1 Legal and enforcement framework

1.1 What general regulatory regimes and issues should blockchain developers consider when building the governance framework for the operation of blockchain/distributed ledger technology protocols?

When building a governance framework, blockchain developers should consider two primary goals:

  • maximising the strengths and opportunities associated with the framework, in light of the primary goal of the protocol; and
  • minimising the risks and threats associated with the framework, in light of the general regulatory regimes and issues.

These general regulatory regimes and issues include the following.

General laws and regulations: Nigeria has no specific legislation or regulations on blockchain/distributed ledger technology (DLT). However, certain existing laws and regulations generally apply to a number of blockchain/DLT applications across various industries.

The Investments and Securities Act 2007 regulates investments and securities in Nigeria and establishes the Securities and Exchange Commission (SEC), which is empowered to enforce the act. Among other things, the act regulates collective investment schemes, initial public offerings and securities. Therefore, initial coin offerings (ICOs), securities token offerings, token generation events and similar offers of securities to the public may fall under SEC regulation.

The following Central Bank of Nigeria (CBN) know-your-customer (KYC) and anti-money laundering/counter-terrorist financing (AML/CFT) policies and other CBN regulatory frameworks also apply:

  • the Three-Tier KYC Requirements 2013;
  • the Anti-money Laundering/Combating the Financing of Terrorism (Administrative Sanctions) Regulations 2018;
  • the AML/CFT Policy and Procedure Manual 2018;
  • the Consumer Protection for Banks and Other Financial Institutions 2016;
  • the Consumer Protection Regulations 2019;
  • the Guidelines on Mobile Money Services in Nigeria;
  • the Guidelines on International Mobile Money Remittance Services;
  • the Guidelines on International Money Transfer Services; and
  • the Central Bank of Nigeria Act 2007.

Other regulations that may apply include:

  • the Nigeria Data Protection Regulation 2019;
  • the National Health Act;
  • the Cybercrimes (Prohibition, Prevention, etc) Act 2015;
  • the National Identity Management Act 2017;
  • the Companies Income Tax Act;
  • the Capital Gains Tax Act;
  • the Personal Income Tax Act;
  • the Value Added Tax Act;
  • the Companies and Allied Matters Act;
  • the Finance Act 2019;
  • the Statute of Frauds 1677;
  • the Evidence Act 2011;
  • the Money Laundering (Prohibition) Act, 2011 (as amended);
  • the Terrorism Prevention Act, 2012 (as amended);
  • the Terrorism Prevention (Freezing of International Terrorist Funds and other Related Matters) Regulations, 2013;
  • the Economic and Financial Crime Commission (Establishment) Act 2004; and
  • the Banks and Other Financial Institutions Act 1991.

Cybersecurity: Although blockchain technology is theoretically unhackable because of its decentralised and distributed structure, blockchain developers must carefully consider the security of their blockchain/DLT protocols. Blockchain developers also need to be careful with the code used in writing the protocol. Any vulnerability in the code may result in a hack, such as the decentralised autonomous organisation (DAO) hack in 2016, when $50 million worth of cryptocurrency was stolen.

Privacy: Implementing blockchain/DLT protocols is difficult for certain industries, particularly the financial (banking), health and legal industries. This is because information is typically open and permissionless, enabling anyone that wishes to have access and participate to do so. Blockchain developers need to consider privacy issues when building the governance framework for blockchain/DLT protocols.

Legal issues: Some of the legal issues include:

  • how to determine the jurisdiction of nodes for enforcement purposes;
  • the legal status of a DAO which runs on smart contracts; and
  • smart contracts and their enforceability under traditional contract law and before the Nigerian courts.

In Nigeria, none of these legal issues has been legislated or adjudicated upon.

Regulatory issues: In Nigeria, as in a considerable number of countries⁠, there is some level of regulatory uncertainty. Twice - in January 2017 and February 2018 - the CBN warned both financial institutions and the public that virtual currencies are not legal tender in Nigeria. Similarly, the SEC warned Nigerians about the significant risks involved in investing in virtual assets, particularly those that are unregulated or unauthorised. The lack of regulation may have encouraged a number of scams in the space, especially through unrealistic ICOs.

Ethical issues: As blockchain applications increase, one major ethical issue is the use of cryptocurrencies to perpetrate criminal acts. Nigeria already faces numerous challenges in fighting cybercrime. The ability to carry out transactions through cryptocurrencies has now made tracing illegal activities such as drug trafficking, human trafficking and terrorism either extremely difficult or impossible for law enforcement agencies. Blockchain developers may thus come under increasing pressure from the state to put public safety before individual privacy when building the governance frameworks of blockchain/DLT protocols.

From an environmental perspective, power usage for cryptocurrencies such as bitcoin that require significant amounts of electricity is not yet an issue in Nigeria, as cryptocurrency mining activities remain insignificant.

Incentive system: Blockchain developers should consider adopting a governance framework incorporating an incentive system that safeguards the collective interests of the protocol. Whether through proof of work (eg, as adopted by Bitcoin and Ethereum) or proof of stake (eg, as adopted by EOS), a strong incentive system helps to minimise the risk of 51% attacks on the blockchain. Without strong incentives for core developers, nodes and token holders, voting on issues and validating transactions may become problematic, and this may threaten the continued operation of the protocol. For example, one major issue that resulted in the DAO hack was a code vulnerability which could have been discovered and fixed by core developers if the DAO had no incentive issue.

Security versus scalability trade-off: Blockchain developers should consider a governance framework that safely manages the trade-off between security and speed. While a more decentralised governance framework will typically enjoy better security, but lower speed (eg, Bitcoin), a less decentralised governance framework will typically enjoy higher speed, but less security. While poor scalability may affect mass adoption, poor security often results in loss of funds - an issue that usually gets regulators' attention.

Data storage and immutability: Data protection regulations now require that data controllers be identifiable and data subjects be entitled to request the modification and deletion of their personal data. Blockchain developers should start considering issues such as data storage and the principle of immutability on the blockchain.

Interoperability: As more blockchains/DLT protocols are developed and introduced by blockchain developers, the need for interoperability increases. If blockchain technology will truly be the third-generation Internet, blockchains must communicate and interact with one another. To ensure that blockchains can speak the same language, blockchain developers must adopt open protocols and multi-chain frameworks.

1.2 How do the foregoing considerations differ for public and private blockchains?

Because public blockchains are decentralised and private blockchains are centralised, the considerations differ as follows.

Cybersecurity: Private blockchains, because of their often centralised structure, are more prone to cyberattacks.

Privacy: As private blockchains are permissioned, there is some level of privacy compared to public blockchains, which are open and permissionless.

Legal issues: One of the major features that distinguishes public and private blockchains is participation in the network and shared ledger. While anyone - even with an anonymous or pseudonymous identity - can join a public blockchain network, a private restricts those allowed to participate in the network and the transactions in which they can participate. As long as the liability of each participant is concerned, this distinction is vital, as it determines a number of legal factors, including jurisdiction and enforceability. On private blockchains, owners or nodes may be severally liable; but on public blockchains, all participating nodes may be jointly liable. Therefore, in a private blockchain, most of the legal issues raised – including determining jurisdiction and the legal status of a DAO – may not arise. This is because each node is easily identifiable, having been validated or permitted by the supernode. Also, DAOs do not exist in private blockchains and contracts may be made off chain.

Regulatory issues: Both public and private blockchains largely face the same regulatory uncertainty.

Ethical issues: In private blockchains, there is no risk that cybercriminals can take advantage of anonymity to carry out criminal activities, because anonymity and pseudonymity apply only in the case of public blockchains.

Incentive system as a self-regulatory mechanism: 51% attacks - such as those suffered by Bitcoin Gold, Litecoin Cash, Monacoin, Verge and Zencash - are suffered by public blockchains. As stated earlier, private blockchains are more prone to cyberattacks.

