Whistleblower Policy (Nigeria)
WHISTLEBLOWER POLICY
[Company Name]
WHISTLEBLOWER POLICY
Effective Date: [Policy Date]
Approved by: [Board Approver Name]
Review Period: [Policy Review Period]
1. PURPOSE AND COMMITMENT
1. PURPOSE AND COMMITMENT
[Company Name] (the "Company"), registered address [Company Address] and regulated by [Company Regulator], is committed to the highest standards of ethical conduct, corporate governance, transparency, and legal compliance in all its operations. This Whistleblower Policy (the "Policy") establishes a safe, confidential, and accessible mechanism by which employees, directors, contractors, and other stakeholders may report suspected fraud, corruption, financial irregularities, misconduct, and other violations without fear of retaliation.
This Policy is consistent with the Federal Ministry of Finance Nigerian Whistleblowing Programme (December 2016), the Securities and Exchange Commission of Nigeria (SEC) Corporate Governance Code 2018, the Financial Reporting Council of Nigeria (FRCN) Code of Corporate Governance 2018, the EFCC (Establishment) Act 2004, and the Independent Corrupt Practices and Other Related Offences Commission (ICPC) Act 2000.
2. SCOPE — WHO MAY REPORT
2. SCOPE — WHO MAY REPORT
This Policy applies to all employees, executive directors, non-executive directors, independent directors, contractors, suppliers, customers, shareholders, and members of the public who wish to report a concern about the Company's activities. Reports may be made by anyone — the Policy is not limited to employees of the Company.
3. REPORTABLE CONCERNS
3. REPORTABLE CONCERNS
The following categories of conduct may be reported under this Policy: (a) fraud, corruption, or bribery, reportable to the Economic and Financial Crimes Commission (EFCC) under the EFCC Act 2004; (b) financial irregularities and false accounting; (c) money laundering or suspicious transactions under the Money Laundering (Prevention and Prohibition) Act 2022; (d) health, safety, and environmental violations; (e) breaches of the Company's Code of Conduct or internal policies; (f) violations of the Nigeria Data Protection Act 2023 (NDPA 2023) or data security breaches; (g) tax evasion or irregularities, reportable to the Federal Inland Revenue Service (FIRS) Tax Whistleblowing Programme; and (h) any other conduct that constitutes an offence or breach of legal or regulatory obligation.
4. REPORTING CHANNELS
4. REPORTING CHANNELS
Reports may be submitted through the following confidential channels:
Whistleblowing Officer: [Whistleblowing Officer]
Confidential Hotline: [Hotline Number]
Confidential Email: [Reporting Email]
Online Reporting Portal: [Reporting Portal]
Postal Address: [Postal Address]
Anonymous reporting is permitted through all the above channels. Reporters who wish to remain anonymous should not include any identifying information in their report. The Company will investigate anonymous reports to the extent possible given the information available.
Serious concerns involving government corruption, tax evasion, or financial crimes may also be reported directly to: (i) the EFCC Eagle-Eye portal or toll-free line 0800-CALL-EFCC (0800-2255-3322); (ii) the ICPC reporting portal; or (iii) the FIRS Tax Whistleblowing Programme portal at firs.gov.ng.
5. CONFIDENTIALITY
5. CONFIDENTIALITY
The Company is committed to protecting the identity of all whistleblowers to the fullest extent practicable. The identity of a reporter will not be disclosed without the reporter's express consent, except where disclosure is required by court order, regulatory requirement, or applicable law. All persons involved in receiving and investigating reports are bound by confidentiality obligations.
6. PROTECTION AGAINST RETALIATION
6. PROTECTION AGAINST RETALIATION
The Company expressly prohibits any form of retaliation, victimisation, demotion, dismissal, harassment, or disadvantage against any employee or other person who makes a report in good faith under this Policy, consistent with Section 39 of the ICPC Act 2000 and the Labour Act (Cap L1, LFN 2004). Any employee who retaliates against a whistleblower will be subject to disciplinary action, which may include termination of employment. A victimised reporter may also seek remedies through the National Industrial Court of Nigeria (NICN), including reinstatement and compensation.
