The Central Bank of Nigeria (CBN) has unveiled new minimum requirements for Automated Teller Machines (ATMs) to boost nationwide cash accessibility and reduce the country’s increasing dependence on Point-of-Sale (PoS) terminals.
The policy, detailed in a draft circular titled Exposure of the Draft Guidelines on the Operations of Automated Teller Machines (ATMs) in Nigeria, updates previous regulations to improve convenience, safety, and consumer protection in ATM operations.
Addressing Overreliance on PoS Machines
The directive comes amid a sharp rise in the use of PoS terminals across Nigeria. By March 2025, the country had about 8.3 million registered PoS devices, while 5.56 million were in active use as of December 2024 — a 127% increase compared to the previous year. Although this has made cash transactions easier for many Nigerians, it has also created excessive reliance on PoS services.
ATM Deployment Targets
Under the new framework, all card-issuing banks are required to deploy at least one ATM for every 5,000 active payment cards. Implementation will be gradual — 30% of the target must be achieved by 2026, with full compliance expected by 2028.
The CBN explained that this move aims to reduce pressure on the PoS network, improve access to cash, and strengthen public confidence in Nigeria’s banking infrastructure.
ATMs must be located in secure areas that protect users’ privacy, and outdoor machines must be properly fixed to the ground. Any installation, relocation, or removal of ATMs must first receive written approval from the CBN.
Independent ATM Deployers (IADs) are also required to obtain authorization from the central bank, meet licensing conditions, and show evidence of collaboration with a partner bank responsible for providing cash.
Faster Refunds for Failed Transactions
To protect customers, the CBN has ordered instant reversal of failed “on-us” transactions — those made on a customer’s own bank’s ATM. Where technical issues delay this, reversals must be completed within 24 hours. For “not-on-us” transactions conducted on other banks’ ATMs, refunds must be made within 48 hours.
Banks must also set up automatic systems that trigger refunds without customers having to lodge complaints.
Security and Data Protection Standards
Each ATM must have surveillance cameras that record customer activity such as card insertion and cash dispensing, but without capturing keypad entries. Machines must also include anti-skimming devices to prevent card cloning and fraud. Encryption keys are to be updated yearly and cannot be used across multiple machines. Customers should also be able to change their PINs without incurring charges.
All ATM deployers and operators must comply with the Payment Card Industry Data Security Standards (PCI DSS) to safeguard user data and ensure transaction integrity.
Operational and Monitoring Requirements
ATMs must remain functional at all times, with downtime not exceeding 72 consecutive hours. When downtime is unavoidable, customers must be notified.
Banks are also required to keep ATMs adequately funded. In cases where third-party deployers manage ATMs, their partner banks will remain accountable for cash supply and service quality.
Every ATM must display customer service contacts, transaction charges, and issue receipts for all transactions except balance inquiries.
The CBN will carry out periodic inspections and audits to verify service quality, cash availability, and compliance with the guidelines. Institutions must submit monthly reports on ATM deployment and operations by the fifth day of the following month.
Defaulters will face penalties and other disciplinary actions.
According to the CBN, the updated guidelines aim to ensure fair ATM distribution, protect users, and promote easier, safer, and more reliable access to cash nationwide.
