In July 2025, the Federal Competition and Consumer Protection Commission (FCCPC) introduced the Digital Electronic Online, Non-Traditional Consumer Lending Regulations (DEON Consumer Lending Regulations) 2025. These rules are designed to bring greater transparency, accountability, and consumer protection into a market that has grown rapidly but often without sufficient oversight.
For business leaders, investors, and fintech operators, the regulations are not just about compliance—they reshape how digital lending will work in Nigeria for years to come. Below is a clear analysis of the new framework, its opportunities, and its challenges.
Mandatory Re-Registration and High Compliance Costs
Every digital lender and service provider currently operating must re-register with the FCCPC within 90 days from July 24, 2025. This implies that the deadline for compliance is November 5, 2025. Once registration is granted, approvals are valid until December 31 of the third calendar year and must be renewed by March 31 of the following year.
The cost of re-registration is significant. Beyond the ₦100,000 non-refundable application fee, lenders must pay ₦1,000,000 for registration and approval, which covers two software applications. Each additional application, up to five in total, attracts a fee of ₦500,000. Renewals also come with an annual levy of ₦500,000 after the first three-year cycle.
While this system may help the FCCPC sanitize the market and eliminate rogue operators, it risks excluding smaller or emerging players who cannot shoulder such heavy financial obligations. The effect could be a consolidation of the sector around larger, better-capitalized firms.
Clearer Rules on Interest Rates, Terms, and Consumer Protection
One of the most consumer-friendly provisions requires lenders to disclose all interest rates, repayment terms, and associated fees in plain English before a loan is issued. These details must also be published prominently on fintech websites.
The FCCPC has also reserved the right to periodically review interest rates to prevent exploitative practices. However, the lack of a defined benchmark for what counts as “exploitative” leaves room for regulatory discretion, which may create uncertainty for operators.
Regulatory Overlap with the Central Bank of Nigeria
Not all financial institutions are subject to the same requirements. Banks licensed under the Banks and Other Financial Institutions Act are fully exempt. However, microfinance banks and finance companies, even though they are already regulated by the Central Bank of Nigeria (CBN), must still obtain a waiver from the FCCPC before engaging in digital lending.
This dual oversight introduces regulatory duplication. Microfinance banks already comply with strict CBN rules, adding another approval process could result in inefficiency without delivering proportional benefits to consumers.
Tightened Control of Partnerships and Vendor Relationships
Another striking aspect of the new regulations is the level of scrutiny over partnerships. Digital lenders must now obtain FCCPC approval before entering into agreements related to consumer lending, including vendor contracts. Any amendments to these agreements will also require FCCPC consent. Unauthorized service-level agreements are outright prohibited.
While this move seeks to ensure accountability across the lending value chain, it may also slow down business operations. For fintechs that depend on rapid innovation cycles, the requirement for pre-approval could become a bureaucratic bottleneck.
Approval Timelines and Reporting Demands
The FCCPC has committed to processing complete applications within 30 days. However, it retains discretion to extend the timeline if it chooses, which creates some uncertainty for lenders eager to move quickly in a competitive market.
Compliance does not stop at registration. Lenders and their vendors must submit annual returns that detail lending transactions, consumer interactions, and complaint resolutions. In addition, bi-annual reports must capture transaction numbers, loan values, interest collected, fees charged, and complaint outcomes. The FCCPC also has the authority to demand access to documents at any time, which lenders must provide within 48 hours.
For larger, established companies, these reporting requirements may be manageable. But for smaller fintech startups, the administrative burden could prove overwhelming without significant investment in compliance infrastructure.
Severe Penalties for Non-Compliance
The FCCPC has backed these rules with some of the toughest penalties seen in Nigeria’s fintech sector. Companies found in breach could face fines of up to ₦100,000,000 or one percent of their previous year’s turnover, whichever is higher. Individuals—whether directors, managers, or employees—could face fines of up to ₦50,000,000 and disqualification from holding similar positions for up to five years. Beyond financial penalties, sanctions may include suspension, delisting, or even outright revocation of a lender’s approval.
Such measures are clearly meant to act as a deterrent and align Nigeria’s practices with global standards. However, to be effective, the FCCPC will need to ensure that enforcement is proportionate to the seriousness of violations, rather than becoming a revenue-generation tool.
Consumer-Centric Obligations for Lenders
The regulations also set out strict obligations that redefine how lenders interact with customers. Loan disbursements can only be made upon the explicit request of consumers, eliminating automatic or pre-authorized lending. Data protection rules, in line with the Nigeria Data Protection Act 2023, forbid lenders from accessing sensitive information such as call logs, contact lists, or photo galleries.
Consumer complaints must be resolved within 24 hours. If that is not possible, lenders must communicate a resolution timeline within 48 hours. Channels for lodging complaints must be visible and accessible.
Record-keeping is another area of focus. Lenders must maintain their records for at least five years and produce them within 48 hours when requested by regulators. These provisions strengthen accountability and trust but may stretch the operational capacity of smaller firms.
Striking the Right Balance
The DEON Consumer Lending Regulations 2025 are a bold attempt to professionalize digital lending in Nigeria. They place consumer protection at the heart of lending practices, enforce transparency in loan terms, and introduce severe consequences for misconduct.
Yet, the framework also comes with risks. The combination of steep registration fees, heavy reporting obligations, and dual oversight between the FCCPC and CBN could discourage smaller fintechs from entering or surviving the market. This might unintentionally reduce financial inclusion, leaving consumers with fewer lending options.
For decision-makers, the key takeaway is clear: compliance is non-negotiable. Re-registration must be prioritized, disclosures must be transparent, and complaint-handling systems must be robust. At the same time, there is a strong case for engaging regulators to ensure that enforcement remains fair, proportionate, and supportive of innovation in Nigeria’s fintech sector.
Written by Adeola Osifeko LLB,BL,LLM, ACIS,ABR
The Legal Trove 