This legal update is intended to help fintechs, mobile money operators, digital lenders and vendors in the lending value chain to assess the applicability and impact of the new FCCPC Digital, Electronic, Online or Non-Traditional Consumer Lending Regulations, 2025 (the "Digital Lending Regulations") which took effect on July 25, 2025.
Scope of Applicability under the Digital Lending Regulations, 2025
1. The "Benefit Test"
The Regulations adopt a broad scope, extending to all lending activities conducted online, digitally, or through non-traditional means, whether directly or indirectly and whether or not a loan is collateralised. This applies regardless of whether the digital lender, fintech or MMO is incorporated or operating within Nigeria. Importantly, the nature of the lender's consideration is irrelevant, as long as the lender derives a benefit whether in cash or kind, the Regulations apply. This includes issuers of non-cash credit arrangements, such as telecommunications companies, mobile money operators, agricultural technology platforms, and barter-based lending schemes.
2. Registration, Approval, and Fees
All digital lenders and service providers along the consumer lending value chain are now required to register with the FCCPC. Applicants are required to submit a number of documents, which includes, a Compliance Audit Report and a Data Protection Impact Assessment Report ("DPIA"). Applicants are also required to pay a non-refundable registration fee, separate from an approval fee. The approval fee can be up to ₦1,000,000. For digital lenders, the approval fee of N1,000,000 will cover the registration of two software applications. An additional ₦500,000 is payable for each additional software application. Applicants are allowed to register a maximum of 5 software applications. Following the initial approval, which is valid for one year, subsequent renewals will occur every 36 months, subject to the payment of a renewal fee.
3. Exemption for Licensed Microfinance Banks (MFBs)
Licensed Microfinance Banks are exempt from the registration requirement but must obtain a formal waiver from the FCCPC.
Read Also:Nigeria's Open Banking: Data Access Considerations
4. Interstate Lending Requirement
Section 4(b) of the Digital Lending Regulations appears to limit its applicability to lenders operating in more than one state within Nigeria.
5. Regulation of Partnerships
Digital lenders must obtain prior approval from the FCCPC before entering into partnerships related to consumer lending. New partnership agreements with vendors involved in the consumer lending process must be submitted to the FCCPC for review, and the FCCPC reserves the right to withhold approval. Existing partnership agreements with vendors must also be submitted to the FCCPC for approval. The FCCPC is effectively regulating third-party vendor and partnership arrangements of digital lenders, including any subsequent amendments to such agreements.
6. Mandatory 30-Day Approval Period
Digital lenders and other stakeholders must now factor in a minimum 30-day review period for FCCPC approval of partnership arrangements and for registration. The FCCPC also reserves the discretion to extend this review period.
7. Annual and Bi-Annual Compliance Report Filing Obligations
Digital lenders and their relevant third-party vendors/service providers are now required to file annual returns as well as bi-annual compliance reports with the FCCPC.
8. Monetary Penalties
Failure to comply with the Digital Lending Regulations may result in significant sanctions. Corporates may be fined up to ₦10,000,000, or 1% of their turnover from the preceding financial year, whichever is higher. Individuals may face fines of up to ₦5,000,000. Company directors may also be subject to disqualification.
Key Takeaways
(a) Elevated Consumer Protection Standards
The FCCPC is saying, if you are a digital lender and your business or partnerships do not meet our consumer protection, standards, we would not let you start the business or enter/continue that partnership agreement. If you have already commenced business, we would stop you from continuing to do business, until you meet our standards. This is a very high bar and commendable. In many respects, the Digital Lending Regulations are a substantial step forward in raising consumer protection benchmarks. They introduce clear improvements in service delivery, including enhanced complaint resolution processes, streamlined service activation, and more rigorous record-keeping obligations. Notably, the FCCPC has also expressed an intention to monitor interest rates to ensure they are fair and non-exploitative. These developments are commendable and reflect a welcome shift toward a more consumer-centric regulatory framework. More than previously, digital lenders and their partners need to take competition regulation, more seriously.
Read Also:New Digital Money Lender Regulations in Nigeria: Some Legal Issues
(b)Scope of Exemption for Microfinance Banks
The decision to exempt only licensed Microfinance Banks from the scope of the Digital Lending Regulations warrants further clarification, particularly in light of the fact that other categories of banks also routinely engage in consumer lending. The regulatory rationale for this selective exemption is unclear and could create uneven compliance expectations across banking institutions.
(c) Applicability to Vendor Financing Structures
The Digital Lending Regulations appear to extend to companies offering vendor financing for consumer goods, even where such financing is incidental to their core business activities. If this interpretation is correct, it would bring manufacturers, traders, and other commercial entities providing installment or deferred payment options under the purview of the FCCPC's regulatory oversight. This raises practical questions about the proportionality of requiring such entities, whose primary business is not financial services, to undergo the same registration and compliance processes as digital lenders.
(d) Overlap with Data Protection Regulation
The requirement to submit a Data Compliance Audit and a DPIA to the FCCPC raises jurisdictional concerns, particularly given that the Nigeria Data Protection Commission (NDPC) remains the designated regulator for data protection matters. Nigerian companies are already required to submit such reports to the NDPC under existing laws, and the basis for duplicating these obligations under the FCCPC framework is unclear. It is important to note that the FCCPC itself is subject to the NDPA and needs to establish a lawful basis for processing the personal data of data subjects within Applicant companies.
Read Also:Buy Now Pay Later Offerings in Nigeria: Some Market Entry Considerations (Nigeria)
(e) Reporting of Organisational Changes
The Guidelines appear to require notification of any changes to information previously submitted during registration, including changes to directors or shareholders. The necessity and scope of this requirement require further clarification, especially where such changes do not materially affect lending operations or consumer protection risk.
(f) Burden of Ongoing Compliance Requirements
The cumulative burden imposed by the requirement to file annual returns, renew licenses periodically, and seek prior approval for vendor arrangements is significant. The rationale for imposing such extensive regulatory obligations, particularly on non-financial companies or those offering incidental credit, requires further justification as these obligations may impose disproportionate costs without corresponding benefits to consumer protection or market oversight.
Initial Conclusions
In principle, the FCCPC's role as a competition and consumer protection regulator does not traditionally include licensing authority. Thus, its decision to impose a licensing-style regime on digital lenders raises important policy concerns. If this precedent is extended, the FCCPC could assert licensing and approval control in other sectors, where there are consumer protection issues, a development that would be both novel and potentially overreaching.
While it is reasonable for the FCCPC to require digital lenders to register and adhere to enforceable consumer protection standards, the current framework, which features annual renewals, mandatory filings, and prior approvals, appears unnecessarily bureaucratic. That said, the Regulations are now in force and carry legal effect. Digital lenders, MMOs, and other affected entities must comply with the registration and operational requirements or risk regulatory sanctions.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
