FCCPC Tightens Grip on Digital Lending with New Regulations

The Federal Competition and Consumer Protection Commission (FCCPC) has introduced the Digital, Electronic, Online, or Non-Traditional Consumer Lending Regulations, 2025, marking a turning point for Nigeria’s fast-growing consumer credit market.

For years, the sector operated with limited oversight, giving rise to complaints of harassment, exploitative interest rates, and unethical practices that eroded consumer trust. The FCCPC’s new framework signals the end of ad-hoc interventions such as app delistings and office raids.

In their place is a structured regulatory regime that treats digital lending as a core part of the financial system, demanding transparency, accountability, and consumer protection at every stage. With Nigeria’s consumer credit market now valued at over $2.1 billion, the FCCPC has decided that the space can no longer be treated as a digital frontier without rules.

Who Must Comply? The “Benefit Test”

At the core of the new regulations lies the concept of the “benefit test.” This is the standard by which the FCCPC determines whether a business falls under the scope of the regulations. Unlike narrow definitions that might have excluded certain categories of players, the benefit test is deliberately broad.

It applies to any entity, whether Nigerian or foreign, that derives a benefit from lending activities conducted digitally, electronically, online, or through other non-traditional channels. The benefit does not need to be monetary alone; it can also be in the form of goods, services, commissions, or even barter arrangements.

The wide reach of the benefit test means that the regulations extend well beyond digital lending startups and traditional fintech companies. Mobile money operators that provide credit services are captured, as are telecommunications companies that advance airtime and data to subscribers. Agricultural technology platforms that extend farm inputs on credit fall under the same rules, just as service providers or vendors that partner with lenders and earn commissions are also covered. This reflects the FCCPC’s recognition that credit is now embedded in many layers of Nigeria’s digital economy, and regulation must account for that complexity.

The New Approval Process

Perhaps the most significant operational shift introduced by the regulations is the requirement for formal registration and approval before any lending activity can take place. This is no longer a simple administrative step; it is a licensing-style process that requires careful preparation and ongoing compliance. Companies must now provide detailed corporate information, including incorporation documents from the Corporate Affairs Commission, full disclosures of directors and shareholders, and beneficial ownership details. Sector-specific licences must also be disclosed where relevant, and operators are required to submit their standard lending contracts, privacy policies, and customer service frameworks.

Tax compliance has become a formal prerequisite, alongside more sophisticated obligations such as a Compliance Audit Report and a Data Protection Impact Assessment. These must be prepared by accredited organisations, signalling that the FCCPC expects serious investment in governance from operators. The approval process also carries significant costs. In addition to a non-refundable application fee of one hundred thousand naira, businesses must pay one million naira for approval, which covers two apps. Any additional apps will cost five hundred thousand naira each, up to a maximum of five. Approvals last for three years and must be renewed. Operators are also required to pay an annual levy of five hundred thousand naira. Biannual reporting requirements mean that compliance is not a one-off exercise but a continuous obligation.

What Are The Penalties For Non-Compliance?

The FCCPC has moved from issuing warnings to imposing penalties with real financial and operational consequences.

Companies that fail to comply may be fined up to one hundred million naira or one percent of their annual turnover, whichever is higher.

For individuals, the fines can reach fifty million naira, while directors themselves face the risk of disqualification for as long as five years.

These sanctions go beyond monetary fines. The Commission has the authority to suspend a company’s operations, revoke approvals, delist apps from digital stores, and terminate partnerships. In cases where licences lapse or where businesses are found to have submitted misleading information, approvals can be withdrawn almost immediately.

Consumer Protection at the Core

While the framework may seem heavy on paperwork and compliance fees, its ultimate goal is to reset the balance between lenders and borrowers in a way that promotes trust. The FCCPC is targeting specific practices that have harmed consumers in the past. These include the harassment of borrowers and their family members or contacts, the use of unsolicited marketing, and the hiding of fees within complex contracts.

Lenders must now prove that they lend responsibly by ensuring that loans are only extended to people who can repay them. Interest rates will also fall under scrutiny, as the FCCPC has committed to ensuring they are not exploitative or “inimical to consumer interest.”

Data protection has been built into the core of the regulations. Companies must not only have policies in place but also be ready to provide records within forty-eight hours of a regulatory request. This represents a shift from reactive enforcement to proactive monitoring, with the FCCPC clearly positioning itself as both regulator and watchdog.

What Are Some Challenges?

Despite the comprehensiveness of the regulations, challenges remain. One grey area is the overlap with the Nigeria Data Protection Commission, particularly since the FCCPC requires Data Protection Impact Assessments and audits that could duplicate NDPC oversight.

Another area of contention is the treatment of vendor financing. By bringing even small merchants who occasionally extend credit under the same rules as large lenders, the FCCPC risks creating compliance burdens that may be disproportionate. Furthermore, the exemption granted to microfinance banks, while conditional, creates uneven incentives when compared to other banks engaged in consumer lending.

Operationally, the requirement for prior approval of vendor agreements could slow down fintech partnerships, forcing procurement and legal teams to incorporate regulatory review time into every business timeline. These friction points may become clearer as businesses test the system, but for now, the FCCPC appears intent on casting a wide net.