`n Nigerian Fintech KYC Requirements: What Every Developer Must Know
SucceedHQ Logo SucceedHQ
Fintech Guide

Nigerian Fintech KYC Requirements: What Every Developer Must Know

The CBN requires every fintech app to implement Know Your Customer procedures. The specific requirements for BVN, NIN, and tiered access are frequently misunderstood. This guide breaks down exactly what your app needs.

By · · 14 min read

Understanding KYC Tiers

The CBN defines three KYC tiers every fintech app must implement. Each tier determines transaction capabilities. These are not optional; your app must enforce them programmatically.

CBN KYC Tiers (2026)
TierRequirementsDaily LimitSingle Limit
Tier 1 (Basic)Phone, name, DOB50,00020,000
Tier 2 (Medium)BVN, government ID, photo200,000-500,000100,000
Tier 3 (Full)All T2 + NIN, address, video5,000,000+1,000,000+

The most common mistake is treating KYC as one-time. Your app must enforce limits on every transaction. Failed BVN upgrade? Account stays at Tier 1 limits.

BVN Verification

The Bank Verification Number is a biometric identifier linked to bank accounts. Over 60 million Nigerians have registered. Verification flow: user enters 11-digit BVN, your app sends to API, API returns name, DOB, phone, and photo. Compare against user-provided details using fuzzy matching (80% threshold). Popular providers: Paystack, Flutterwave, YouVerify, IdentityPass. For detailed implementation, see our BVN integration guide.

NIN Integration

The National Identification Number (NIN) managed by NIMC has over 100 million enrolments. Increasingly preferred over BVN because it provides richer data: full name, DOB, phone, email, residential address, and next of kin. Verification flow: user enters 11-digit NIN, your app sends request through licensed NIMC partner, response typically under 2 seconds. Required for Tier 3 KYC under current CBN guidelines.

Implementing Tiered Access

Database schema: KYC tier (int 1-3), BVN status, NIN status, ID status, address status, each with verification timestamp. Use progressive flow: new users at Tier 1 with just a phone, prompt upgrades as they attempt higher-value transactions. All enforcement must be server-side. Before each transaction, check tier, calculate remaining limit, and reject if exceeded with a clear explanation.

CBN KYC Regulations

The CBN's KYC requirements come from Guidelines on Digital Banking and the AML framework. Your app must verify every customer before transactions, monitor for suspicious activity and report to NFIU, retain KYC records for at least 5 years, and conduct periodic reviews. Penalties include fines up to 2,000,000 per violation, license suspension, and prosecution. See our NDPR compliance guide for data protection requirements.

Frequently Asked Questions

What are the three KYC tiers?

Tier 1: phone only, 50,000 daily. Tier 2: BVN + ID, 200,000-500,000. Tier 3: BVN + NIN + address, 5,000,000+ daily.

How does BVN verification work?

Enter 11-digit BVN, API returns name, DOB, phone, photo. Mandatory for T2 and T3. Use fuzzy name matching.

BVN vs NIN difference?

BVN is bank identity from NIBSS. NIN is national identity from NIMC with richer data including address and next of kin.

How to implement tiered access?

Progressive levels, server-side enforcement. T1 basic, prompt for BVN/ID for T2, add NIN/address for T3.