Security versus scalability trade-off: While private blockchains enjoy scalability because of their speed, public blockchains do not. As blockchain technology continues to grow, blockchain developers will increasingly need to improve the scalability of public blockchains without compromising on security. The security of private blockchains will also benefit from improvements.

Data storage and immutability: This regulatory consideration differs for private blockchains, because the data controllers are easily identifiable and any requests from data subjects for the modification and deletion of their personal data may be treated by storing such data off chain. This is not possible in the case of public blockchains.

Interoperability: The adoption of open protocols and multi-chain frameworks to make blockchain interoperable will benefit both private blockchains and public blockchains - especially the latter, since public blockchains are essentially the open, permissionless, transparent, peer-to-peer Internet.

1.3 What general regulatory issues should users of a blockchain application consider when using a particular blockchain/distributed ledger protocol?

No specific legislation: Users of blockchain applications should be aware that Nigeria has no specific legislation or regulations on blockchain and cryptocurrencies. Depending on the user's application of the technology, existing legislation and regulations may apply.

Blockchain users should seek legal advice before launching any blockchain application in Nigeria.

Cryptocurrencies are not illegal, but are untrusted: No branch of government or public agency in Nigeria has pronounced cryptocurrencies illegal. However, banks in Nigeria are restricted by the CBN from dealing in cryptocurrencies. Blockchain users should protect their businesses by complying with the CBN's KYC and AML/CFT regulations. The developers of blockchain applications may also need one or more fintech regulatory licences to do business in Nigeria.

Cryptocurrencies are not legal tender in Nigeria: Cryptocurrencies are not legal tender in Nigeria. This is the position of the CBN. The CBN has cautioned the public about the risks involved in dealing in cryptocurrencies, pointing out that users are not entitled to any legal protection in Nigeria. For blockchain users, until specific legislation or regulations are introduced, an understanding of which existing laws or regulations apply to your blockchain application is vital.

Investment offers in cryptocurrencies and other digital or virtual currencies are unauthorised by the SEC: In its Public Notice on Investments in Cryptocurrencies and other Virtual or Digital Currencies, the SEC asserted that it has not authorised or recognised any person, company or entity to promote cryptocurrencies or make investment offers to the members of the public. According to the SEC, such investment offers "are likely to be of a risky nature with a high risk of loss of money, whilst others may be outright fraudulent pyramid schemes". Consequently, the SEC advised the public to endeavour to ascertain that the promoters of such investment schemes are authorised by the SEC.

In determining liability, the relevant consideration is not the label the blockchain gives its token, but rather the features of the token and the circumstances surrounding the sale.

Conflict with data protection regulation: The Nigerian Data Protection Regulation (NDPR) - modelled on the EU General Data Protection Regulation (GDPR)⁠ - requires:

  • an identifiable (or central) data controller to be held accountable; and
  • the right of data subjects to modify or erase their personal information as stored by the data controller.

These requirements conflict with two basic principles of blockchain/DLT: decentralisation and immutability.

Blockchain users should therefore have data protection and data privacy policies that do not put their businesses at avoidable risk.

Token structure, legal classification and liability: The classification of a token has legal and regulatory implications. If the token created by a blockchain/DLT protocol operates as a payment token outside its native ecosystem, it may be considered a cryptocurrency and thus fall under the general regulatory regime for financial services. If the token operates as an asset or investment token, it may be considered a security and thus fall under the regulatory regime for securities and investments. And if the token operates as a gateway for users to enjoy access to rights, privileges or even goods or services available within an ecosystem, it may be considered a utility token. Such a utility token will be outside the regulatory scope of both the CBN and the SEC.

Blockchain users should therefore seek proper advice when structuring their tokens properly.

Managing, marketing and promotion of blockchain applications: Users of blockchain applications that wish to minimise regulatory hurdles or scrutiny should consider their (direct) involvement in the management, marketing and promotion of blockchain applications. Managing, marketing and promoting a blockchain application that solicits funds from the public involve significant regulatory implications. For example, when the DAO hack took place in 2016, the US SEC, upon scrutiny, considered the DAO token a security, but it treated Ethereum differently. One reason for this was because the profits to be earned by DAO token investors were to be derived from the managerial, marketing and promotional efforts of others⁠: Slock.it, Slock.it, Slock.it's co-founders and the DAO's curators.

Blockchain is essentially a technological tool, not a new legal phenomenon: Blockchain users should understand that it is not blockchain technology itself that should be regulated, but rather the rights and liabilities of users of blockchain applications in various industries.

Many blockchain users seem to believe⁠ - quite wrongly⁠ - that in the absence of specific legislation or regulations in Nigeria, the emerging blockchain and cryptocurrency space is an open market for illegalities; but this is not the case.

1.4 Which administrative bodies are responsible for enforcing the applicable laws and regulations? What powers do they have?

CBN: Established by virtue of the Central Bank of Nigeria Act, the CBN is the regulator of all banking and financial institutions in Nigeria, including fintechs. The CBN is empowered to issue regulations and guidelines that must be complied with by the banks and other financial institutions it supervises. The functions and powers of the CBN - in particular, in relation to currencies, the monetary system and regulation - are as follows:

  • to promote a sound financial system in Nigeria;
  • to issue legal tender currency in Nigeria;
  • to issue currency notes and coins throughout Nigeria – neither the federal government nor any state government, local government, other person or authority may issue currency notes, bank notes or coins, or any documents or tokens payable to bearer on demand being document or token which are likely to pass as legal tender;
  • to devise suitable mechanisms from time to time to determine the exchange rate of the naira;
  • to buy and sell Nigerian currency;
  • to undertake treasury operations, including the purchase and sale of gold coin and bullion;
  • to manage liquidity;
  • to request information from persons or bodies on any matter relating to, concerning or affecting Nigeria's economy;
  • to issue guidelines to any person or institution under its supervision;
  • to enter into agreements or arrangements with other regulatory authorities in Nigeria or in other countries with similar responsibilities for:
    • the promotion of mutual cooperation; and
    • the exchange of information for the purposes of enhancing the supervision and regulation of financial institutions;
  • to enforce compliance with its regulations, guidelines and directives; and
  • to enforce penalties, through statutory fines, administrative fines or imprisonment, against any person or institution under its supervision that fails to comply with its regulations, guidelines and directives.

SEC: Established by the Investments and Securities Act, the SEC is the regulator of securities and investments in Nigeria. Under Section 17 of the act, the functions and powers of the SEC - in particular, in relation to investments and securities - are as follows:

  • to regulate investments and securities business in Nigeria as defined in the act;
  • to register and regulate securities exchanges, capital trade points, futures, options and derivatives exchanges, commodity exchanges and other recognised investment exchanges;
  • to regulate all offers of securities by public companies and entities;

to register the securities of public companies;

  • to render such assistance as may be deemed necessary to promoters and investors wishing to establish securities exchanges and capital trade points;
  • to prepare adequate guidelines, organise training programmes and disseminate information necessary for the establishment of securities exchanges and capital trade points;
  • to register and regulate corporate and individual capital market operators as defined in the act;
  • to register and regulate the workings of venture capital funds and collective investments schemes in whatever form;
  • to facilitate the establishment of a nationwide system for securities trading in the Nigerian capital market in order to protect investors and maintain fair and orderly markets;
  • to facilitate the linking of all markets in securities with information and communication technology facilities;
  • to register and regulate securities depository companies, clearing and settlement companies, custodians of assets and securities, credit rating agencies and such other agencies and intermediaries;
  • to protect the integrity of the securities market against all forms of abuses, including insider dealing;
  • to promote and register self-regulatory organisations, including securities exchanges, capital trade points and capital market trade associations to which it may delegate its powers;
  • to regulate cross-border securities transactions;
  • to call for information from and inspect, conduct inquiries and audits of securities exchanges, capital market operators, collective investment schemes and all other regulated entities;
  • to promote investors' education and the training of all categories of intermediaries in the securities industry;
  • to request from, or provide to, any person such information as may be considered necessary for the efficient discharge of its functions;
  • to levy fees, penalties and administrative costs of proceedings or other charges on any person in relation to investments and securities business in Nigeria in accordance with the act;
  • to intervene in the management and control of capital market operators which it considers have failed, are failing or are in crisis, including entering their premises and doing whatsoever it deems necessary for the protection of investors;
  • to enter and seal the premises of persons illegally carrying on capital market operations;
  • to seek judicial orders to freeze the assets (including bank accounts) of any person whose assets were derived from the violation of the act or any securities law or regulation in Nigeria or other jurisdictions;
  • to relate effectively with domestic and foreign regulators and supervisors of other financial institutions, including entering into cooperative agreements on matters of common interest;
  • to prevent fraudulent and unfair trade practices relating to the securities industry;
  • to advise the minister on all matters relating to the securities industry; and
  • to perform such other functions and exercise such other powers not inconsistent with the act as are necessary or expedient for giving full effect to its provisions.

