Fintech Payment Service Agreement (Nigeria)
FINTECH PAYMENT SERVICE AGREEMENT
CBN Payment Service Management Regulations 2020 | NDPR 2019 | Nigeria Data Protection Act 2023
THIS FINTECH PAYMENT SERVICE AGREEMENT is made on [Effective Date]
BETWEEN:
(1) [PSP Name] of [PSP Address], CBN Licence: [PSP CBN Licence] (hereinafter referred to as the "Payment Service Provider" or "PSP"); AND
(2) [Merchant Name] of [Merchant Address], CAC RC No. [Merchant RC Number] (hereinafter referred to as the "Merchant").
1. PAYMENT SERVICES
1.1 The PSP shall provide the following payment channels to the Merchant: [Payment Channels].
1.2 All payment processing shall be conducted in compliance with the CBN Payment Service Management Regulations 2020, NIBSS operating rules, and applicable card scheme rules (Verve, Mastercard, Visa).
1.3 This Agreement shall remain in force for an initial term of [Agreement Term], unless earlier terminated in accordance with Clause 7.
2. FEES AND SETTLEMENT
2.1 The Merchant shall pay the PSP a transaction fee of [Transaction Fee] on each transaction processed through the PSP's platform, in compliance with CBN merchant service charge guidelines.
2.2 The PSP shall settle net transaction proceeds to the Merchant's settlement account ([Settlement Account]) on a [Settlement Cycle] basis, after deducting the transaction fee and any applicable chargeback reserves.
2.3 Settlement is subject to CBN settlement directives and NIBSS operating rules. Delays caused by CBN system downtime, bank holidays, or force majeure events do not constitute a breach by the PSP.
3. CHARGEBACKS AND DISPUTES
3.1 The Merchant must respond to chargeback notifications within [Chargeback Policy] with supporting documentary evidence. Failure to respond within this period results in automatic acceptance of the chargeback.
3.2 The Merchant accepts liability for chargebacks arising from the Merchant's own fraud, product non-delivery, or failure to honour refund requests.
3.3 The PSP may impose a chargeback reserve of up to 5% of monthly settlement amounts if the Merchant's chargeback ratio exceeds 1% of monthly transaction volume under applicable card scheme rules.
4. DATA PROTECTION AND COMPLIANCE
4.1 Both parties shall comply with the Nigeria Data Protection Act 2023, the Nigeria Data Protection Regulation 2019 (NDPR), and the CBN Cybersecurity Framework. PCI-DSS responsibility: [PCI-DSS Compliance].
4.2 The PSP shall not share the Merchant's customer payment data with third parties except as required by CBN regulations, NIBSS rules, or valid court order.
4.3 Both parties shall report any data breach involving payment card data to NITDA/NDPC and CBN within 72 hours of discovery under the Nigeria Data Protection Act 2023 and CBN Cybersecurity Guidelines.
5. TERMINATION AND GOVERNING LAW
5.1 Either party may terminate this Agreement on 30 days' written notice. The PSP may immediately suspend or terminate services if the Merchant breaches CBN AML/CFT regulations, facilitates fraudulent transactions, or its chargeback ratio causes risk to the PSP's CBN licence.
5.2 This Agreement is governed by the laws of Nigeria and [Governing State] State. Disputes shall be resolved by arbitration under the Arbitration and Conciliation Act (Cap A18, LFN 2004).
Payment Service Provider
________________
Signature
Merchant
________________
Signature
What Is a Fintech Payment Service Agreement (Nigeria)?
A Fintech Payment Service Agreement in Nigeria defines the scope of work, fees and deliverables governing the provider's services to the client.
