service (FIRS), Nigeria Ports Authority (NPA), Nigerian Maritime and Safety Agency (NIMASA) and Customs retain a percentage of their revenue. Still, the point is clear that ONSA cannot transform itself into a revenue collection agency. Agbakoba has served notice that he will challenge the law in court. SERAP has already gone to court on the same matter in suit number FHC/LCS/822/2024 filed at the weekend to seek an order of interim injunction against the CBN.
In sum, the key arguments against the Cybersecurity Levy are that the timing is bad, it is not a good idea and that the 2024 Amendment is fuzzy, the proposed implementation is unconstitutional. Senator Buba who has been most vociferous in defending the law says “It is customary that a public hearing is held before every bill is passed, and the amendment of the Cybercrime Act 2024 was no exception, involving the participation of people from all spheres of human endeavour who witnessed the process.” Nigerians are asking where were we when this law was amended and passed. Perhaps there is a lesson here about the need for the Nigerian citizenry to be more vigilant and attentive where lawmaking is concerned. Buba adds that “Nigeria’s Cyber Threat profile extends far beyond cybercrime, with other major cyber threats classified under the National Cybersecurity strategy. To survive as a nation, the current weak approach to enforcing national cybersecurity directives must be re-examined and prioritised, among other considerations. The country must fund its cybersecurity and counter-terrorism programme independently, not through foreign aid.” I have not heard anyone disagreeing with the fact that Nigeria needs a strong cybersecurity framework.
Even the International Monetary Fund (IMF) referred to the importance of a cybersecurity framework during the presentations of its Article IV Consultation Report. Despite the people’s scepticism about the IMF and its bitter pills, nobody has raised any objection against this observation. What the people are saying is that a cybersecurity levy is likely to harm businesses which already pay more than 40 taxes. It will drive people away from the banking system since it would be wiser to keep money at home than go through formal payment systems and be over-taxed. By introducing the cybersecurity levy, the government has inadvertently hobbled its financial inclusion and cashless transaction policy. KPMG has made the point that government cannot achieve economic growth through over-taxation. Dr. Ngozi Okonjo-Iweala, the Director General of the World Trade Organization (WTO) has said Nigeria needs to streamline its taxes.
Nobody likes the tax man. But what bothers Nigerians is the fact that the Tinubu administration keeps sending mixed signals about its revenue drive. Both the CBN governor, Yemi Cardoso, and the minister of finance, Wale Edun, once famously said that the Tinubu administration is not out to tax people to raise revenue, even if it would broaden its revenue collection strategies. Chairman of the Presidential Fiscal Policy and Tax Reforms Committee, Taiwo Oyedele, at the closing out session of the body over the weekend, said 95% of the informal sector should be exempted from all taxes, especially businesses earning N25 million a year or less. His words: “We think that the informal sector are people who are trying to earn a legitimate living, we should allow them to be, and support them to be…” The Tinubu administration has a good supply of people who say the right things but do the very opposite.
President Tinubu himself promised “renewed hope” but Nigerians have never been this nervous. For no fault of theirs, the people have been the target of a heavy burden of multiple taxation: the very day that President Tinubu assumed office on May 29, 2023, he removed fuel subsidy, the same subsidy removal that the Buhari administration cleverly avoided. Life has become harder for Nigerians since then, and the price of everything has gone up and keeps going up, against the natural law of gravitation. Headline inflation is over 32%, threatening to go higher (experts are projecting that it could go as high as 34% when the National Bureau of Statistics announces April inflation figures tomorrow), food inflation is at an unprecedented level in known history. The electricity tariff of N206.80 for Band A customers has thrown many homes into darkness and agony, the DISCOs do not provide 20 hours of electricity as promised, and the people cannot pay because they are overburdened. Businesses are naturally transferring their burdens to the people. Telecommunication operators have asked for the leave of the Nigeria Communications Commission (NCC) to increase call rates. Cable TV service providers have also hiked their rates. Organised Labour is fighting for a minimum wage but the minimum of N615,000 that they are asking for sounds airy. Nigeria has become dystopian and what the people cannot understand is how government officials carry on as if they live in paradise.
It is important to fund cybersecurity, yes, but that money can come from plugging wastages in government. Ministers go about in a convoy of exotic vehicles, and lawmakers in Abuja ride SUVs which they pass on as project vehicles but we all know that no lawmaker inspects any project. And by the way, what happened to the Nigerian government’s monetisation policy? The salary of ministers was adjusted upward years back to address accommodation and transportation needs, but the government has refused to implement the policy. It is easier to impose hardship on the people, but the easiest option is not always the best.
What also irks the people is the lack of accountability, and the opaqueness at the heart of government processes. The cybersecurity levy would raise over N4 trillion annually, and 40% of that would be managed by the ONSA. Defence and security already take the bulk of government budget and expenditure every year, and yet insecurity remains Nigeria’s major problem. Even if Nigerians understand the importance of cybersecurity, they do not trust their government enough to pay additional taxes. And why is the CBN involved in the collection of tax – what is primarily a fiscal policy function? Is the CBN a pawn in a revenue collection game? It has now been driven into a corner.
Much worse is the fact that some banks did not even wait till the specified date of May 20 in the CBN circular; they have started taking people’s money, duly stating the same as the cybersecurity levy. Nigerian banks must resist the temptation to act as criminal enterprises. They don’t serve their customers well – always complaining that there is no money or that their network is down. When they manage to pay across the counter, they give out dirty, torn notes. Most of the ATMs in banks across the nation no longer dispense cash. Mobile payment operators have more cash than the banks and are far more reliable, and Naira retailers at social events have new notes that are not available in the banks! All the banks that have collected cybersecurity levies from their customers, ahead of May 20, must refund all the deductions, with an apology. Banks should serve their customers and not steal from them! Thievery is incompatible with the task of financial intermediation.
President Tinubu has directed that the implementation of the cybersecurity levy should be suspended. This is a welcome development. It makes the people happy. It shows that the government has listened to the yearnings of the people. This is a habit that the Tinubu administration should cultivate: to restore hope, the government must avoid anti-people policies. The CBN has yet to withdraw its circular on cybersecurity levy. It must do so forthwith, otherwise the banks would insist that they have not received any counter-directive from the regulator. The withdrawal must be well-publicised, and there must be an apology attached to it. But that is not the end of the matter.
The national assembly must take another look at the amended act and re-amend it further. Members of that assembly are in Abuja to defend the people’s interests and promote the common good. It is downright offensive to see the Senate and the House of Representatives arguing over a piece of legislation that they both worked on and passed. Their confusion is unhelpful. On the Cybersecurity Prevention and Prohibition Act of 2024 (as amended), they need to go back to the drawing table and be properly guided by public responses.
Besides, as Agbakoba SAN has rightly argued, the national assembly cannot make subsidiary legislation that bypasses the constitution and puts federally collected revenue in the hands of an agency. This was the decision in AG Rivers State vs. AG Federation and others in 2022, where the court upheld the provisions of Section 162(3) of the 1999 Constitution about the controversy over the Nigeria Police Trust Fund. And let everyone pay attention to their schedule: it doesn’t look tidy having the president overruling the central bank.