In an appeal presently pending before the Abuja Division of the Court of Appeal in Appeal No: CA/ABJ/CV/1460/2025, between Digital Rights Lawyers Initiative (Appellant) and NIBSS, the Central Bank of Nigeria (CBN), and the Attorney-General of the Federation (Respondents), the Central Bank of Nigeria has made a notable admission regarding the Bank Verification Number (BVN) scheme and its impact on citizens’ constitutional right to privacy.
The admission is contained in the CBN’s Respondent’s Brief of Argument filed on 27 January 2026, where the apex bank acknowledged that the BVN framework involves an interference with individuals’ privacy. The appeal arose from a judgment of the Federal High Court delivered on 4th July 2025 by Justice J.K. Omotosho in a suit instituted by the Nigeria Inter-Bank Settlement System (NIBSS) seeking judicial clarification on whether the BVN scheme violates the constitutional right to privacy.
Dissatisfied with the decision of the Federal High Court, the Digital Rights Lawyers Initiative filed an appeal before the Court of Appeal, challenging the lower court’s reasoning and conclusions on the privacy implications of the BVN regime.
In its brief before the appellate court, the CBN addressed the issue of privacy and the nature of the biometric data required under the BVN scheme. In doing so, the bank expressly acknowledged that the collection of biometric information constitutes an interference with personal privacy.
According to the CBN in its Respondent’s Brief of Argument:
“The Nature of the BVN ‘Intrusion’… By analogy, requiring bank customers to submit to biometric identification is a minor intrusion… To frame it clearly: Yes, there is an interference with individual privacy in the sense that information personal to an individual (their fingerprint, etc.) is being collected… The trial court’s reasoning, though phrased as ‘no infringement,’ can be understood to mean ‘no unjustified infringement.’”
By this submission, the CBN effectively conceded that the BVN scheme does interfere with the privacy of individuals, since it entails the compulsory collection of sensitive personal and biometric data from bank customers.
However, the apex bank’s argument before the Court of Appeal appears to be that while the BVN scheme interferes with privacy, such interference is minimal, proportionate, and justified in the interest of financial regulation, identity verification, and the prevention of financial crimes.
In its brief, the CBN submitted that the BVN system requires bank customers to provide certain personal data, specifically biometric information (fingerprints and photo) and some demographic details to their bank, which is then stored in a central secure database (managed by NIBSS) accessible to banks and regulators for identity verification.
“This undoubtedly involves the collection and processing of personal data, which engages privacy considerations. However, it is critical to note what the BVN system does not do; it does not involve surveillance of personal communications, it does not involve disclosure of one’s private correspondence, and it does not involve law enforcement rummaging through one’s home. It is a regulated data collection for a specific purpose,” the CBN stated.
In other words, the CBN’s position is not that privacy is unaffected, but rather that the interference does not amount to an unjustified or unconstitutional violation of the right to privacy.
According to the CBN’s brief, the Bank Verification Number (BVN) system was introduced in 2014 by the Central Bank of Nigeria, in collaboration with the Bankers’ Committee (an assembly of bank CEOs and regulators), as part of an initiative to enhance the security and integrity of the Nigerian banking system.
Under the BVN program, each bank customer is assigned a unique number linked to their biometric identifiers (fingerprints and photograph), which is used across the banking industry to verify identity and prevent fraud. The BVN system strengthens “Know Your Customer” (KYC) compliance and promotes a safe, reliable, and efficient payments system.
Pursuant to its statutory mandate to regulate banks and the financial system, the CBN issued the Regulatory Framework for BVN Operations and Watch-List for the Nigerian Banking Industry (Revised, 2021) (“the BVN Framework”) in exercise of powers conferred by the CBN Act 2007 and BOFIA 2020.
The Framework expressly designates the Nigeria Inter-Bank Settlement System Plc (NIBSS, the 1st Respondent) as the operator responsible for the day-to-day management of the central BVN database. NIBSS is a company jointly owned by the CBN and all licensed banks in Nigeria, established to provide inter-bank payments and settlement infrastructure.
Under Clause 1.5.2 of the BVN Framework, NIBSS is charged with maintaining the BVN database, ensuring its security, and providing verification services to financial institutions.
The CBN, however, retains oversight. Clause 1.5.1 of the Framework provides that the CBN has regulatory and oversight functions over the BVN system and must approve all framework and operating guidelines. In effect, NIBSS serves as a technical agent of the CBN for implementing the BVN system, under CBN’s supervision.
The CBN (as 2nd Defendant at trial) aligned with NIBSS’s position. The 2nd Respondent filed a comprehensive Counter-Affidavit and Written Address dated 11th February 2025 aligning with the position articulated in NIBSS’s Originating Summons.