The regulatory framework governing payment service providers in Nigeria is anchored in the CBN Act 2007, the Banks and Other Financial Institutions Act 2020 (BOFIA 2020), the CBN Payment Service Management Regulations 2020, and the Nigeria Payment System Vision 2025. The CBN classifies payment system operators into: switching and processing companies (e.g., NIBSS, Interswitch, Remita), payment solution service providers, mobile money operators (e.g., OPay, PalmPay), super-agents, payment terminal service providers, and others. Each category is subject to specific licensing, capital adequacy, and operational requirements. A PSP must maintain a CBN licence and comply with CBN consumer protection guidelines, AML/CFT obligations under the Money Laundering (Prevention and Prohibition) Act 2022, and data protection obligations under the Nigeria Data Protection Regulation 2019 (NDPR) and the Nigeria Data Protection Act 2023.
The Nigerian Interbank Settlement System (NIBSS) provides the clearing and settlement infrastructure underpinning most Nigerian electronic payment transactions, including the NIBSS Instant Payments (NIP) system, which processed over ₦500 trillion in 2022. A Fintech Payment Service Agreement must align with NIBSS operating rules, card scheme rules (Verve, Mastercard, Visa), and CBN directives on settlement timelines — typically T+1 (next business day) for most merchant settlements under CBN guidelines.
A Fintech Payment Service Agreement must be distinguished from a Mobile Money Agency Agreement (between a mobile money operator and an individual agent), a Merchant Acquiring Agreement (between a bank and a merchant for POS terminal deployment), and a Payment Gateway Integration Agreement (a purely technical software API integration contract without settlement obligations). The Fintech Payment Service Agreement encompasses both the technical integration and the commercial and regulatory settlement obligations.
The legal framework governing the Fintech Payment Service Agreement (Nigeria) in Nigeria draws on several key statutes and regulatory bodies. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Parties executing a Fintech Payment Service Agreement (Nigeria) in Nigeria should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Companies and Allied Matters Act (CAMA) 2020 sets the foundational requirements.
When Do You Need a Fintech Payment Service Agreement (Nigeria)?
A Fintech Payment Service Agreement in Nigeria is needed whenever a merchant or business wishes to engage a licensed payment service provider to process electronic payments from customers.
A Fintech Payment Service Agreement is required when an e-commerce business in Nigeria — operating a website or mobile app — integrates a payment gateway (such as Paystack, Flutterwave, or Remita) to accept card payments, bank transfers, and USSD transactions from Nigerian customers. Without a formal agreement, the merchant and PSP operate without defined obligations on settlement timelines, chargeback liability, and data security.
A Fintech Payment Service Agreement is needed when a physical retail business, petrol station, supermarket, or hotel deploys POS terminals through a payment terminal service provider (PTSP) licensed by the CBN to accept card payments from Verve, Mastercard, and Visa cardholders.
A Fintech Payment Service Agreement is required when a non-governmental organisation (NGO), religious institution, or charity in Nigeria wishes to receive donations electronically through a licensed payment aggregator, requiring the PSP to handle Know Your Donor (KYD) compliance under CBN AML/CFT guidelines.
A Fintech Payment Service Agreement is needed when a government ministry, department, or agency (MDA) contracts a government revenue collection payment provider — such as Remita (operated by SystemSpecs) — to collect taxes, levies, and fees under the Government Integrated Financial Management Information System (GIFMIS) framework.
A Fintech Payment Service Agreement is required when a Nigerian airline, transport company, or ticketing platform integrates a payment solution to process high-volume, time-sensitive transactions requiring same-day or next-day settlement under CBN settlement rules.
A Fintech Payment Service Agreement is needed when a cross-border payments company licensed under the CBN's International Money Transfer Operator (IMTO) framework processes inbound diaspora remittances to Nigerian beneficiaries through NIBSS or mobile money wallet crediting.
Parties in Nigeria should prepare a Fintech Payment Service Agreement (Nigeria) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Fintech Payment Service Agreement (Nigeria)
A valid Nigerian Fintech Payment Service Agreement must contain the following essential elements to be enforceable and compliant with CBN regulations.
Parties and Licences: Full legal names, addresses, CAC RC numbers, and CBN licence details of the payment service provider and merchant. The PSP's CBN licence category, licence number, and licence expiry date must be stated. Merchants should verify PSP licensing status on the CBN's publicly maintained register of licensed payment service providers.