Federal Inland Revenue Service (FIRS): The FIRS administers federal tax laws and enforces tax compliance in Nigeria. Section 8 of the FIRS (Establishment) Act 2007 gives the FIRS the following powers:

  • to assess persons, including companies and enterprises, that are subject to tax;
  • to assess, collect, account for and enforce payment of such taxes as may be due to the government or any of its agencies;
  • to collect, recover and pay to the designated account any tax under any provision of the act or any other enactment or law;
  • in collaboration with the relevant law enforcement agencies, to carry out the examination and investigation with a view to enforcing compliance with the provisions of the act;
  • to determine, from time to time, the extent of financial loss and such other losses by government arising from tax fraud or evasion and such other losses (or revenue forgone) arising from tax waivers and other related matters;
  • to adopt measures to identify, trace, freeze, confiscate or seize proceeds derived from tax fraud or evasion;
  • to adopt measures which include compliance and regulatory actions, and the introduction and maintenance of investigative and control techniques on the detection and prevention of non-compliance;
  • to collaborate and facilitate rapid exchange of information with relevant national or international agencies or bodies on tax matters;
  • to establish and maintain a system for monitoring international dynamics of taxation in order to identify suspicious transactions and the perpetrators and other persons involved;
  • to provide and maintain access to up-to-date and adequate data and information on all taxable persons, individuals, corporate bodies and government agencies involved in the collection of revenue for the purpose of efficient, effective and correct tax administration, and to prevent tax evasion or fraud;
  • to maintain databases, records, reports and statistics on persons, organisations, proceeds, properties, documents and other items or assets relating to tax administration, including matters relating to waivers, fraud or evasion;
  • to undertake and support research on similar measures with a view to stimulating economic development and determining the manifestation, extent, magnitude and effects of tax fraud, evasion and other matters that affect effective tax administration, and to make recommendations to the government on appropriate intervention and preventive measures;
  • to collate and continually review all policies of the federal government relating to taxation and revenue generation, and undertake a systematic and progressive implementation of such policies;
  • to liaise with the Office of the Attorney-General of the Federation, all government security and law enforcement agencies, and such other financial supervisory institutions in the enforcement and eradication of tax-related offences;
  • to issue taxpayer identification numbers to every taxable person in Nigeria in collaboration with states boards of internal revenue and local government councils;
  • to carry out oversight functions over all taxes and levies accruable to the government of the federation and, as may be required, to query, subpoena, sanction and reward any activities pertaining to the assessment, collection of, and accounting for revenues accruable to the federation; and
  • to carry out such other activities as are necessary or expedient for the full discharge of all or any of the functions under the act.

National Information Technology Development Agency (NITDA): NITDA is responsible for developing and regulating information technology in Nigeria. Established by the NITDA Act 2007, NITDA is empowered to create frameworks and develop standards, guidelines and regulations in this regard. In January 2019, NITDA issued the NDPR to regulate data privacy in Nigeria. NITDA's functions and powers include the following:

  • to create a framework for the planning, research, development, standardisation, application, coordination, monitoring, evaluation and regulation of IT practices, activities and systems in Nigeria and all related matters;
  • to provide guidelines to facilitate the establishment and maintenance of appropriate IT and systems application and development in Nigeria for public and private sectors, urban-rural development, the economy and the government;
  • to develop guidelines for electronic governance and monitor the use of electronic data interchange and other forms of electronic communication transactions as an alternative to paper-based methods in government, commerce, education, the private and public sectors, labour and other fields, where the use of electronic communication may improve the exchange of data and information;
  • to develop guidelines for the networking of public and private sector establishment;
  • to develop guidelines for the standardisation and certification of IT escrow source code and object code domiciliation, application and delivery systems in Nigeria;
  • to introduce appropriate regulatory policies and incentives to encourage private sector investment in the IT industry;
  • to create incentives to promote the use of information technology in all spheres of life in Nigeria, including the development of guidelines for setting up IT systems and knowledge parks;
  • to determine critical areas in information technology requiring research intervention and development in those areas;
  • to render advisory services in all IT matters to the public and private sectors;
  • to advise the government on ways to promote the development of information technology in Nigeria, including introducing appropriate legislation to enhance national security and the vibrancy of the industry; and
  • to perform such other duties which, in the opinion of NITDA, are necessary or expedient to ensure the efficient performance of its functions under the NITDA Act.

1.5 What is the regulators' general approach to blockchain?

CBN: As Nigeria's financial industry services regulator, the CBN is concerned about the use of blockchain applications in financial services, particularly cryptocurrencies. The CBN's general approach has been extremely cautious, driven more by the need for consumer protection in the financial services industry. The CBN does not recognise cryptocurrencies. According to a circular released in January 2017 to banks and other financial institutions on cryptocurrencies or virtual currency operations in Nigeria, cryptocurrencies are largely untraceable and anonymous, and are "susceptible to abuse by criminals, especially in money laundering and financing of terrorism". Consequently, the CBN ordered banks in Nigeria to:

  • ensure that they do not use, hold, trade and/or transact in any way in virtual currencies;
  • ensure that existing customers who are virtual currency exchangers have effective AML/CFT controls that enable them comply with customer identification, verification and transaction monitoring requirements;
  • ensure that, in the absence of required controls, they are to discontinue customer relationships immediately; and
  • ensure that they immediately report any suspicious transactions by customers to the Nigeria Financial Intelligence Unit.

Similarly, the CBN released another circular in February 2018 entitled "Virtual Currencies not Legal Tender in Nigeria". In this circular the CBN reiterated that "cryptocurrencies such as Bitcoin, Ripples, Monero, Litecoin, Dogecoin, Onecoin, etc and Exchanges such as NairaEx are not licensed or regulated by the CBN". The CBN further warned that "dealers and investors in any kind of crypto currency in Nigeria are not protected by law", and that consumers are thus at risk of losing their money without any legal redress. The CBN reiterated that virtual currencies are not legal tender in Nigeria and emphasised the need for caution in this regard,

SEC: Recognising both the potential of blockchain technology and the need to protect investors, the SEC has been cautious but responsive in its approach to blockchain. The SEC is considering how to maximise the potential of blockchain and virtual financial assets (VFAs) in Nigeria's capital markets. In August 2019 the SEC accepted the report of the Fintech Roadmap Committee for the Nigerian Capital Market, which it set up in November 2018. The Fintech Roadmap Committee recommended that the SEC:

  • decide on the classification of cryptocurrencies as either commodities or securities;
  • develop a framework for the regulation of what it described as VFAs and VFA exchanges;
  • develop a framework for the regulation of equity-based crowdfunding;
  • issue guidelines and standards for white papers and ICOs;
  • develop a framework for KYC and due diligence for cryptocurrencies, VFAs, tokens, and ICOs; and
  • define clear taxonomies of tokens based on their nature, characteristics and economic realities.

