CBN Audits: Key Considerations for Fintechs & Microfinance Banks
As fintechs and microfinance banks continue to scale across Nigeria’s dynamic financial ecosystem, regulatory scrutiny from the Central Bank of Nigeria (CBN) is intensifying. One key oversight tool in the CBN’s regulatory arsenal is the CBN audit, a process which newer operators, like fintechs and microfinance banks, often find unclear, reactive, or even intimidating. This article sheds some light on the regulatory rationale for a CBN Audit.
What Is a CBN Audit?
A CBN audit is an on-site or off-site examination conducted by the Central Bank of Nigeria to assess a regulated financial institution’s compliance with applicable laws, regulations, guidelines, and prudential requirements. It may involve:
Review of internal controls and risk management systems.
Scrutiny of customer onboarding and KYC/AML processes
Assessment of financial soundness, liquidity, and capital adequacy
Evaluation of your IT and cybersecurity systems
Inspection of governance structures, board oversight, and records
CBN typically exercises its powers through the Banking Supervision Department, Other Financial Institutions Supervision Department (OFISD), or Payments System Management Department, depending on the license type.
Types of CBN Audits.
The BOFIA empowers the CBN to conduct audits of its licensees. The types of CBN Audits allowable under the BOFIA are.
A. Routine (or On-site) Examination: These kinds of audits are conducted periodically and may often involve a physical visit from the CBN examiners. The aim of such audits will be to review financial records and loan books, risk management frameworks, compliance with corporate governance rules, and customer due diligence and AML compliance
B. Special (or Targeted) Examination: Special examinations are conducted when there’s a red flag or specific concern, such as sudden liquidity stress, reports of insider lending or non-performing loans, whistle-blower complaints, and breaches of prudential guidelines.
Off-site Surveillance
The CBN continuously monitors banks off-site using regular reports submitted by the institutions, such as: (a) Monthly returns (financial and operational), (b) Prudential ratios (e.g., liquidity, capital adequacy), (c) Foreign exchange exposure, or (d) Loan performance data. These reports feed into risk-based supervision, which helps the CBN decide which banks need deeper scrutiny.
Outcome of a CBN Audit
Depending on the seriousness of the issues uncovered during a CBN Audit, a CBN licensee may be required to submit a remediation plan to remedy compliance gaps. Serious breaches can lead to more serious sanctions, such as Monetary fines, suspension of directors or officers, restrictions on operations, and revocation of the license.
Final Comments
For new entrants and licensees (banks, microfinance institutions, payment service providers, digital banks, etc.), CBN audits can make or break regulatory credibility. As a foundational matter, new licensees must appreciate that the CBN operates a risk-based supervision (RBS) framework. That means that CBN doesn’t just check for compliance with circulars but will also broadly assess governance and culture, risk management systems, internal controls, management integrity, and competence.
It is often prudent to build a culture of compliance very early on, maintain up-to-date and accurate records, and also closely monitor prudential and regulatory ratios.
Balogun Harold's insights are shared for general informational purposes only and do not constitute legal advice. For tailored guidance, please contact our Banking & Finance Lawyers at bhlegalsupport@balogunharold.com

Olu A.
LL.B. (UNILAG), B.L. (Nigeria), LL.M. (UNILAG), LL.M. (Reading, U.K.)
Olu is a Partner in the Firm’s Transactions & Policy Practice. Admitted as a Barrister & Solicitor of the Supreme Court of Nigeria in 2009, he has spent over a decade advising clients on high-value transactions and policy matters at some of Nigeria’s leading law firms.
olu@balogunharold.com
Kunle A.
LL.B. (UNILAG), B.L. (Nigeria), LL.M. (UNILAG), Barrister & Solicitor (Manitoba)
Kunle is a Partner in the Firm’s Transactions & Policy Practice. Admitted as a Barrister & Solicitor of the Supreme Court of Nigeria in 2009, he has spent over a decade advising clients on high-value transactions and policy matters at some of Nigeria’s leading law firms.
k.adewale@balogunharold.comRelated Articles
The Host Community Development Trust: Key Commercial Issues
A central issue concerns the scope of the powers of the Nigerian Midstream and Downstream Petroleum Regulatory Authority to issue the Midstream Petroleum (Host Communities Development Trust) Regulations 2024.
Payment Transaction Data Localisation in Nigeria: New CBN Rules and Their Legal Implications
While the CBN payment transaction data directive appears straightforward, its legal implications depend on how its key requirements are interpreted and operationalised in practice.
The Legal Framework for Classified Information in Nigeria: Key Considerations
It would be prudent for the Federal Government undertake a comprehensive review of the Official Secrets Act to ensure that it reflects contemporary national security, technological and governance realities.
Data Localisation in Nigeria: Key Considerations for Cloud Service Providers and AI Companies
Nigeria does not yet have a single, economy-wide data localisation statute. Instead, the regime has developed incrementally on a sector-by-sector basis, through a combination of primary legislation, sectoral regulations, licensing conditions, and regulatory guidelines issued by agencies