Scope of Payment Services: A precise description of the payment channels the PSP will provide — card processing (POS, online), bank transfers (NIBSS NIP), USSD, mobile wallets, QR codes, or a combination. The agreement should specify card scheme rules applicable (Verve, Mastercard, Visa international rules) and whether cross-border transactions are included.
Settlement Terms: The settlement cycle — T+1 (next business day) or same-day settlement — the settlement account details, minimum settlement amounts, and cut-off times. The agreement must align with CBN settlement directives and the NIBSS operating rules. Delay in settlement triggers the PSP's liability for interest at the applicable CBN minimum lending rate.
Fees and Charges: A clear schedule of the PSP's transaction fees, expressed as a percentage of transaction value or a flat fee per transaction in NGN. CBN's merchant service charge cap (currently 0.5% for merchant payments, subject to revision) must be respected. Any additional fees for chargebacks, refunds, or reversals must be expressly stated.
Chargeback and Dispute Resolution: The procedure for handling cardholder disputes, chargeback requests, and transaction reversals under card scheme rules. The agreement should specify the merchant's liability for chargebacks arising from fraud or customer disputes and the timeframes within which the merchant must respond to chargeback notifications.
Data Protection and Security: The PSP's and merchant's obligations under the NDPR 2019, the Nigeria Data Protection Act 2023, and the CBN's cybersecurity framework for mobile money operators. PCI-DSS compliance obligations for card data handling must be specified.
Termination and Regulatory Compliance: Provisions for suspension or termination of services on regulatory grounds — CBN licence suspension or revocation, EFCC investigation, or court order — and the parties' obligations on wind-down of services and return of merchant funds.
Additional compliance elements for a Fintech Payment Service Agreement (Nigeria) used in Nigeria include: Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Forms-legal.com provides this template as a starting point for Nigeria-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Fintech Payment Service Agreement (Nigeria) (Nigeria) [Legal document template]. Forms Legal. https://forms-legal.com/nigeria/business/contracts/fintech-payment-service-agreement-nigeria
"Fintech Payment Service Agreement (Nigeria) (Nigeria)." Forms Legal, 2026, https://forms-legal.com/nigeria/business/contracts/fintech-payment-service-agreement-nigeria.
@misc{formslegal-fintech-payment-service-agreement-nigeria,
author = {{Forms Legal}},
title = {Fintech Payment Service Agreement (Nigeria) (Nigeria)},
year = {2026},
howpublished = {\url{https://forms-legal.com/nigeria/business/contracts/fintech-payment-service-agreement-nigeria}},
note = {Free legal document template. Based on Companies and Allied Matters Act (CAMA) 2020}
}Frequently Asked Questions
Yes. Operating as a payment service provider (PSP) in Nigeria requires a licence from the Central Bank of Nigeria (CBN) under the Banks and Other Financial Institutions Act 2020 (BOFIA 2020) and the CBN Payment Service Management Regulations 2020. The CBN licenses several categories of payment system operators, including switching and processing companies, payment solution service providers (PSSPs), mobile money operators (MMOs), super-agents, payment terminal service providers (PTSPs), and international money transfer operators (IMTOs). Operating a payment service without a CBN licence is a criminal offence under Section 2 of BOFIA 2020 and may attract fines, prosecution, and business closure. Merchants who partner with a PSP do not require their own CBN licence, but they must contract only with CBN-licensed PSPs and must verify the PSP's licence status on the CBN's public register.
The Central Bank of Nigeria (CBN) regulates merchant service charges for electronic payment transactions in Nigeria through its Revised Guide to Charges by Banks, Other Financial and Non-Bank Financial Institutions (most recently updated in 2020). Under the current CBN guidelines, the maximum merchant service charge for card-present (POS) transactions is 0.5% of the transaction value, capped at NGN 2,000 per transaction for certain transaction categories. For e-commerce (card-not-present) transactions, the maximum is also capped at 1.5%. The CBN has issued directives requiring that merchant service charges be borne by the merchant (not passed on to the consumer), though this is subject to ongoing regulatory evolution. PSPs must not levy charges in excess of the CBN-approved maximum rates; doing so constitutes a regulatory violation that the CBN may sanction under the Consumer Protection Regulations 2019.