The SEC is also setting up a regulatory sandbox that will offer a ‘safe space' in which start-ups can "test innovative products, services, business models and delivery mechanisms relating to the capital market in a live environment without immediately satisfying all the necessary regulatory requirements".

FIRS: The FIRS as yet does not have a position on the tax treatment of VFA transactions in Nigeria. However, it recently observed that emerging technologies⁠ such as artificial intelligence and blockchain⁠ make tax administration and enforcement more difficult. Its current policy direction indicates that it is aggressively expanding the tax net in Nigeria's growing digital economy. The tax net has therefore recently been expanded to include two aspects of Nigeria's digital economy:

  • online transactions; and
  • earnings from consultancy, digital, professional and technical services provided by foreign companies with a significant economic presence in Nigeria.

It thus appears likely that the FIRS may adopt a tax policy that would enable it to bring virtual assets into the tax net.

NITDA: Following its statutory mandate to develop information technology in Nigeria, NITDA views blockchain technology as one of the emerging technologies that Nigeria should leverage for global competitiveness. At a time when Nigeria is paying attention to building its digital economy, NITDA is encouraging both public and private bodies to explore the potential of blockchain technology to boost their competitiveness. Although NITDA has no framework, guidelines, regulations or standards for the adoption or use of blockchain technology, it has introduced policies and regulations governing data protection in Nigeria.

1.6 Are any industry or trade associations influential in the blockchain space?

Yes - they include:

  • the Blockchain Nigeria User Group;
  • the Fintech Association of Nigeria; and
  • the Stakeholders in Blockchain Technology Association of Nigeria.

2 Blockchain market

2.1 Which blockchain applications and protocols have become most embedded in your jurisdiction?

Cryptocurrencies, especially bitcoin. Increasingly, cryptocurrencies are being used for peer-to-peer transactions and cross-border payments.

2.2 What potential new applications/protocols are most actively being explored?

Tokenisation. A number of blockchain-based businesses are exploring the potential of blockchain through utility and asset tokens.

2.3 Which industries within your jurisdiction are making material investments within the blockchain space?

The following industries are currently making material investments in blockchain in Nigeria:

  • Financial services: Investment in this sector takes the form of investment in:
    • blockchain-powered start-ups;
    • the development of products that boost financial inclusion in Nigeria; and
    • the development of blockchain applications to improve business processes.
  • Supply chain: Gradually, logistics companies are investing in blockchain to improve their supply-chain businesses in Nigeria.

2.4 Are any initiatives or governmental programmes in place to incentivise blockchain development in your jurisdiction?

These are no specific governmental programmes in place to incentivise blockchain development in Nigeria. However, in the fintech space generally, in 2018 the Central Bank of Nigeria (CBN) and the Nigeria Interbank Settlement System (NIBSS) launched the Financial Industry Sandbox. The sandbox is an initiative managed by the Financial Service Innovators Association of Nigeria and supervised by the CBN and NIBSS.

Private initiatives have largely focused on blockchain education. They include:

  • BlockchainDev100, an initiative of the Blockchain Nigeria User Group focused on building blockchain developer talents;
  • the 500 Nigeria Devs for Ethereum Project, an initiative of the Cryptography Development Initiative of Nigeria which aims to create 1 million developers;
  • Binance Labs' 10-week incubator programme that helps blockchain entrepreneurs to deliver products with a clear product market fit; and
  • blockchain and cryptocurrency conferences and meetups in Nigeria, including CampusBCAT by Cryptotvplus and Blockchain Education Train by SiBAN.

3 Cryptocurrencies

3.1 How are cryptocurrencies and/or virtual currencies defined and regulated in your jurisdiction?

Cryptocurrencies and/or virtual currencies are not defined or regulated in Nigeria.

3.2 What anti-money laundering provisions apply to cryptocurrencies?

Although the Central Bank of Nigeria (CBN) does not presently regulate cryptocurrencies, the Anti-money Laundering/Combating the Financing of Terrorism (Administrative Sanctions) Regulations 2018 of the CBN apply. In a directive issued to banks in January 2017, the CBN required banks to ensure that existing customers which are virtual currency exchangers - and, by extension, users - have effective anti-money laundering/counter-terrorist financing (AML/CFT) controls in place.

3.3 What consumer protection provisions apply to cryptocurrencies?

Specifically, none. In fact, according to the CBN, cryptocurrency users are at great risk in Nigeria because there is no legal protection available for redress.

However, the CBN's position may not necessarily oust the jurisdiction of the Nigerian courts over matters involving cryptocurrencies. This is because cryptocurrencies are not illegal in Nigeria. Therefore, a court of law has the power to adjudicate on matters that may involve parties involved in a cryptocurrency transaction. For this purpose, the court of law may purely consider the legal relationship between the parties and determine their rights and liabilities under Nigerian law accordingly.

In Nigeria, the general legal regime for consumer protection is the Federal Competition and Consumer Protection Act 2019. If the use of cryptocurrencies involves a bank or other financial institution in Nigeria, the provisions of the CBN Consumer Protection for Banks and Other Financial Institutions 2016 and Consumer Protection Regulations 2019 may apply. In a criminal allegation scenario involving cryptocurrencies, the Cybercrimes Act, the Economic and Financial Crimes Commission Act and, where relevant, legislation on terrorism and know your customer (KYC)/AML/CFT regulations may apply.

3.4 How are cryptocurrencies treated from a tax perspective?

Neither the Federal Inland Revenue Service nor the tax agencies of each state in Nigeria have a position on the tax treatment of cryptocurrencies.

3.5 What regulatory requirements apply to a cryptocurrency trader/exchange?

The CBN's KYC and AML/CFT regulations apply by virtue of the CBN directive issued to banks in July 2017. The directive requires banks to ensure effective AML/CFT controls over customers which are virtual currency exchangers. This ensures customer identification, verification and transaction monitoring.

3.6 How are initial coin offerings and securities token offerings defined and regulated in your jurisdiction?

As yet, there is no definition of ‘initial coin offerings' (ICOs) or ‘securities token offerings' (STOs) in Nigeria. Also, Nigeria has no regulations on ICOs and STOs. If or when the Securities and Exchange Commission (SEC) - the regulator in charge of investments and securities - becomes interested in ICOs and STOs, it may either apply the provisions of the existing Investments and Securities Act 2007 or come up with specific regulations in this regard. Meanwhile, the SEC has published an exposure draft on crowdfunding which would regulate investments and securities offered through a crowdfunding platform to members of the public.

4 Smart contracts

4.1 Can a smart contract satisfy the legal requirements of a legal contract under the laws of your jurisdiction? What will be considered when making this determination?

Yes, a smart contract can satisfy the legal requirements of a legal contract under Nigerian law. Whether this is the case will depend on whether the smart contract in question has all elements of what constitutes a valid contract under Nigerian law - that is:

  • an offer by one party;
  • acceptance of the offer by the receiving party;
  • consideration from the receiving party to the party making the offer; and
  • the intention of the parties to create a legal relationship.

Nigeria - a common law jurisdiction - can adapt to the features of smart contracts with regard to their enforceability.

4.2 Are there any regulatory or governmental guidelines or policies within your jurisdiction which provide guidance on regulating/defining smart contracts?

No, there are no regulatory or governmental guidelines or policies on smart contracts in Nigeria.

4.3 What parts of traditional contract might smart contracts be able to replace?

Human intervention: Smart contracts are self-executing contracts; thus, execution of the contract terms - once automated - does not require human intervention, unlike traditional contracts.

Trust and performance: Unlike traditional contracts, which are dependent on the parties' trust in each other, the parties to a smart contract do not have to trust that each will perform the terms of the contract, because performance is premised on a computer program.

Manual or electronic signatures: With smart contracts, the parties must execute the contract with their digital signatures - private keys. These replace regular manual or electronic signatures.