7. INVESTIGATION PROCESS
7. INVESTIGATION PROCESS
The Whistleblowing Officer will acknowledge receipt of a report within 5 working days. All reports will be investigated promptly, impartially, and confidentially. The [Oversight Committee] will have oversight of the investigation process for serious allegations. Investigations will typically be completed within 60 days of receipt of the report, subject to the nature and complexity of the allegations. The Whistleblowing Officer will provide the reporter (where identified) with a written outcome notification on completion of the investigation.
8. FALSE REPORTS
8. FALSE REPORTS
This Policy protects reporters who make reports in good faith, even if those reports are not subsequently substantiated after investigation. However, knowingly making a false or malicious report — one the reporter knows to be untrue or makes recklessly without reasonable basis — is a serious disciplinary offence and may also constitute a criminal offence under the EFCC Act 2004 or ICPC Act 2000 if made to those agencies.
9. GOVERNANCE AND REVIEW
9. GOVERNANCE AND REVIEW
This Policy shall be reviewed by the [Oversight Committee] every [Policy Review Period] and updated as necessary to reflect changes in applicable law and regulatory requirements. The Board of Directors of [Company Name] has approved this Policy on the effective date stated above.
Approved by: [Board Approver Name]
Date: [Policy Date]
Board Approver
________________
Signature
Whistleblowing Officer
________________
Signature
What Is a Whistleblower Policy (Nigeria)?
A Whistleblower Policy in Nigeria establishes the obligations and procedures governing the conduct it regulates.
The Federal Ministry of Finance launched the Nigerian Whistleblowing Programme in December 2016, which established a national reporting portal and a reward scheme under which qualifying whistleblowers may receive 2.5% to 5% of the value of recovered funds as a financial incentive for reporting government corruption, tax evasion, and financial crimes. The EFCC (Establishment) Act 2004, which established the Economic and Financial Crimes Commission (EFCC) as Nigeria's primary anti-corruption and financial crimes agency, provides a framework for reporting financial crimes to the EFCC and obliges financial institutions to report suspicious transactions under the Money Laundering (Prevention and Prohibition) Act 2022.
The Securities and Exchange Commission of Nigeria (SEC) Corporate Governance Code 2018 requires all publicly listed companies and large public interest entities to establish whistleblower reporting mechanisms as part of their corporate governance framework. The Financial Reporting Council of Nigeria (FRCN) Code of Corporate Governance 2018 similarly requires boards of directors to confirm the implementation of anti-corruption and whistleblower policies. The Independent Corrupt Practices and Other Related Offences Commission (ICPC) Act 2000 provides additional protections for persons who report public sector corruption to the ICPC.
Protection against retaliation for whistleblowers in Nigeria is provided under the general law of contract (where an employee's contract prohibits victimisation) and, for employees in the public sector, under Section 39 of the ICPC Act 2000, which protects witnesses who assist anti-corruption investigations. The Labour Act (Cap L1, LFN 2004) and the National Industrial Court of Nigeria provide remedies for employees who are victimised by their employer for making protected disclosures.
The legal framework governing the Whistleblower Policy (Nigeria) in Nigeria draws on several key statutes and regulatory bodies. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Parties executing a Whistleblower Policy (Nigeria) in Nigeria should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Companies and Allied Matters Act (CAMA) 2020 sets the foundational requirements.
When Do You Need a Whistleblower Policy (Nigeria)?
A Whistleblower Policy is required for Nigerian companies operating in sectors with significant regulatory oversight, and recommended for all companies as part of good corporate governance.
A whistleblower policy is required for companies listed on the Nigerian Exchange Group (NGX), which must comply with the SEC Nigeria Corporate Governance Code 2018 and the NGX Listing Rules, both of which require a formal whistleblower and reporting mechanism as a condition of listing and continued listing.
