Fintech Service Agreement (Nigeria)
FINTECH SERVICE AGREEMENT
CBN Regulations | Nigeria Data Protection Act 2023 | FCCPC Digital Lending Code 2022
THIS FINTECH SERVICE AGREEMENT is made on [Effective Date]
BETWEEN:
(1) [Fintech Name] of [Fintech Address], Regulatory Licence: [Fintech Licence] (hereinafter referred to as the "Fintech Company"); AND
(2) [Client Name] of [Client Address] (hereinafter referred to as the "Client").
1. SERVICES
1.1 Service type: [Service Type].
1.2 [Service Description]
1.3 Credit limit (if applicable): [Credit Limit]. Loan tenor (if applicable): [Loan Tenor].
2. FEES AND CHARGES
2.1 [Fee Structure]
2.2 All fees and interest rates are disclosed in full prior to service activation, in compliance with the CBN Consumer Protection Regulations 2019 and the FCCPC Digital Lending Code of Practice 2022.
3. DATA PROTECTION AND CONSENT
3.1 The Fintech Company collects and processes the following personal data of the Client: [Data Consent]
3.2 The Client consents to the collection and processing of the above data for the purpose of providing the fintech services described herein, in accordance with the Nigeria Data Protection Act 2023 and the NDPR 2019.
3.3 The Fintech Company shall not share the Client's data with third parties except: (a) CBN-licensed credit bureaux under the Credit Reporting Act 2017 where required for credit assessment; (b) as required by CBN, EFCC, or court order; (c) with explicit prior consent of the Client.
4. DEFAULT AND RECOVERY
4.1 [Default Consequences]
4.2 The Fintech Company shall not use threatening, abusive, or degrading language in debt collection, shall not contact the Client's family or employer without consent, and shall not access the Client's device contact list for debt collection purposes, in accordance with the FCCPC Digital Lending Code of Practice 2022.
5. GOVERNING LAW AND DISPUTES
5.1 This Agreement is governed by Nigerian law and the laws of [Governing Law] State.
5.2 Disputes shall first be referred to the Fintech Company's internal complaint resolution process, then to the CBN Consumer Protection Department or FCCPC, and finally to arbitration under the Arbitration and Conciliation Act (Cap A18, LFN 2004).
Fintech Company
________________
Signature
Client
________________
Signature
What Is a Fintech Service Agreement (Nigeria)?
A Fintech Service Agreement in Nigeria defines the scope of work, fees and deliverables governing the provider's services to the client.
Nigeria's fintech sector is regulated by multiple bodies depending on the nature of the services. The CBN regulates payment services under the CBN Payment Service Management Regulations 2020, digital lending under the CBN Digital Lending Guidelines 2022 (issued following the FCCPC's Digital Lending Code of Practice 2022), and mobile banking under the CBN Regulatory Framework for Mobile Money Services 2021. The Securities and Exchange Commission (SEC Nigeria) regulates investment advisory, digital asset platforms under the SEC Digital Asset Rules 2022, and crowdfunding under the SEC Crowdfunding Regulations 2021. The National Insurance Commission (NAICOM) regulates insurtech platforms offering embedded insurance products. The Nigeria Data Protection Commission (NDPC) oversees data protection compliance under the Nigeria Data Protection Act 2023.
The Federal Competition and Consumer Protection Commission (FCCPC) issued a Digital Lending Code of Practice in 2022 specifically targeting predatory digital lending practices in Nigeria, prohibiting aggressive debt collection, excessive interest rates, and misuse of borrowers' contact data. The FCCPC's code applies to fintech companies operating digital lending apps, peer-to-peer lending platforms, and embedded credit facilities in Nigeria, irrespective of CBN licensing status.
A Fintech Service Agreement must be carefully distinguished from a Payment Service Agreement (which focuses on payment processing rather than broader financial services), a Mobile Money Agency Agreement (for agent network operations), and a Software Development Agreement (a pure technology development contract without financial service delivery obligations).
The legal framework governing the Fintech Service Agreement (Nigeria) in Nigeria draws on several key statutes and regulatory bodies. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Parties executing a Fintech Service Agreement (Nigeria) in Nigeria should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Companies and Allied Matters Act (CAMA) 2020 sets the foundational requirements.
When Do You Need a Fintech Service Agreement (Nigeria)?
A Fintech Service Agreement in Nigeria is needed whenever a fintech company delivers financial services to clients through a digital platform and requires a documented contractual framework governing service delivery, fees, data rights, and regulatory compliance.
A Fintech Service Agreement is required when a CBN-licensed microfinance bank, digital lending app, or BNPL platform in Nigeria offers consumer credit products to individual borrowers, to document the credit terms, interest rates (within CBN and FCCPC guidelines), repayment schedule, and default consequences.
