The Asudemade Perspective Editorial on Sunday

The Central Bank of Nigeria’s directive requiring banks, fintech companies and other payment service providers to localise payment data generated within the country by January 2027 has triggered intense debate among stakeholders. While some have expressed concerns about the relatively short timeline for compliance, the policy itself is a significant step towards strengthening Nigeria’s digital sovereignty and deepening the country’s digital economy.

For too long, valuable data generated by Nigerians have resided outside the country’s jurisdiction, making oversight difficult and exposing critical national assets to foreign regulatory, commercial and geopolitical interests. In the digital age, data is often described as the new oil. If crude oil can drive economies, data has become the fuel of modern finance, commerce, governance and innovation.

The principle behind data localisation is therefore sound. Financial transactions, payment records and sensitive consumer information generated within Nigeria should, as much as possible, be stored and managed within Nigerian territory where Nigerian laws apply. Such an arrangement enhances national security, strengthens regulatory oversight, improves cyber resilience and reduces dependence on foreign infrastructure.

Beyond sovereignty, the policy presents a remarkable economic opportunity. The requirement will stimulate investment in data centres, cloud computing infrastructure, fibre-optic networks, cybersecurity services and related technology ecosystems. Thousands of direct and indirect jobs could emerge from the expansion of digital infrastructure. Nigerian engineers, software developers, network specialists, cybersecurity professionals and data analysts stand to benefit from increased demand for their expertise.

Local universities and technical institutions must therefore begin to align their curricula with emerging opportunities in data management, cloud engineering, artificial intelligence, cybersecurity and digital infrastructure management. The next generation of Nigerian entrepreneurs should view data localisation not merely as a regulatory requirement but as a new frontier for wealth creation.

Financial institutions and fintech companies will also have opportunities to develop innovative products tailored to local realities. Faster access to locally hosted data could improve service delivery, reduce latency and strengthen business continuity.
However, data localisation should not become an avenue for exploitation.

The migration of critical payment infrastructure to local data centres could inadvertently create market concentration in which a few operators acquire excessive influence over a vital segment of the economy. Such concentration may lead to arbitrary pricing, anti-competitive practices and overdependence on a limited number of service providers.

Regulators must therefore remain vigilant.
The Central Bank of Nigeria, the National Information Technology Development Agency (NITDA), the Nigeria Data Protection Commission (NDPC), the Nigerian Communications Commission (NCC) and other relevant agencies should establish clear rules governing pricing transparency, service-level obligations and operational standards.

No single data-centre operator should become “too big to fail.” Regulators should encourage competition by creating a level playing field for both established and emerging operators. They should require periodic audits, enforce strict cybersecurity standards and mandate redundancy arrangements to ensure that critical financial infrastructure is not concentrated in one location or under one provider.

Consumer protection must remain central to the implementation process. Nigerians deserve assurances that their personal and financial information will not be abused, monetised without consent or exposed to unauthorised parties. Strong sanctions must await any organisation found guilty of data misuse, privacy violations or cybersecurity negligence.

The data-centre operators themselves also have important responsibilities. As demand increases, operators must invest aggressively in infrastructure resilience. They should deploy multiple layers of backup power systems, alternative connectivity routes, disaster recovery sites and real-time monitoring systems. Nigeria’s payment ecosystem cannot afford prolonged outages arising from power failures, equipment breakdowns or cyberattacks.

Operators must embrace international best practices in cybersecurity and business continuity management. Regular stress testing, independent security audits and transparent incident reporting should become standard practice. The confidence of banks, fintechs and consumers will depend largely on the reliability and security of these facilities.

Ultimately, data localisation should not be viewed merely as a regulatory compliance exercise. It should be seen as part of a broader national strategy to build a resilient digital economy capable of competing globally while protecting national interests.

Nigeria stands at the threshold of a new era where digital infrastructure may become as important as roads, railways, airports and seaports. The success of this transition will depend on the wisdom of regulators, the discipline of operators and the preparedness of businesses and citizens.

If properly implemented, data localisation can become more than a policy directive. It can become a catalyst for economic growth, technological advancement, job creation and national digital independence.
The opportunity is enormous. So too are the responsibilities.

Nigeria must get it right.