The Nigerian Financial Intelligence Unit sits at the center of Nigeria's AML reporting architecture. Every suspicious activity report, every currency transaction report, and every international transfer report that Nigerian financial institutions file goes to the NFIU. Despite how central the NFIU is to compliance operations, many fintech compliance teams have only a surface-level understanding of how the unit works, what it does with the reports it receives, and what it expects from reporting entities beyond simply filing the required documents.
What the NFIU Is and How It Operates
The NFIU was established under the Money Laundering (Prohibition) Act and operates as an autonomous body housed within the Office of the National Security Adviser. It is Nigeria's designated financial intelligence unit under the FATF framework and is a member of the Egmont Group of Financial Intelligence Units, which means it can exchange financial intelligence with FIUs in other countries through secure channels. The NFIU receives, analyses, and disseminates financial intelligence to law enforcement agencies including the EFCC, ICPC, and Nigeria Police for investigation and prosecution of financial crime. It does not itself investigate or prosecute cases.
What Nigerian Fintechs Are Required to Report
The reporting obligations for CBN-licensed fintechs cover three primary report types. Suspicious Transaction Reports, sometimes called Suspicious Activity Reports, must be filed when a fintech has reasonable grounds to suspect that a transaction or proposed transaction involves proceeds of crime or financing of terrorism. Currency Transaction Reports must be filed for cash transactions above specified thresholds, which for most institutional purposes is NGN 5 million for individuals and NGN 10 million for corporate customers, though these thresholds are subject to periodic revision. International Transfer Reports must be filed for all international wire transfers above certain values. Each report type has its own format, timeline, and submission channel.
How to Submit Reports to the NFIU
The NFIU operates a goAML reporting platform, which is the standard tool for financial intelligence reporting used by FIUs globally. Nigerian financial institutions are required to register on the goAML platform and submit all mandatory reports through it. Registration requires institutional credentials and the designation of at least one reporting officer with administrative access. A fintech that is not yet registered on goAML is technically unable to meet its reporting obligations regardless of how good its internal processes are. Compliance officers should prioritise platform registration as a baseline before focusing on the quality of individual reports.
What Happens After You File
After a report is submitted, the NFIU's analysis team reviews it alongside other financial intelligence, including data from other institutions, law enforcement databases, and international FIU partners. High-quality reports that provide specific, actionable intelligence are more likely to generate investigative referrals. Reports that are vague or incomplete may still fulfill the reporting obligation but are less likely to contribute to enforcement outcomes. The NFIU may contact your institution for additional information in connection with a filed report, which is why maintaining complete records linked to each filing is important. Understanding what makes a good SAR in Nigeria directly affects the intelligence value your filings provide to the NFIU and ultimately to law enforcement.
NFIU Compliance Examinations
The NFIU conducts its own compliance examinations of reporting entities, separate from the CBN's regulatory examinations. These assessments focus specifically on the institution's reporting performance: whether reports are being filed, whether they are filed on time, whether they are complete and accurate, and whether the institution's internal processes are designed to reliably identify reportable activity. An institution with a poor reporting history, whether defined as consistently late filings, high rates of incomplete submissions, or an implausibly low number of STRs relative to its customer base and transaction volume, is at risk of regulatory action. Using a structured compliance platform that supports structured record-keeping and goAML integration can help demonstrate reporting program effectiveness during examinations. Grounding your reporting program in a documented AML risk assessment also gives examiners confidence that your suspicious activity identification process is systematic rather than ad hoc.