Enforcement: Unlike traditional contracts, where the parties may rely on intermediaries or third parties such as mediators, arbitrators and judges for mediation, arbitration or adjudication regarding failure, neglect or refusal to perform a contract or any term thereof, smart contracts rely on self-enforcing codes.

Paper or electronic contract documents: Smart contracts are codes and are recorded in a digital ledger, thus replacing paper or electronic documents.

4.4 What parts of traditional contracts might smart contracts be unable to replace?

Valid contract: To be enforceable, smart contracts must still fulfil all criteria of a legal contract.

Legal knowledge and expertise: Smart contracts are still governed by the same legal principles and laws that govern traditional contracts; thus, the parties still need access to legal knowledge and expertise provided by lawyers.

Natural language: Smart contract codes do not necessarily replace the natural languages used in traditional written contracts, but typically function as a ‘wrapper' for traditional contracts.

4.5 What issues might present themselves in your jurisdiction with regard to judicial enforcement of smart contracts?

Whether smart contracts meet the requirement of contracts ‘in writing': Although a contract need not be in writing to be enforceable in Nigeria, certain contracts are specifically required to be in writing or evidenced in writing; otherwise, they are unenforceable. Under the Statute of Frauds 1677 - an English law which applies in Nigeria - the following contracts must be in writing:

  • arbitration agreements;
  • agreements between shipmasters and seamen;
  • bills of exchange;
  • bills of sale;
  • contracts for hire purchase;
  • declaration of trusts in respect of land and dispositions of interests in land;
  • legal practitioners' agreements with clients for remuneration;
  • marine insurance policies;
  • money lenders' contracts; and
  • pawnbrokers' agreements for a pledge.

One legal issue that may thus arise is whether a source code or object code used in writing a smart contract constitutes a contract in writing. Adjudicators may reasonably treat the source codes or object codes behind smart contracts as meeting the requirement for contract in writing - as long as such codes are written representations in a medium of expression, whether understandable or not - if they are decodable or interpretable terms of the contract between the parties.

Whether a private key meets the requirement of ‘signature' or ‘electronic signature' under Nigerian law: Enforcement of a smart contract may turn on whether the alleged contract was executed or signed. Various laws appear to have different requirements in this regard. Under Section 93(2) of the Evidence Act, if a document that requires a signature is not signed, an electronic signature is valid. But under the Cybercrimes Act, although electronic signatures are binding, they are invalid for certain transactions, rendering the contract unenforceable. Such contracts include:

  • wills, codicils and other testamentary documents;
  • death certificates;
  • birth certificates;
  • contracts relating to matters of family law, such as marriage, divorce or adoption;
  • court orders, notices and official court documents such as affidavits, pleadings and motions etc;
  • cancellation or termination of utility services;
  • any instruments required for the transportation or handling of dangerous solid or liquid materials; and
  • any documents ordering the withdrawal of drugs, chemicals or other materials, because such items are fake, dangerous or expired, as ordered by any authority empowered to do so.

The Statute of Frauds is more flexible, requiring proof of intention to authenticate the communication. Therefore, depending on the nature of a particular case, determining whether a private key or digital signature meets the requirement of a signature or electronic signature in Nigeria may present a judicial challenge. It is difficult, however, to see why a signature that is cryptographically secured cannot be considered to be an electronic signature, since it is in electronic form.

4.6 What are some practical considerations that parties should consider when drafting a smart contract?

Decentralisation: Parties should ensure that a smart contract deploys decentralised ledger technology that does not rely on any central authority, intermediary or third party, so that its performance is based on a truly trustless technology.

Automation: Because smart contracts self-execute in accordance with how they are programmed by the parties, parties should ensure that the codes have been comprehensively reviewed for any errors.

Security: Parties should ensure that smart contract codes have been carefully audited before being deployed on a blockchain, as any bug in the code or poorly written code may result in unforeseen consequences.

Limitations: Parties should consider that smart contracts are inherently limited to conditional logic, unlike traditional contracts, which offer relative flexibility due to their ambiguity.

Oracles: Parties should ensure that the external triggering events that will determine legal consequences based strictly on pre-programmed codes are free from erroneous data, data manipulation, data corruption and data failure.

On-chain or off-chain transactions: Parties should consider whether the smart contract transaction should be on chain rather than off chain. This will affect the immutability of the terms of the smart contract, the speed of the network and costs.

Costs: Although the deployment of smart contracts may require some investment upfront, parties should consider that smart contracts also afford the opportunity to reduce costs compared to third-party, fee-charging traditional contracts.

Loopholes in the code: A party may unduly explore a loophole in the letters of the code in a smart contract to achieve an end that is inconsistent with the spirit of the code; thus, parties must ensure that the intentions of the parties are clear from the outset.

Validity: Parties should be aware that if they wish to create personal or business relationships with legal rights and liabilities, the code of logic (source code and object code) will be inadequate if legal requirements are not considered.

Privacy and confidentiality: Parties that consider privacy or confidentiality to be vital when entering into a smart contract should consider whether a private blockchain would be more suitable than a public blockchain.

4.7 How will the foregoing considerations differ when smart contracts are running on a private versus public blockchain?

Decentralisation: Private blockchains are highly centralised; thus, parties should ensure that there is no central authority, intermediary or third party that will need to be trusted to ensure performance of the contract.

Automation: Whether on a private or public blockchain, automation does not differ.

Security: While private blockchains provide greater speed, public blockchains typically have improved security due to their decentralised nature.

Limitations: These apply to both private and public blockchains.

Oracles: Parties to a private blockchain-based smart contract typically have more control over the determination of external triggering events upon which the smart contracts rely compared to smart contracts on a public blockchain.

On-chain or off-chain transactions: On-chain transactions that guarantee immutability are provided on public blockchains, but not on private blockchains. On public blockchains, details of the smart contract transaction are recorded on the block and then distributed to the entire blockchain, making the transaction irreversible. Private blockchain-based smart contracts may require intermediaries.

Costs: Generally, the deployment of a smart contract on a public blockchain is less costly, but transactions over the network are costlier. Accessing a private blockchain for the purpose of creating a smart contract may involve higher costs. Also, with private blockchains, parties may still require the presence of a third party or intermediary.

Loopholes in the code: Undue exploitation of a loophole in the code of a smart contract is a risk on both private and public blockchains. However, unintended transactions are reversible on a private blockchain.

Validity: While smart contracts on private blockchains may be strictly smart legal contracts, public blockchains make possible smart contracts that regulate the affairs of a decentralised autonomous organisation (DAO). In determining the validity of such smart contracts, the legal considerations for smart legal contracts between legal persons and entities will differ from a DAO-based smart contract between members of a faceless, autonomous community.

Privacy and confidentiality: Private blockchain-based smart contracts afford the parties privacy and confidentiality; unlike public blockchains, which are open and transparent.

5 Data and privacy

5.1 What specific challenges or concerns does blockchain present from a data protection/privacy perspective?

Decentralisation, distribution and immutability - three characteristics of blockchain - present a challenge from a data protection/privacy perspective. A blockchain is typically a decentralised and distributed digital ledger which stores data in an immutable manner. In effect, its decentralised nature means that there is no central or identifiable data controller; and its distributed nature means that there is no central storage or single record of personal data. Immutability means that once data is stored on the blockchain, it is extremely difficult to alter and impossible to delete.

Data protection regulations require an identifiable data controller who centrally collects, processes, stores or transfers the personal data of data subjects. Also, data subjects are usually conferred with the right to modify or erase their personal information as stored by the data controller. This is also the case under the Nigerian Data Protection Regulation (NDPR), which regulates data privacy in Nigeria.