Nigerian fintech payment companies are subject to multiple data protection obligations. The Nigeria Data Protection Regulation 2019 (NDPR), issued by the National Information Technology Development Agency (NITDA), requires all data controllers handling personal data of Nigerian residents to implement data protection policies, conduct data protection impact assessments for high-risk processing, and enter into data processing agreements with sub-processors. The Nigeria Data Protection Act 2023 supersedes the NDPR and established the Nigeria Data Protection Commission (NDPC) as the primary data protection regulator. Payment companies also face sector-specific CBN cybersecurity requirements under the CBN Cybersecurity Framework and Guidelines for Other Financial Institutions 2022, which mandates encryption, access controls, incident response plans, and annual cybersecurity audits. PCI-DSS (Payment Card Industry Data Security Standard) compliance is required for any entity that stores, processes, or transmits cardholder data from Verve, Mastercard, or Visa schemes.
Chargebacks in Nigerian payment processing are governed by the applicable card scheme rules (Verve, Mastercard, Visa) incorporated by reference into the Fintech Payment Service Agreement. When a cardholder disputes a transaction — alleging fraud, non-delivery, or goods not as described — the issuing bank raises a chargeback against the acquiring PSP, which in turn debits the merchant's settlement account. The merchant has a limited window (typically 30-45 days from the chargeback notification under scheme rules) to provide documentary rebuttal evidence, including proof of delivery, authorisation logs, and customer communications. If the merchant cannot rebut the chargeback, the dispute is resolved in the cardholder's favour and the merchant bears the loss. Merchants with chargeback ratios exceeding scheme thresholds (typically 1% of monthly transaction volume) may be placed on a monitoring programme or lose card acceptance privileges under Mastercard and Visa rules, which apply to Nigerian merchants connected to international card schemes through NIBSS and Interswitch.
If a CBN-licensed payment service provider (PSP) fails to settle merchant funds within the agreed timeframe under the Fintech Payment Service Agreement, the merchant has several remedies under Nigerian law. The merchant may claim breach of contract and seek specific performance or damages — including interest on the unsettled funds at the CBN minimum lending rate or the contractually agreed default interest rate. The merchant may also file a formal complaint with the Consumer Protection Department of the CBN, which has regulatory enforcement powers over PSPs under the CBN Consumer Protection Regulations 2019 and the Banks and Other Financial Institutions Act 2020 (BOFIA 2020). The CBN may sanction the PSP through fines, licence suspension, or — in egregious cases of misappropriation of merchant funds — licence revocation and referral to the Economic and Financial Crimes Commission (EFCC) for investigation under the Money Laundering (Prevention and Prohibition) Act 2022.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
API Licensing Agreement (Nigeria)
An API (Application Programming Interface) licensing agreement for Nigerian technology companies. Governed by the Copyright Act 2022 (as amended), the Nigeria Data Protection Act 2023 (NDPA), and the Nigerian Communications Commission (NCC) regulations. Covers API access rights, rate limits, data handling, licence fees in NGN, prohibited uses, and IP ownership.
Data Processing Agreement (Nigeria)
A Data Processing Agreement (DPA) for Nigeria compliant with the Nigeria Data Protection Act (NDPA) 2023 and NDPC requirements. Governs the relationship between data controllers and data processors, covering processing instructions, security obligations, sub-processor controls, data breach notification, and data subject rights support.
E-Commerce Platform Agreement (Nigeria)
An e-commerce platform agreement for Nigerian online marketplace operators and merchants, compliant with the Federal Competition and Consumer Protection Act 2018, Nigeria Data Protection Act 2023 (NDPA), Consumer Protection Council Act, and Central Bank of Nigeria payment systems regulations.