A whistleblower policy is needed for banks, insurance companies, pension fund administrators, and other financial institutions regulated by the Central Bank of Nigeria (CBN), the National Insurance Commission (NAICOM), or the National Pension Commission (PenCom), as the respective regulators' governance codes require whistleblower reporting channels.
A whistleblower policy is required for companies bidding for public sector contracts with Nigerian federal or state government ministries, departments, and agencies (MDAs), many of which now require evidence of anti-corruption compliance policies — including whistleblower mechanisms — as part of procurement due diligence under the Public Procurement Act 2007.
A whistleblower policy is needed for Nigerian subsidiaries of multinational corporations subject to the UK Bribery Act 2010, the US Foreign Corrupt Practices Act (FCPA), or other foreign anti-bribery legislation that require adequate procedures to prevent bribery and corruption in all jurisdictions of operation.
A whistleblower policy is required for any company implementing an ISO 37001 Anti-Bribery Management System certification — a standard increasingly required by international clients of Nigerian service companies — which mandates a confidential reporting mechanism for bribery concerns.
Parties in Nigeria should prepare a Whistleblower Policy (Nigeria) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Whistleblower Policy (Nigeria)
A Nigeria Whistleblower Policy must contain the following essential elements to be effective and compliant with SEC Nigeria, FRCN, and EFCC/ICPC requirements.
Policy Statement and Purpose: A clear statement of the company's commitment to ethical conduct, legal compliance, and integrity, and the purpose of the whistleblower policy — to provide a safe, confidential channel for reporting genuine concerns about misconduct, consistent with the Nigerian Whistleblowing Programme 2016 and the SEC Nigeria Corporate Governance Code 2018.
Scope — Reportable Concerns: A description of the categories of conduct that may be reported under the policy, including: fraud, corruption, or bribery (reportable to EFCC under the EFCC Act 2004); financial irregularities and false accounting; money laundering (reportable under the Money Laundering (Prevention and Prohibition) Act 2022); health, safety, and environmental violations; breaches of the company's code of conduct; and violations of the Nigeria Data Protection Act 2023 or other applicable law.
Who May Report: Confirmation that all employees, directors, contractors, suppliers, customers, and members of the public may make a report under the policy.
Reporting Channels: The specific channels through which reports may be submitted — including a dedicated confidential hotline number, a secure web portal, an email address, and a postal address for written reports — and the name or title of the designated Whistleblowing Officer or Ethics Officer responsible for receiving and investigating reports.
Confidentiality: A commitment to maintain the confidentiality of the reporter's identity to the fullest extent practicable, and an explanation of the limited circumstances in which disclosure may be required (for example, by court order or regulatory requirement). Anonymous reporting options should be described.
Protection Against Retaliation: An express prohibition on any form of retaliation, victimisation, demotion, dismissal, or harassment against any employee or other person who makes a report in good faith, consistent with the ICPC Act 2000, Section 39 and the Labour Act (Cap L1, LFN 2004). The remedies available to a victimised reporter — including reinstatement, compensation, and referral to the National Industrial Court — should be stated.
Investigation Process: A description of how reports will be acknowledged (typically within 5 working days), investigated, and resolved — including the role of the Audit Committee of the Board under the SEC Nigeria Corporate Governance Code 2018, the escalation path for serious allegations, and the timeframe for completing investigations.
False Reports: A statement that knowingly false or malicious reports will be treated as a disciplinary matter, to deter abuse of the reporting mechanism.