Under the NDPR, a data controller must state the period for which personal data will be stored or, if this is not possible, the criteria used to determine this period. Also, the NDPR obliges a data controller to permit a data subject to access and rectify or erase his or her personal data, among other things. Upon request, the controller must delete the data subject's personal data on any of the following grounds:

  • The personal data is no longer necessary in relation to the purposes for which it was collected or processed;
  • The data subject withdraws the consent on which the processing is based;
  • The data subject objects to the processing and there are no overriding legitimate grounds for the processing;
  • The personal data has been unlawfully processed; or
  • The personal data must be erased to comply with a legal obligation in Nigeria.

Therefore, the NDPR does not contemplate a decentralised, distributed and immutable ledger system such as blockchain. This is a challenge for businesses, public agencies and regulators.

5.2 What potential advantages can blockchain offer in the data protection/privacy context?

Data ownership: Blockchain offers decentralisation, thus making user control possible. Data subjects thus have control over their personal data, since they no longer need rely on any third party to collect, use, store or transfer their personal data.

Improved data security: Blockchain's distributed ledger system - save for private or federated blockchains - offers improved security against hacks or malicious attacks. Unlike centralised systems, there is no single server to attack.

Data privacy: Blockchain offers the advantage of enhanced data privacy through its private encryption keys. With these private encryption keys, data subjects have control over their data and can choose where their personal data is sent and what it is used for. This is privacy by design.

Data transparency: Because blockchain offers the advantage of transparency, every transaction concerning the use of personal data is open. As a result of this transparency, any data breach is not only recorded, but traceable.

6 Cybersecurity

6.1 What specific challenges or concerns does blockchain present from a cybersecurity perspective?

The likelihood of 51% attacks with smaller networks: It is possible - at least in theory - for a hacker to interfere with a blockchain network if it can gain at least 51% control of the nodes in the network. While this is extremely difficult to achieve in a large network, it is easier for smaller networks. For instance, while it would theoretically cost $511,518 per hour to launch a 51% attack on Bitcoin, it would cost $500 per hour to achieve the same thing on BitcoinGold and $15 per hour on BitcoinZ. So with the right incentive, 51% attacks are possible.

A new kind of identity theft: One major cybersecurity challenge which blockchain presents is the use of cryptographic keys. Anonymity and pseudonymity are security features of the blockchain. Identity (ownership) on the blockchain is determined by the possession of a private and public key, since there is no real identity on the blockchain. While these keys by themselves are difficult to crack, there is a risk of unauthorised access if a third party can gain access to the keys and impersonate the owner.

Bugs, errors and mistakes in programming: Blockchain programmes, if poorly executed or badly managed, can become vulnerable to cyberattacks. The system may be compromised in the case of a mistake or error in the programming.

6.2 What potential advantages can blockchain offer in the cybersecurity context?

Safer and more secure authentication: With blockchain technology, the weakest links in the security chain – human beings – are eliminated from the task of authenticating devices and users. This is because, unlike centralised security architecture that relies on passwords, blockchain technology provides each device with a unique secured socket layer certificate.

Improved verification system: On a blockchain network, each node or participant – not a central authority – verifies any data that is added to the chain. This ensures that no data can be added or removed without first being validated or verified by the participating nodes. Also, the probability of falsifying data is zero.

Prevention of distributed denial of Service (DDoS) attacks: A DDoS attack is launched against a centralised network, server or website by multiple compromised computer systems. This attack disrupts services and consequently affects or denies users access to the services. Given blockchain's distributed structure, in which data is duplicated across different nodes or computer systems, DDoS attacks are impeded. There is no central or single system to attack, but rather a distributed ledger system which is significantly more complex than the multiple compromised computer systems that DDos attacks rely on.

Enhanced auditability: Every transaction on a blockchain is time-stamped, with each transaction traceable to a user. Each transaction data is recorded in a history log, thus making auditability possible through public addresses.

Enhanced sustainability: If there is an attack on the chain that results in certain nodes being damaged, the system will continue to operate normally with the other nodes that have not been damaged. This is because blockchain operates with many nodes, thus ensuring that there will always be a backup of each transaction.

6.3 What tools and measures could be implemented to mitigate cybersecurity risk?

Antivirus protection: Blockchain may be unhackable, but any weakness in a security chain will make an otherwise secure system vulnerable to cyberattacks. With a good antivirus program, devices can be better secured against cybersecurity risks.

Cold wallet storage: To protect virtual assets from cyber insecurity, they may be locked in a cold wallet. A cold wallet works like a flash drive. The owner can access the virtual assets only by connecting it to a device or system.

Multi-signature wallet: A multi-signature wallet ensures that no one person can approve or complete a transaction without the approval of at least one other person. With a minimum of two private keys, a transaction is securely approved and completed.

Two-step authentication: To minimise or avoid cybersecurity risks when virtual assets are stored on an exchange, two-step authentication is used to secure accounts. Because this is typically linked to the owner's devices or email accounts, it is strongly advised to ensure that all devices are also secured.

Keeping private keys safe: Private keys should not be stored in places where unauthorised persons can access them. Keep them strictly confidential.

Testing and auditing codes: Ensure that codes used to write the programme are error free and bug free. To achieve this, adopt peer review.

Updating the computer programme: For enhanced cybersecurity, it is vital to keep all programs updated, to help protect against bugs.

7 Intellectual property

7.1 What specific challenges or concerns does blockchain present from an IP perspective?

Open-source versus exclusivity: In contrast to how IP works, granting exclusive ownership to rights holders, blockchain innovations are largely open source. This presents a challenge for companies and organisations that are developing various blockchain applications for various industries and expect exclusive IP rights to such applications. As blockchain-intensive industries evolve, this open source-exclusivity dichotomy will become critical.

Eligibility of computer-generated inventions for IP protection: Blockchain innovations are largely computer-generated or software innovations: algorithms, configurations and data structures. In many countries, including Nigeria, the patentability of computer-generated inventions or software programs is uncertain. This uncertainty extends to the validity or otherwise of software patents. In Nigeria, the Trademarks, Patents and Designs Registry – quite strangely – treats all software programs, whether inventive or not, as eligible only for copyright protection. This is because the Nigerian Copyright Act expressly lists software programs and computer programs as works of copyright. However, the registry may have failed to consider that the Patents and Designs Act does not exclude computer-generated inventions or software programs from patentability, as long as they meet the statutory requirements for patent registration in Nigeria.

Data aggregation and IP rights: Just like artificial intelligence from an IP perspective, blockchain aggregates a lot of data. This may include works that enjoy IP protection under the various IP regimes of different jurisdictions. Apart from rights holders themselves, data aggregators are increasingly seeking IP protection for arranging hitherto disorganised data. Particularly in today's era of big data, when data rights protection is already a struggle, data aggregation with blockchain technology presents a challenge for rights holders.

Patent trolling: Particularly because blockchain technology is an emerging technology, it is very likely that companies may obtain patents for blockchain inventions which they do not use. Such companies may instead prefer to monetise their patents by suing infringers or collecting patent licensing fees from companies that use those inventions in industry. As foreign blockchain-based businesses invest in Nigeria and as more local companies develop and apply blockchain technology, the market will become competitive. This will likely result in an increase in patent trolling, especially in the fintech space.

Smart contracts: While smart contracts can facilitate micro-payments and ensure that rights holders receive due compensation for their intellectual property, the judicial enforceability of smart contracts is still a big question in most jurisdictions, including Nigeria.

Determining jurisdiction: IP rights regimes are completely tied to jurisdiction. Where jurisdiction is indeterminable, this presents a challenge in terms of IP rights enforcement. There is a need for legal certainty in this regard.

Blockchain scalability: The massive size of blockchain databases presents scalability issues, which can be a challenge when speed is vital to a transaction. So while the security of blockchain is generally not in doubt, speed is a cause for concern.

Database rights: Another related issue is whether data on a blockchain is property. Concerning property rights in information, a common law jurisdiction such as Nigeria does not treat information as it does personal, intellectual or real property. Therefore, there is a challenge in determining whether data or information on the blockchain is subject to IP rights. Database rights are still underdeveloped in many jurisdictions, including Nigeria. While the Nigerian Copyright Act recognises compilations as being eligible for copyright protection, it has no specific provisions on database rights. This may disincentivise investment in database development and management.

