An Overview of Legal Requirements For a Bank’s Website

By Gbolahan Oluyemi

Websites create an online presence for businesses and serve as a valuable tool to enhance e-commerce, customer engagement, branding, marketing, and lead generation. A website provides the bank customers with information on branch location, the composition of the bank’s management team, product features, forms, and terms and conditions of service.

Aside from the branding and customer information, banks are legally required to publish certain information on their website. This article considers some of the information banks are mandated by law to publish on their respective websites. Additionally, banks may explore fractional general counsel services to navigate the intricate legal landscape efficiently, ensuring compliance and robust risk management.

1. A bank is required to publish its foreign exchange, lending, and deposit rates on its website. This is because section 22 (1) of the Banking and Other Financial Institutions Act (BOFIA) directs all banks (except non-interest banks) to publish information on foreign exchange rates, lending and deposit rates on their respective websites, failing which such Bank will be liable to a penalty of not less than N5,000,000 and an additional N100,000 for every day during which the contravention continues.

2. BOFIA require banks to disclose their obligations to report suspicious transactions on their respective websites, failing which the bank will be liable to a penalty of not less than N5,000,000 and an additional N100,000 for every day during which the contravention continues.

3. A bank is required to publish its certificate of occupancy on its website. The bank is also required to publish its approved audited accounts and financial statements. Section 22 (1e) of BOFIA mandates these obligations and imposes a penalty of not less than N5,000,000 and an additional N100,000 for every day during which the contravention continues.

4. The Nigerian Data Protection Regulation 2019 impose a duty on banks to publish a privacy policy on all data-collecting platforms (which may include a website). The privacy policy should address at minimum the items listed in Article 2.5 of the Nigerian Data Protection Regulation 2019 which include:

• what constitutes the Data Subject’s consent;
• description of collectable personal information;
• purpose of collection of Personal Data;
• technical methods used to collect and store personal information, cookies, JWT, web tokens etc;
• access (if any) of third parties to Personal Data and purpose of access;
• available remedies in the event of violation of the privacy policy;
• the time frame for remedy.

5. Another piece of information required on a bank’s website is the details and location of Automated Teller Machines (ATM) for persons with visual impairment. Article 1.1.1 (G) of the Central Bank of Nigeria (CBN) guidelines on operations of electronic payment channels in Nigeria requires that 2% of ATMs deployed should have tactile graphic symbols for the use of visually impaired customers. The location of the specialised ATMs should be published on the bank’s website.

6. Banks deploying agent banking by providing services to customers through a third party (agent) are required by Article 9 of the CBN Guidelines for the regulation of Agent Banking and Agent Banking relationships in Nigeria to publish an updated list of all their agents on their websites.

7. The CBN Corporate Governance Guidelines for Commercial, Merchant, Non-interest and Payment Service Banks in Nigeria 2023 require publicly quoted banks to publish a summary of their risk management policies. Further, all Banks are mandated by the guideline to publish a summary of the Bank’s insider trading and related party transaction policy on their website.

In view of the above, the content of a bank’s website is not solely a technology or branding affair.  There are legal issues to be considered in populating content for a bank’s website. In all, banks are mandated by the CBN Guidelines on Disclosure and Transparency to ensure that their websites and other information dissemination channels are functional and regularly updated with the current product features and service offerings.

Banks are encouraged by CBN guidelines to communicate with stakeholders via their website and also host a stakeholder communication policy on their website.