Additional compliance elements for a Whistleblower Policy (Nigeria) used in Nigeria include: Under Nigerian law, the Companies and Allied Matters Act 2020 (CAMA) regulates corporate entities through the Corporate Affairs Commission (CAC). The Labour Act (Cap L1 LFN 2004) and the National Industrial Court of Nigeria (NICN) govern employment disputes. The Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Commission (NDPC) protect personal data. The Federal Inland Revenue Service (FIRS) administers tax obligations under the Companies Income Tax Act. The Federal High Court and state High Courts have jurisdiction over civil matters. Forms-legal.com provides this template as a starting point for Nigeria-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Whistleblower Policy (Nigeria) (Nigeria) [Legal document template]. Forms Legal. https://forms-legal.com/nigeria/business/policies/whistleblower-policy-nigeria
"Whistleblower Policy (Nigeria) (Nigeria)." Forms Legal, 2026, https://forms-legal.com/nigeria/business/policies/whistleblower-policy-nigeria.
@misc{formslegal-whistleblower-policy-nigeria,
author = {{Forms Legal}},
title = {Whistleblower Policy (Nigeria) (Nigeria)},
year = {2026},
howpublished = {\url{https://forms-legal.com/nigeria/business/policies/whistleblower-policy-nigeria}},
note = {Free legal document template. Based on Companies and Allied Matters Act (CAMA) 2020}
}Also available for these jurisdictions:
Frequently Asked Questions
A formal whistleblower policy is not universally mandated by a single Nigerian statute for all companies, but regulatory codes and sector-specific requirements make it effectively mandatory for significant categories of Nigerian businesses. The Securities and Exchange Commission Nigeria (SEC) Corporate Governance Code 2018 requires all public companies and significant public interest entities to establish a formal whistleblower and reporting mechanism as a board responsibility. The Financial Reporting Council of Nigeria (FRCN) Code of Corporate Governance 2018 similarly requires boards to implement anti-corruption and whistleblower reporting systems. The Central Bank of Nigeria (CBN), National Insurance Commission (NAICOM), National Pension Commission (PenCom), and the Nigerian Upstream Petroleum Regulatory Commission (NUPRC) have each issued corporate governance codes for their regulated entities that include whistleblower reporting requirements. For companies bidding for World Bank, African Development Bank (AfDB), or other multilateral-funded Nigerian government contracts, a whistleblower policy is typically required as part of the contractor integrity compliance package. Regardless of regulatory mandate, a whistleblower policy is strongly recommended for all Nigerian companies as protection against EFCC, ICPC, and FIRS enforcement action and to demonstrate adequate procedures defence under anti-bribery legislation.
The Nigerian Whistleblowing Programme, launched by the Federal Ministry of Finance in December 2016 and operated through the dedicated portal whistleblowing.finance.gov.ng, provides financial rewards to qualifying whistleblowers who report recoverable funds, assets, or tax evasion to the Federal Government. A whistleblower who voluntarily provides information that leads to the recovery of stolen public funds or assets may receive a reward of 2.5% of the recovered amount where the funds exceed NGN 1 billion, and up to 5% of the recovered amount where the whistleblower is the first to provide the relevant information and the funds are below NGN 1 billion. The reward is paid from recovered funds after the federal government completes the recovery process, which may take considerable time. Rewards have been paid in significant cases — including one case where a whistleblower received over NGN 240 million as their share of a recovered amount. The Federal Inland Revenue Service (FIRS) also operates a separate Tax Whistleblowing Programme, under which persons who report tax evasion or tax fraud may receive a reward of up to 10% of the additional tax collected as a result of the information provided. Whistleblowers must submit credible, specific, and actionable information to qualify for rewards under either programme.
Protection for whistleblowers from retaliation in Nigeria is provided through a combination of statutory provisions, regulatory codes, and employment law remedies. Section 39 of the Independent Corrupt Practices and Other Related Offences Commission (ICPC) Act 2000 specifically protects witnesses and informants who provide assistance to the ICPC in anti-corruption investigations from harassment, intimidation, and victimisation. The EFCC (Establishment) Act 2004 provides similar protection for persons who report financial crimes to the EFCC. For employees in the private sector who are victimised by their employer for making a protected disclosure, the primary remedy is through the National Industrial Court of Nigeria (NICN), which has jurisdiction over employment and labour matters under Section 254C of the Constitution (Third Alteration) Act 2010. The NICN can award reinstatement, compensation for lost earnings, and damages for victimisation. A company's whistleblower policy should expressly prohibit retaliation and designate a board-level Ethics Committee or Audit Committee to investigate retaliation complaints independently of line management. Practical protections — including anonymous reporting channels, confidential investigation procedures, and a non-disclosure commitment by the investigating officers — reduce the risk of identity disclosure that could lead to informal retaliation.