A Fintech Service Agreement is needed when an investment technology (investtech) company licensed by the Securities and Exchange Commission (SEC Nigeria) offers individual or institutional clients access to mutual funds, stocks, bonds, or digital asset investment platforms under the SEC Digital Asset Rules 2022.
A Fintech Service Agreement is required when an insurtech platform licensed by the National Insurance Commission (NAICOM) offers embedded micro-insurance products — life, health, property, or travel insurance — to consumers through a mobile app or digital marketplace, to document the insurance terms, premium payment, and claims process.
A Fintech Service Agreement is needed when a savings technology company (operating a CBN-licensed savings scheme or ROSCA platform) provides automated group savings, target savings, or treasury management services to individual customers or cooperatives in Nigeria.
A Fintech Service Agreement is required when a financial data aggregation company operating under the CBN Open Banking Regulatory Framework 2021 provides account aggregation, financial health analytics, or third-party payment initiation services to consumers who share their banking data through API-enabled open banking consents.
A Fintech Service Agreement is needed when a Nigerian fintech company provides embedded finance services to a business-to-business (B2B) client — such as offering working capital loans, supply chain financing, or trade finance to SMEs through an integrated platform — requiring documentation of the credit assessment methodology, interest rates, and collateral arrangements.
Parties in Nigeria should prepare a Fintech Service Agreement (Nigeria) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Fintech Service Agreement (Nigeria)
A valid Nigerian Fintech Service Agreement must contain the following essential elements to be enforceable and compliant with applicable Nigerian regulatory requirements.
Parties and Licences: Full legal names, addresses, and CAC RC numbers of the fintech company and client. State the fintech company's applicable regulatory licence — CBN licence (with licence category and number), SEC Nigeria registration number, NAICOM licence number, or NDPC data processor registration — to establish the regulatory basis for the services being provided.
Description of Services: A precise description of the fintech services to be provided, including the platform or technology through which services are delivered, the eligible users, and any restrictions on service use. For digital lending, state the type of loan product (consumer loan, SME loan, salary advance, BNPL), maximum credit limit, and loan tenor in accordance with CBN guidelines.
Fees and Interest Rates: A clear schedule of fees, charges, and interest rates in Nigerian Naira (NGN). For lending products, the annual percentage rate (APR) must be disclosed under the CBN Consumer Protection Regulations 2019 and the FCCPC Digital Lending Code of Practice 2022. Hidden fees, rollover charges, and penalty interest rates must be disclosed in full.
Data Collection and Processing: The fintech company's data collection, use, and sharing practices, in compliance with the Nigeria Data Protection Act 2023. Explicit user consent must be obtained for processing sensitive financial data. The agreement must specify what data is collected (transaction data, device data, contact list access), how it is used, how long it is retained, and whether it is shared with third parties — including credit bureaux licensed by CBN under the Credit Reporting Act 2017.
Default and Recovery: For lending products, the consequences of default — late payment fees (within FCCPC-prescribed limits), credit bureau reporting under the Credit Reporting Act 2017, debt recovery procedures, and — where the fintech operates a digital lending app — restrictions on contact list access and social media notification (prohibited under the FCCPC Digital Lending Code 2022).
Termination and Data Deletion: The conditions under which either party may terminate the service agreement, the fintech company's obligations to stop processing data upon termination, and the timeline for deletion of personal data under Section 30 of the Nigeria Data Protection Act 2023.
Dispute Resolution: The procedure for resolving disputes between the fintech company and client — including the CBN Consumer Protection Department, FCCPC complaint mechanism, or arbitration under the Arbitration and Conciliation Act (Cap A18, LFN 2004).
Additional compliance elements for a Fintech Service Agreement (Nigeria) used in Nigeria include: Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Forms-legal.com provides this template as a starting point for Nigeria-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Fintech Service Agreement (Nigeria) (Nigeria) [Legal document template]. Forms Legal. https://forms-legal.com/nigeria/business/contracts/fintech-service-agreement-nigeria
"Fintech Service Agreement (Nigeria) (Nigeria)." Forms Legal, 2026, https://forms-legal.com/nigeria/business/contracts/fintech-service-agreement-nigeria.
@misc{formslegal-fintech-service-agreement-nigeria,
author = {{Forms Legal}},
title = {Fintech Service Agreement (Nigeria) (Nigeria)},
year = {2026},
howpublished = {\url{https://forms-legal.com/nigeria/business/contracts/fintech-service-agreement-nigeria}},
note = {Free legal document template. Based on Companies and Allied Matters Act (CAMA) 2020}
}Frequently Asked Questions
Fintech companies in Nigeria are subject to a multi-layered regulatory framework depending on the nature of their services. The Central Bank of Nigeria (CBN) regulates payment services under the CBN Payment Service Management Regulations 2020, digital lending under the CBN Digital Lending Guidelines 2022, open banking under the CBN Open Banking Regulatory Framework 2021, and mobile money under the CBN Regulatory Framework for Mobile Money Services 2021. The Securities and Exchange Commission (SEC Nigeria) regulates investment platforms and digital asset businesses under the SEC Digital Asset Rules 2022 and the Investments and Securities Act 2007. The National Insurance Commission (NAICOM) regulates insurtech companies. The Federal Competition and Consumer Protection Commission (FCCPC) issued the Digital Lending Code of Practice 2022 governing consumer protection in digital lending. The Nigeria Data Protection Commission (NDPC) oversees data protection under the Nigeria Data Protection Act 2023.
