Cover Image for Understanding the Implications of CBN's Draft Baseline Standards for Automated AML Solutions in Nigerian Financial Institutions

Chinedu Nwakanma

June 16, 2025

CBN Just Mandated Real-Time AML Monitoring: Here’s What It Means

(and Why Sigma Is the Most Prepared Solution in Africa)

Compliance Is No Longer Optional for Nigerian Banks, Microfinance and Fintechs.

On May 20, 2025, the Central Bank of Nigeria (CBN) issued an Exposure Draft requiring all financial institutions, including commercial banks, fintechs, mobile money operators, and other licensed entities, to implement automated Anti-Money Laundering (AML) solutions capable of real-time transaction monitoring and anomaly detection.

This is no longer an optional upgrade. It's a regulatory demand, and institutions have just 12 months to comply.

But beyond the timeline, this directive signals a broader shift in how the Nigerian financial system is expected to detect and prevent financial crime.

The message is clear:

Legacy tools are no longer sufficient.

Compliance must now be real-time, AI-driven, and deeply embedded in your core infrastructure.

What Exactly Does the CBN Require?

According to the CBN’s “Baseline Requirements for AML Software,” financial institutions must now ensure they meet the following AML standards:

1. Comprehensive AML Functionality

AML solutions must include risk profiling, PEP/sanctions screening, behavioural analysis, transaction monitoring, KYC/KYB support, and customisable rules. They should feature a centralised dashboard for real-time tracking and reporting, with user-friendly interfaces and support for multi-language/multi-currency environments.

2. System Integration & Scalability

Solutions must integrate end-to-end with internal systems (e.g., core banking, onboarding) and external data sources through standard-based APIs (like RESTful APIs). They must also support batch processes and scale efficiently to handle increasing transaction volumes.

3. Sanctions & PEP Screening

AML systems must screen customers against domestic and global watchlists using AI-powered fuzzy matching to catch aliases and misspellings. They should also include adverse media monitoring and maintain regularly updated sanction/PEP lists.

4. Transaction Monitoring & Risk-Based Analysis

The system must use AI and ML to detect suspicious behaviour and patterns, including cross-border transfers, crypto, and cash-heavy activity. It should support real-time risk scoring, configurable rules, adaptive learning, and peer analysis.

5. Customer Due Diligence (CDD), KYC & KYB

Solutions must automate onboarding, integrate with BVN/NIN, and support risk-based profiling with ongoing classification. They should trigger Enhanced Due Diligence (EDD) for high-risk profiles and maintain synchronised, up-to-date customer data.

6. Dynamic Risk Assessment

AML tools must conduct automated, continuous risk assessments, adapting profiles based on new data. Solutions should enable customizable risk scenarios, alert thresholds, and use techniques like adaptive learning and automated scenario calibration.

7. Automated Regulatory Reporting

Systems must generate electronic reports (e.g., STRs, SARs, CTRs, FTRs) to the NFIU, with configurable templates, automated case escalation, and real-time dashboards to monitor internal and external compliance obligations.

8. Case Management

Must include an Enterprise Case Management module with automated case creation, risk-based prioritisation, maker-checker workflows, escalation paths, ageing trackers, and detailed audit logs to ensure transparent, accountable investigations.

9. Security & Data Protection

Solutions must ensure end-to-end data encryption, role-based access control, and multi-factor authentication, especially for privileged users. They must comply with the Nigerian Data Protection Act (2023) and maintain comprehensive audit trails.

10. Compliance Monitoring & Enforcement

FIs are expected to maintain ongoing compliance. CBN will conduct periodic system validations and inspections, and institutions found non-compliant may face regulatory sanctions or penalties.

What This Means for You

If you’re a CTO, Head of Compliance, or Product Lead at a financial institution, this is not just a compliance update; it is a paradigm shift.

You now need systems that are:

Intelligent enough to analyse thousands of transactions in real time
Agile enough to flag emerging fraud patterns without delay
Compliant with local and international regulatory frameworks
Integrated into your system via secure and reliable APIs
And crucially, built with African realities in mind

Why Sigma Is the Most Prepared AML Solution in Africa

Sigma is a purpose-built, AI-powered AML solution developed specifically for African financial institutions. Long before this mandate, Sigma was engineered to meet and exceed these requirements.

Here’s how we deliver:

1. AI-Powered Anomaly Detection

Sigma utilises machine learning models trained on African financial data to identify transaction anomalies, behavioural shifts, and unusual activity, ensuring high detection accuracy within the local context.

2. Comprehensive PEP & Sanctions Screening

Sigma screens every transaction and customer against a growing database of global and African PEP and Sanctions lists. We are also building Africa’s most comprehensive, constantly updated sanctions and PEP database, so you never miss a bad actor.

3. Seamless API Integration

Designed with developers in mind, Sigma is API-first, allowing for swift, secure integration into your core banking systems, payment rails, or digital platforms, with little disruption to existing workflows.

4. Dynamic Risk Scoring & Profiling

Our system generates real-time risk scores for users and transactions based on behaviour, velocity, transaction size, geolocation and other relevant criteria, empowering smarter decision-making.

5. Rule-Based + AI Flexibility

Combine custom rules to catch known risks with AI-powered logic to safeguard against the unknown. This hybrid approach ensures both precision and adaptability as fraud evolves.

6. Explainable AI

Every alert comes with transparent explanations. Your compliance team sees the exact patterns, logic, and triggers behind each flagged activity. No black box decisions, just clear insights.

7. Automated Regulatory Reporting

Sigma automatically generates auditable reports that meet CBN and NFIU compliance standards, reducing your manual workload and making internal and external audits significantly easier.

8. Built for Regulatory Readiness

We’re already aligned with the Nigerian Financial Intelligence Unit (NFIU) and regulatory expectations. Sigma’s reporting formats, data handling, and detection models are built to help you stay ahead of compliance checks.

In Conclusion?

CBN’s AML mandate has effectively raised the bar for compliance technology across Nigeria’s financial ecosystem. The countdown has already begun. Waiting till the last minute will only increase implementation risk and regulatory exposure.

Institutions that act early will not only meet compliance but also strengthen their defences, protect customer trust, and reduce operational risk.

Sigma isn’t just compliant, it’s confident. We’re already helping institutions across the continent stay ahead of fraud and meet new compliance expectations.

If you're ready to build smarter, faster, and more context-aware compliance operations, Sigma is ready for you.

Send us an email at partnerships@pastel.africa for a detailed consultation on integrating Sigma within your operations