The Economic and Financial Crimes Commission (EFCC), established under the EFCC (Establishment) Act 2004 and headquartered in Abuja, is Nigeria's primary agency for investigating and prosecuting financial crimes, money laundering, advance fee fraud (419 fraud), corruption, and asset recovery. The EFCC has a dedicated reporting channel — the EFCC Eagle-Eye portal and the toll-free line 0800-CALL-EFCC (0800-2255-3322) — through which members of the public and company employees may confidentially report suspected financial crimes. The EFCC works closely with the EFCC's Intelligence and Forensic Department to investigate whistleblower tips and has powers to freeze bank accounts, seize assets, conduct dawn raids, and arrest suspects under the EFCC Act. For corporate whistleblowing involving fraud, false accounting, embezzlement, or insider dealing, reports may be made simultaneously to the EFCC, the Independent Corrupt Practices Commission (ICPC), and the Securities and Exchange Commission (SEC Nigeria), depending on the nature of the misconduct. The EFCC's Proceeds of Crime (Recovery and Management) Act 2022 provides additional mechanisms for civil and criminal asset recovery that benefit from whistleblower tips. Reports to the EFCC are confidential and the EFCC is required to protect the identity of informants under its reporting procedures.
A company in Nigeria may discipline an employee who knowingly and maliciously makes a false whistleblower report — one that the employee knew to be untrue or made recklessly without reasonable grounds — provided the company follows a fair disciplinary procedure under the Labour Act (Cap L1, LFN 2004) and the employee's contract of employment. The key distinction is between a false report made in bad faith (malicious or fabricated allegations, for example to harm a colleague) and a good-faith report that turns out to be unfounded after investigation. A good-faith report that is not substantiated by investigation does not expose the reporting employee to any disciplinary sanction — the whistleblower protection provisions of the company policy, the ICPC Act 2000, and general employment law protect good-faith reporters. Only reports that were knowingly false or made with reckless disregard for their accuracy may be the subject of disciplinary action. The company's whistleblower policy should clearly state this distinction to encourage genuine reporting without chilling good-faith disclosures. Where an employee makes a false report to the EFCC or ICPC with intent to mislead an investigation, they may also commit a criminal offence under the EFCC Act 2004 or ICPC Act 2000 — making a false report to law enforcement is a substantive offence under both statutes.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
Anti-Corruption Policy (Nigeria)
A corporate anti-corruption and anti-bribery policy for Nigerian companies, compliant with the Corrupt Practices and Other Related Offences Act 2000 (ICPC Act), the Economic and Financial Crimes Commission Act 2004 (EFCC Act), the Money Laundering (Prevention and Prohibition) Act 2022, and the UN Convention Against Corruption (UNCAC). Covers facilitation payments, gifts policy, third-party due diligence, and whistleblowing.
Data Processing Agreement (Nigeria)
A Data Processing Agreement (DPA) for Nigeria compliant with the Nigeria Data Protection Act (NDPA) 2023 and NDPC requirements. Governs the relationship between data controllers and data processors, covering processing instructions, security obligations, sub-processor controls, data breach notification, and data subject rights support.
Cybersecurity Policy (Nigeria)
A corporate cybersecurity policy for Nigerian organisations compliant with the Cybercrimes (Prohibition, Prevention, Etc.) Act 2015, CBN Cybersecurity Framework 2021, NDPC Nigeria Data Protection Act 2023, and the NCC Cybersecurity Regulations. Covers access controls, incident response, data protection, and staff obligations.