SERAP, BudgIT, 136 Nigerians sue CBN over cybersecurity levy

CBN

The Socio-Economic Rights and Accountability Project (SERAP), BudgIT and 136 concerned Nigerians have filed a lawsuit against the Central Bank of Nigeria (CBN) “over its failure to withdraw the patently unlawful ‘Circular’ directing all banks and other financial institutions to deduct from customers’ account a ‘cybersecurity levy’.”

This was disclosed in a statement signed by the Deputy Director of SERAP, Kolawole Oluwadare, on Sunday.

The CBN had last week directed banks to implement a levy of 0.5% (0.005) equivalent to half per cent of all electronic transactions, and to remit the levy to the ‘national cybersecurity fund.’ The CBN relied on the Cybercrime Act 2015 [as amended]. The directive is to be implemented by Monday, May 20, 2024.

In the suit number FHC/L/CS/822/2024 filed last Friday at the Federal High Court, Lagos, the Plaintiffs are asking the court to determine “whether the CBN Circular dated 6th May 2024, directing financial institutions to deduct from customers’ accounts a cybersecurity levy is unlawful and therefore ultra vires the CBN.”

The Plaintiffs are also asking the court to determine “whether the CBN Circular dated 6th May 2024, directing financial institutions to deduct from customers’ accounts a cybersecurity levy and section 44(2) (a) of the Cybercrimes Act are not in breach of sections 14(2), 44(1) and 162(1) of the Nigerian Constitution 1999 [as amended], and therefore unconstitutional, null, and void.”

The Plaintiffs are asking the court for “a declaration that the CBN Circular dated 6th May 2024 directing all banks and other financial institutions to deduct from customers’ accounts a cybersecurity levy is contrary to the provisions of the Cybercrimes Act and ultra vires the CBN, and therefore is illegal null and void.”

The Plaintiffs are seeking “an order of interim injunction restraining the CBN, its office, agents, privies, assigns, or any other persons acting on its instructions from enforcing the Circular dated 6th May 2024, pending the hearing and determination of the motion on notice filed contemporaneously in this suit.”

The suit filed on behalf of the Plaintiffs by their lawyer Ebun-Olu Adegboruwa, SAN, read in part: “The CBN Circular is unlawful and an outright violation of the provisions of the Nigerian Constitution and the country’s international obligations.”

“Unless the reliefs sought are granted, the CBN will enforce its Circular directing banks to deduct from customers’ accounts a cybersecurity levy. Millions of Nigerians with active bank accounts would suffer irreparable damage from the unlawful deduction of cybersecurity levies from their accounts.”

“The provisions of the Cybercrimes Act on payment of cybersecurity levy strictly apply only to businesses listed in the Second Schedule to the Act. These provisions make no reference to bank customers, contrary to the CBN Circular to all banks and other financial institutions.”

“The Nigerian government has a legal responsibility to ensure the security and welfare of the people, as provided for under section 14(2)(b) of the Nigerian Constitution and human rights treaties to which Nigeria is a state party.”

“The CBN Circular is also a blatant violation of Nigerians’ human rights including the right to property guaranteed under section 44 of the Nigerian Constitution and article 14 of the African Charter on Human and Peoples’ Rights to which Nigeria is a state party.”

“We urge the Honourable to grant the reliefs sought in the public interest and the interest of justice as well as to prevent arbitrariness and ensure the rule of law in the country.”

“Any deduction of cybersecurity levy from Nigerians’ accounts would be contrary to the provisions of section 44(2)(a) of the Cybercrimes Act 2015 as amended by the Cybercrimes Prohibition, Prevention etc) (Amendment) Act 2024 and ultra vires the CBN, and therefore illegal, null and void.”

“Section 162 (1) of the Nigerian Constitution provides that all revenues collected by or on behalf of the Government of the Federation are mandatorily required to be paid into the Federation Account save the revenue excepted by the provisions of the section.”

“The National Cybersecurity Fund established by section 44(1) of the Cybercrimes Act 2015 [as amended] into which it is required to be paid the levy of 0.5% chargeable on all electronic transactions instead of the Federation Account is unconstitutional, null, and void.”

“The CBN Circular is a breach and misinterpretation of Sections 44(2)(a) and 58 of the Cybercrimes Act [as amended], in that it purports to incorporate customers of the bank (neither defined by the Act nor designated by the CBN as financial institutions) as those to pay the cybersecurity levy.”

“The Plaintiffs are customers of commercial banks in Nigeria with accounts domiciled with many commercial banks in Nigeria. The CBN is the statutory agency charged with the overall control and administration of the monetary and financial sector policies of the Federal Government.”

“The Plaintiffs are included in the statistics of Nigerians with active bank accounts as the Plaintiffs are owners of accounts in different Banks and other financial institutions.”

“As of 30 April 2024, commercial banks in Nigeria already charge exorbitant fees for electronic transactions, including Electronic Transfer Charges at N53.75 on any amount above N10,000, Stamp Duty of N50 on every transaction and Account Maintenance Charge deducted per month.”

The Plaintiffs are therefore asking the court for the following reliefs:

A DECLARATIONthat the Circular issued by the CBN and dated 6th May 2024 directing all banks and other financial institutions to deduct from customers’ accounts cybersecurity levy is manifestly misleading, extorting and a breach and misinterpretation of the provisions of Section 44, 58 and Second Schedule of the Cybercrimes (Prohibition, Prevention, ETC) (Amendment) Act 2024 and ultra vires the CBN, and therefore is illegal, null and void.
A DECLARATION that the Circular issued by the CBN and dated 6th May 2024 directing all banks and other financial institutions to deduct from customers’ accounts cybersecurity levy and section 44(2)(a) of the Cybercrimes Act are inconsistent with, and a breach of the provisions of Section 14(2), 44 (1) 162 of the Nigerian Constitution 1999 [as amended] and therefore unconstitutional, null and void.
AN ORDER setting aside the the Circular issued by the CBN and dated 6th May 2024 directing all banks and other financial institutions to deduct from customers’ accounts cybersecurity levy, for being misleading, extorting and a breach of the provisions of Section 44, 58 and Second Schedule of the Cybercrimes (Prohibition, Prevention, ETC) (Amendment) Act 2024.
AN ORDER setting aside the Circular issued by the CBN and dated 6th May 2024 directing all banks and other financial institutions to deduct from customers’ accounts cybersecurity levy and section 44(2)(a) of the Cybercrimes Act, for being inconsistent with, and a breach of the provisions of Section 14(2), 44 (1) and 162 of the Nigerian Constitution 1999 [as amended] and therefore unconstitutional, null and void.
AN ORDER restraining the Central Bank of Nigeria, including its agents, assigns, privies and or representatives or such other persons acting on its behalf, from enforcing the Circular issued by the CBN and dated 6th May 2024 against all banks and other financial institutions and their customers.
ANY ORDER(S)that the Honorable Court may deem fit to make in the circumstance of this suit.

No date has been fixed for the hearing of the suit.