Whether a fintech company requires a CBN licence in Nigeria depends on the specific financial services it offers. Fintech companies processing payments, operating mobile money wallets, providing payment switching, acting as super-agents, or operating as international money transfer operators must obtain the applicable CBN licence under BOFIA 2020 and the CBN Payment Service Management Regulations 2020. Digital lenders — companies disbursing loans to consumers or SMEs — must either obtain a CBN microfinance bank licence or partner with a CBN-licensed lender. Fintech companies that only provide technology infrastructure (software, APIs) without holding client funds or providing regulated financial services may operate without a CBN licence. However, the boundaries are not always clear, and the CBN has issued cease-and-desist orders against unlicensed fintech operators in Nigeria. Seeking regulatory opinion from the CBN's Financial Policy and Regulation Department is strongly recommended before launching a fintech product.
The Federal Competition and Consumer Protection Commission (FCCPC) issued a Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending in Nigeria in 2022, imposing significant restrictions on digital lending app operators. Key restrictions include: prohibition on accessing borrowers' contact lists, photos, or social media accounts for debt collection purposes; requirement to obtain prior consent for all data processing; prohibition on sharing borrowers' personal information with third parties without consent; requirement to disclose all fees, interest rates, and total cost of credit upfront before loan disbursement; prohibition on using threatening, abusive, or degrading language in debt collection communications; and requirement to maintain a complaint resolution process. Digital lending apps must register with the FCCPC and comply with its reporting requirements. Non-compliance exposes lending app operators to administrative penalties under the FCCPA 2018 and potential delisting from the Google Play Store and Apple App Store.
Open banking in Nigeria is regulated by the CBN Open Banking Regulatory Framework 2021, which establishes standards for application programming interface (API) access to financial data held by banks and other financial institutions. Under the framework, banks are required to expose standardised APIs that allow CBN-authorised third-party providers (TPPs) — including fintech companies — to access customer account data and initiate payment transactions with the customer's explicit consent. Third-party providers must register with the CBN as API consumers and comply with data protection, cybersecurity, and consumer protection requirements. The NIBSS Open Banking Register tracks registered TPPs. For customers, open banking consent must be actively granted and can be revoked at any time. The framework enables fintech services such as account aggregation, personal financial management, credit scoring based on bank transaction data, and payment initiation — all subject to the customer's prior informed consent under the Nigeria Data Protection Act 2023.
A Nigerian fintech company that extends credit to borrowers may submit credit information — including default records — to a CBN-licensed credit bureau under the Credit Reporting Act 2017. The CBN has licensed several credit bureaux in Nigeria, including CRC Credit Bureau Limited, CR Services Credit Bureau Plc, and XDS Credit Bureau Limited. The Credit Reporting Act 2017 requires lenders to obtain the borrower's consent to share credit information with credit bureaux at the point of loan application. Before reporting a default, the lender must notify the borrower of the intended bureau report, give the borrower an opportunity to remedy the default, and comply with the accuracy requirements under the Credit Reporting Act. Inaccurate or malicious credit bureau reporting may expose the fintech company to civil liability under the Credit Reporting Act and to regulatory action by the CBN. The FCCPC Digital Lending Code of Practice 2022 also requires that credit bureau reporting be used only as a last resort, not as an initial debt collection tool.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
API Licensing Agreement (Nigeria)
An API (Application Programming Interface) licensing agreement for Nigerian technology companies. Governed by the Copyright Act 2022 (as amended), the Nigeria Data Protection Act 2023 (NDPA), and the Nigerian Communications Commission (NCC) regulations. Covers API access rights, rate limits, data handling, licence fees in NGN, prohibited uses, and IP ownership.
Data Processing Agreement (Nigeria)
A Data Processing Agreement (DPA) for Nigeria compliant with the Nigeria Data Protection Act (NDPA) 2023 and NDPC requirements. Governs the relationship between data controllers and data processors, covering processing instructions, security obligations, sub-processor controls, data breach notification, and data subject rights support.
Digital Lending Agreement (Nigeria)
A Digital Lending Agreement for Nigeria between a licensed digital lender or fintech company and a borrower for an online or mobile-based loan facility. Governed by the Central Bank of Nigeria (CBN) Framework for Digital Lending 2022, FCCPC Guidelines, Consumer Credit Act, and NDPR 2019. Includes data consent, electronic signature, and repayment provisions.