In its filings, the CBN affirmed that the delegation of BVN database management to NIBSS is firmly rooted in statutory powers conferred on CBN via the CBN Act 2007 and BOFIA 2020. The CBN’s evidence outlined the objectives and legal basis of the BVN initiative, emphasizing that the BVN system was created to curb fraud and enhance the safety of the banking system.
It was also averred that bank customers supply their personal data (for BVN enrollment) voluntarily as a condition of accessing banking services, pursuant to lawful regulation and contractual terms, and that such data is kept confidential and used only for legitimate banking security purposes.
Upon being served, the Appellant (as Defendant at the trial court) entered a Notice of Preliminary Objection challenging the court’s jurisdiction, instead of filing any counter-affidavit on the merits of the Originating Summons.
The Appellant’s objection raised points of law, presumably arguing that the subject matter of the suit (alleged violation of privacy rights) was not appropriate for determination by Originating Summons and possibly questioning NIBSS’s locus standi or the justiciability of the questions posed.
The trial court, in a pragmatic move, heard the Appellant’s preliminary objection together with the substantive Originating Summons so as to determine all issues holistically.
On 4th July 2025, the learned trial Judge, J.K. Omotosho, J. delivered judgment in favor of NIBSS and CBN. The trial court dismissed the Appellant’s preliminary objection (implicitly affirming that the suit was competent) and granted all the declaratory reliefs sought by NIBSS.
In summary, the Federal High Court held that: (a) the CBN, by virtue of the CBN Act and BOFIA has the power to establish and regulate the BVN system, including delegating operational aspects to NIBSS; (b) NIBSS’s management of the BVN database is lawful and does not violate citizens’ right to privacy under Section 37 of the Constitution; and (c) given the importance of the issue and to forestall multiple suits, the judgment is one in rem, binding on all persons unless overturned on appeal.
In fact, the trial court issued a perpetual injunction restraining the Appellant (and indeed any other person) from challenging NIBSS’s role in managing the BVN database in the future.
Dissatisfied with this outcome, the Appellant initiated the present appeal. Two Notices of Appeal were initially filed on 12th and 13th August 2025; the Appellant has elected to proceed with the latter notice (dated 13/8/2025) which contains four grounds of appeal.
In its Brief of Argument filed on 24th of October, 2025, the Appellant distilled four Issues for Determination from these grounds. These issues question, in substance: (1) the correctness of the trial court’s reliance on CBN’s enabling statutes vis-à-vis the National Identity Management Commission (NIMC) Act and the Exclusive Legislative List in the Constitution; (2) the propriety of the trial court treating the Appellant’s failure to file counter-affidavit as an admission on points of law; (3) whether the trial court erred in holding that the BVN scheme does not infringe the constitutional right to privacy; and (4) whether the trial Judge was wrong to characterize his decision as a judgment in rem that precludes further litigation on the matter.
These four issues form the basis of the arguments addressed in the CBN’s Respondent’s Brief.
The CBN submitted that the learned trial Judge was correct in law to affirm the CBN’s power to establish and regulate the BVN system. The BVN initiative and the designation of NIBSS as the database operator are solidly grounded in CBN’s statutory mandate.
The trial court’s reliance on the CBN Act 2007 and BOFIA 2020 was well-placed. Furthermore, there is no conflict between the BVN scheme, and the constitutional or statutory provisions cited by the Appellant, indeed, the relevant laws operate harmoniously.
First, the CBN Act, 2007, which is an Act of the National Assembly, explicitly charges the Central Bank with the responsibility of promoting and ensuring a sound financial system in Nigeria. Section 2(d) of the CBN Act states that one of the principal objects of the Bank is “to promote a sound financial system in Nigeria.”
This broad mandate undoubtedly encompasses the authority to introduce measures that enhance the integrity and security of banking operations. By creating a centralized identification system (the BVN) to curb fraud and identity theft in the banking sector, the CBN was acting squarely within its statutory purpose of promoting sound banking practices and protecting the banking public.
Furthermore, in addition to its general mandate, the CBN Act and BOFIA contain specific provisions that empower the CBN to implement systems like the BVN. Notably, Section 47(2) of the CBN Act 2007 provides that “notwithstanding the duty to facilitate clearing of cheques, and in furtherance of Section 2(d) of this Act, the Bank shall continue to promote and facilitate the development of efficient and effective systems for the settlement of transactions (including the development of electronic payment systems).”
This provision makes clear that CBN’s role is not passive; the Bank is empowered and obliged to actively develop modern payment and transaction systems. The BVN system, which underpins the electronic payments infrastructure by providing a reliable means of verifying customer identities across banks, falls well within the scope of “efficient and effective systems for the settlement of transactions” that the CBN is to promote.