7.2 What type of IP protection can blockchain developers obtain?

Copyright: Blockchain developers can enjoy copyright protection for original works. Copyright protects original literary, musical and artistic works. It grants authors or creators the exclusive right to produce, distribute, assign, license or do other things with the work. Although most blockchains are open source, codes used in writing blockchain applications or programs may be protected by copyright. Particularly for blockchain developers building innovations for enterprise and governments, copyright ensures that they enjoy protection to their works and can sue for damages in the event of any infringements. In Nigeria, which is a signatory to the Berne Convention for the Protection of Literary and Artistic Works, copyright protection does not require formal registration. Protection is automatic upon the creation of an original work of copyright. However, under its copyright notification system and upon application, the Nigerian Copyright Commission provides a certificate as proof of copyright ownership. The Nigerian Copyright Act applies to copyright in Nigeria.

Patents: A patent confers exclusive right in an inventive process or product. Where an innovation is new or is an improvement on an existing invention, the inventor may obtain a patent. Under Nigeria's Patents and Designs Act, blockchain developers can obtain patents for their innovations if such innovations are new, inventive and capable of industrial application. A patent is an exclusive right. In Nigeria, as in most jurisdictions, a patent is granted for 20 years, to enable the inventor to profit from its inventive effort. A blockchain patent holder may choose either to use the patented technology itself or to license it to a user or other users. With a patent, a blockchain developer has a competitive edge. Without a patent, an inventor has no legal right to sue for damages in the event of infringement.

Trade secrets: Particularly when patent protection is either unavailable or unsuitable, valuable commercial or technical information may be protected through trade secrets. A trade secret is an IP right centred on confidential information. Blockchain developers can leverage trade secrets for competitiveness. With trade secrets, blockchain developers can protect blockchain programmes, algorithms, network configurations, data structures and source code. To be able to do so, the confidential information must be commercially valuable because:

  • it is a secret;
  • it is known only to a limited number of persons; and
  • the rightful holder has taken reasonable steps to secure the secret.

Having protected the trade secret, a blockchain developer can prevent its unauthorised disclosure. In Nigeria, there is no trade secret legislation. Therefore, protection through trade secrets in Nigeria is limited to persons that are party to a contract such as a non-disclosure agreement.

Trademarks: As a type of IP right, trademarks protect distinctive names, logos, slogans and other words or combinations of letters used in connection with blockchain products or services. In Nigeria, trademarks may be registered or unregistered. While registered trademarks are protected under the Trademarks Act, unregistered marks are protected under the common law principle of passing off. Blockchain developers can use trademarks to protect brand power and secure brand value. Brand protection – when well aligned with business goals and growth strategy – can significantly support business growth and increase brand value. Blockchain developers that get trademarks right – as well as their entire IP strategy – will have a sharper competitive edge when it comes to business growth and expansion, partnerships and collaborations, and marketing and sales.

7.3 What are the best open-source platforms that could be used to protect developers' innovations?

Most of the well-known blockchain innovations today are open source, from Bitcoin to Ethereum, Hyperledger and Corda. Blockchain developers that wish to leverage open-source platforms to protect their innovations may use any of the following open source platforms or licences:

  • a GNU General Public Licence (GPL);
  • an MIT licence;
  • an Apache licence;
  • a BSD licence; or
  • the lesser-known Eclipse public licence or Mozilla public licence.

GNU GPL: GNU GPL was the first copyleft licence. GPL may be run for all purposes, including commercial purposes, and even as a tool for creating proprietary software. As a copyleft licence, GPL requires that any derivative work be distributed under the same or equivalent licence. GPL guarantees users the right to use, modify and distribute the code. There are multiple variants of the GNU GPL, each with different requirements: GPLv1, GNU GPLv2, and GNU Lesser General Public Licence v3.0. Each version shares common permissions, conditions and limitations, but has one or more distinct requirements. Ethereum is licensed under the GNU Lesser General Public License v3.0.

MIT licence: This is a short and simple permissive licence with conditions requiring only preservation of copyright and licence notices. Licensed works, modifications and larger works may be distributed under different terms and without source code. The MIT licence permits commercial use, modification, distribution and private use on the conditions of licence and copyright notice. There is no liability or guarantee. Bitcoin is licensed under the MIT licence.

Apache licence: This is a permissive and free licence, open for use for any purpose. Users must preserve the copyright and licence notices. Contributions are required to expressly grant patent rights. Licensed works, modifications and larger works may be distributed under different terms and without source code. Apache, specifically version 2, permits commercial use, modification, distribution, patent use and private use. The conditions of use are that developers grant a licence, publish a copyright notice and state changes. There is no liability, warranty or trademark use. Corda, Hyperledger and (the controversial) Libra are licensed under the Apache 2.0 licence.

BSD licences: BSD licences offer users a series of permissive free software licences. Unlike copyleft licences, BSD licences impose restrictions on how the derivative software will be used and distributed. If the software is redistributed in source code, users must retain the BSD licence notice. If users redistribute the software in binary format, they must reproduce the notice. The BSD licence, unlike some other licences, does not require that source code be distributed.

Mozilla public licence and Eclipse public licence: Others weaker copyleft licences include the Mozilla public licence and the Eclipse public licence. The Mozilla public licence is a hybrid of permissive free software licences and the GPL. It attempts to strike a commercial balance between a developer's proprietary interest and the advantages afforded by open source. With the Mozilla public licence, developers may re-license, allowing developers to choose a proprietary licence or convert into a copyleft licence such as the GPL. Lastly, the Eclipse public licence is a free open-source licence with weaker copyleft provisions than licences such as the GNU GPL.

7.4 What potential advantages can blockchain offer in the IP context?

With existing and emerging technologies disrupting traditional systems, the present IP regime will increasingly become unsustainable. For sustainability, rights holders and IP offices need to leverage emerging technologies, including blockchain, to maximise the benefits of intellectual property. This involves opening up creativity and innovation to all, while securing compensation for creators and innovators. Blockchain can help with that. Blockchain is essentially a technology that enables the transfer or exchange of value between or among parties in a secure and transparent manner. IP rights have become highly valuable assets in today's global economy. Blockchain will boost access to IP works, but without compromising the economic (and moral) rights of creators or innovators. Some potential advantages that blockchain can offer in the IP context include the following.

Smart IP rights management: With blockchain, IP rights management will become more efficient. The entire lifecycle of any IP asset will be recorded in a digital ledger that is decentralised and distributed, ensuring security and transparency. On the one hand, smart contracts can help with IP transactions such as IP assignments and licences, ensuring compensation once the IP asset has been accessed or used. Smart contracts are also a solution for micropayments for the use of content. On the other hand, IP offices can run smart IP registers in a permissioned or permissionless blockchain, allowing anyone to trace or confirm the status of any IP asset in the ledger: ownership, assignments, licences, sub-licences, expiration and even validity.

Evidence of ownership, creatorship and title: The present IP system largely functions under a registration regime, whereby creators and innovators must apply to register a patent, trademark, industrial design and – in jurisdiction as the United States – copyright. This leaves a weak protective shield for owners of unregistered intellectual property. Blockchain – with its decentralised and immutable ledger – can record all registered and unregistered IP assets from the time of creation to the time of publication. Blockchain's time-stamped record and suitability features will help to provide evidence of the creatorship of unregistered IP assets.

Compensation for IP rights in the digital age: One of the major reasons why IP infringements have increased in the digital age is because many media platforms – particularly social media – have become hotbeds of infringement, with largely inadequate enforcement mechanisms. The same work – such as an e-book or a song in digital format – can be replicated, reproduced and distributed without permission from the owner or the original publisher. This is digital piracy: a problem made possible by the Internet's status as a trust-based information technology. Consequently, authors – such as artists, musicians, photographers and writers – and publishers do not get the compensation they deserve due to the unauthorised reproduction and distribution of their works. Blockchain – a trustless value technology – will solve the ‘double-spend' problem in the IP context. The double-spend problem is the digital currency equivalent of the digital piracy problem in the IP world. With blockchain, it will now be extremely difficult to replicate or reproduce more copies of a digital work from a single unit.

Anti-counterfeiting and IP rights enforcement: One of the main reasons for the alarming increase in counterfeiting around the world is the lack of traceability of the source of IP products in the supply chain. When IP assets are recorded on the blockchain, the rate of counterfeiting should reduce significantly. The source (including the source of raw materials), manufacturing process, production time and process, shipping and movement of IP assets can all be verified on the blockchain. Only verified participants are given access to the supply chain. To prevent counterfeiting by tracing product supplies or shipping, manufacturers can add to their original IP products scannable blockchain-connected tags or tamper-proof seals, which allow them to trace any counterfeiters in the supply chain and enforce their rights against such counterfeiters.

IP rights tokenisation: ‘Tokenisation' simply means the representation of legal rights or assets in digital form. The digital form takes the form of a token: a combination of alphanumeric characters that functions as an asset with cryptographic protection. Rights holders can tokenise their IP rights by breaking legal rights or assets into fractions. The underlying asset will be the IP asset itself. By tokenising IP rights, rights holders can create new markets for their intellectual property, efficiently monetise their IP portfolios, create a unique source of capital for new products, boost liquidity and minimise administrative and legal costs, among other benefits.

8 Trends and predictions

8.1 How do you think the regulatory landscape in your jurisdiction will evolve in the blockchain space over the next two years? Are any pending changes currently being considered?

Over the next two years, it is expected that the regulatory landscape in Nigeria will evolve from the present state of relative legal uncertainty to a state of greater legal certainty.

With regard to security token offerings, it is expected that the Securities and Exchange Commission (SEC) will put in place a framework to regulate the securities aspects of virtual assets in Nigeria. It is expected that a specific licensing regime will be introduced. Whether the SEC's regulatory requirements will support or stifle innovation will depend on the SEC's policy, its appetite for balancing innovation against investor protection and the general direction of the government on blockchain. The SEC is currently considering a regulatory framework for virtual assets in Nigeria.

In the financial services industry, where the Central Bank of Nigeria (CBN) is the regulator, it is thought unlikely that the CBN will put in place any specific regulations for cryptocurrencies in the next two years. This is largely due to the CBN's conservative and very cautious approach thus far. Introducing specific cryptocurrency regulations may be considered – rightly or wrongly – as official recognition or acceptance of cryptocurrencies in Nigeria. Therefore, cryptocurrencies will most likely remain a decentralised currency adopted and accepted at the adopter's or owner's risk. Regarding possible regulation, there are no pending changes at present.

From a tax perspective, the Federal Inland Revenue Service (FIRS) has so far been silent about the tax treatment of virtual assets in Nigeria. Regardless of whether the FIRS treats a particular virtual asset as a commodity, cryptocurrency, property or security, its current policy of expanding the tax net will doubtless come into play.

Lastly, as regards blockchain applications in other industries – including agriculture, entertainment, justice, health, real estate, sport, supply chain and other industries beyond financial services – regulation is not expected in the next two years. This is because blockchain applications in these areas are still in their infancy. Although the government may begin to consider the use of blockchain applications in relation to elections, land registers, public contracts and similar areas of public interest, the regulatory landscape is not expected to change much for now.

8.2 What regulatory changes would you like your jurisdiction to implement to further advance the blockchain industry?

Policy should come before regulation: At present, neither the relevant agencies in Nigeria nor the Nigerian government has a policy on blockchain. Without a clearly defined policy, any attempt to introduce regulations in the evolving blockchain industry without first conducting extensive research after wide consultations with stakeholders may not result in an efficient or effective regulatory regime. The ubiquity of blockchain calls for a broad-based approach, rather than a scattergun approach, to regulation. Policy formulation should help with this, given that legal regimes and regulatory compliance should always be based on clear policy.

Regulation should not stifle innovation: Most regulators primarily focus on the legal and compliance aspects of regulation, introducing licensing requirements and enforcing penalties against innovators or actors in the space. While this rule-based approach is great for legal certainty and consumer protection, it often results in negative consequences if poorly managed. Regulators in the blockchain industry – as well as other emerging technology industries – should also consider the other critical aspects of regulation, apart from legal and compliance, as follows:

  • consultation (in order to secure buy-in from players in the space from the outset);
  • facilitation (to ensure a level playing field for both existing and new investors);
  • incentives (to encourage innovators to create globally competitive products and services by providing sandboxes and other incentives that allow them to innovate without having to take account of all the risks associated with such innovations); and
  • collaboration (to work with groups or associations to explore self-regulation).

Proper classification of virtual assets: Regulators in the blockchain industry must get the classification of virtual assets right. This will ensure that institutional investors have greater confidence in the industry and should minimise enforcement challenges. For example, the SEC – by virtue of its powers under the Investments and Securities Act – has no regulatory powers over any token or coin considered or classified as a cryptocurrency. Similarly, the CBN has no regulatory powers over any token or coin considered or classified as anything other than a cryptocurrency. And the FIRS has no power to tax a token or coin that is considered a cryptocurrency, subject to any applicable charges on income or profits from cryptocurrencies – except where considered or classified as a property or commodity. To avoid conflicting treatments of tokens or coins by different regulators, the regulators should consider a joint approach to virtual assets.

Regulation should focus on the risks and opportunities, not the technology: Blockchain should be considered as a technology that does not require completely new laws or regulations; it is rather the risks and opportunities that it creates from new relationships that require regulation. Regulation may never be able to keep up with technological innovation. Therefore, regulators should consider adopting a broad, innovative and protective framework that allows them to approach these risks on a case-by-case basis. This is especially vital as the blockchain industry is still in its infancy – particularly in Nigeria, where we are yet to see high-growth blockchain-based or blockchain-powered businesses.

8.3 What is the largest impediment within your jurisdiction to the adoption of blockchain technology?

The absence of (innovative) regulation.

9 Tips and traps

9.1 What are your top tips for effective use of blockchain technologies in your jurisdiction and what potential sticking points would you highlight?

Blockchain hype: Blockchain users should focus on the problems that their blockchain-powered products or services aim to solve and not get carried away with the blockchain hype. The hype around blockchain without cogent use cases continues to negatively affect mass adoption.

Blockchain should run behind the scenes: Many blockchain users often attempt to ‘shove the technology down the necks' of prospective adopters. This approach is unwise. Efforts should rather be channelled towards investing in products and services that enable blockchain users to leverage the power of blockchain as an enabler, rather than focusing on the innovative product or service itself.

Global innovation for local problems: If blockchain users fail to apply blockchain to solve local problems for individuals, businesses and government, local adoption of blockchain will be difficult to achieve.

Education is key – but it's not everything: While the importance of blockchain education cannot be overemphasised, many blockchain users appear to believe that educating prospective adopters about how blockchain works will result in increased adoption. This is not necessarily so. A prospective adopter who wishes to transfer money to his brother from Lagos to Nairobi just wants a remittance solution, whether it is powered by blockchain or not.

Blockchain interoperability: To boost the adoption of blockchain, all stakeholders must work towards making all blockchains interoperable. If blockchain is truly the ‘third-generation Internet' or decentralised Internet, interoperability is critical.

Blockchain innovation does not operate in a vacuum: Many blockchain users tend to go about their blockchain innovations or businesses in a manner that suggests that they are operating in a vacuum – a free and lawless space. This is not the case. Although it is true that specific regulations are lacking in the blockchain space in Nigeria, the general laws and regulations of the country still apply. Therefore, it is vital for blockchain users to bear legal, regulatory and considerations in mind at all times.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.