Sectoral Risk Assessment for Trust and Company Service Providers in Nigeria

Sectoral Risk Assessment for Trust and Company Service Providers in Nigeria Special Control Unit Against Money Laundering 2025 Economic and Financial Crimes Commission [Type the company name] 3/1/2025

Acknowledgement The successful completion of this Sectoral Risk Assessment of Trust and Company Service Provider (TCSPs) in Nigeria would not have been possible without the invaluable contributions of key institutions and stakeholders committed to strengthening Nigeria’s Anti-Money Laundering, Counter Financing of Terrorism, and Counter Proliferation Financing (AML/CFT/CPF) framework. We extend our profound appreciation to the Chairman of the Economic and Financial Crimes Commission (EFCC) for his unwavering support and leadership in driving Nigeria’s financial integrity agenda. His commitment to combating financial crimes and ensuring robust regulatory oversight has been instrumental in shaping the risk assessment of the TCSP sector. We also acknowledge the significant contributions of the Director/Chief Executive Officer of the Nigerian Financial Intelligence Unit (NFIU) for providing strategic guidance, technical insights, and intelligence support that enriched the findings and recommendations of this assessment. Special appreciation goes to the President and members of the Association of Corporate Trustees of Nigeria, whose active participation, expertise, and sectoral knowledge have been invaluable in identifying vulnerabilities and strengthening compliance measures within the TCSP sector. We further recognize the dedicated efforts of the members of the Working Group, comprising representatives from the Securities and Exchange Commission (SEC), the Corporate Affairs Commission (CAC), and other key stakeholders. Their technical expertise, analytical contributions, and commitment to ensuring a comprehensive assessment of risks within the TCSP sector have significantly enhanced the quality and depth of this report.

Finally, we express our gratitude to all stakeholders, industry practitioners, and regulatory partners who provided critical insights, data, and recommendations throughout the assessment process. Their collective input has been essential in shaping this report and advancing Nigeria’s risk-based approach to AML/CFT/CPF supervision. This Sectoral Risk Assessment reflects our shared commitment to enhancing transparency, mitigating risks, and strengthening the integrity of the Trust and Company Service Providers sector in Nigeria. Thank you. Erin Harry, fsi Director, Special Control Unit against Money Laundering, EFCC

Executive Summary The Trust and Company Service Providers (TCSPs) sector in Nigeria plays a crucial role in the country’s financial ecosystem by offering services such as company formation, management, trustee services, and nominee arrangements. However, the sector is also vulnerable to money laundering (ML) and terrorist financing (TF) risks due to the nature of its operations, the anonymity it can provide to beneficial owners, and regulatory compliance challenges. This AML/CFT Sectoral Risk Assessment evaluates the inherent and residual risks associated with TCSPs in Nigeria, considering key risk factors such as the legal and regulatory framework, the sector’s exposure to high-risk clients and jurisdictions, and the effectiveness of compliance mechanisms. The assessment identifies significant vulnerabilities, including weak customer due diligence (CDD) practices, limited awareness of AML/CFT obligations, and gaps in beneficial ownership transparency. Key findings indicate that while the TCSPs sector faces potential AML/CFT risk, Nigeria has made progress in strengthening its AML/CFT framework and significantly improved adoption and implementation of preventive measures, therefore the TCSP sector remains at a moderate risk of misuse by illicit actors. Key risk drivers include: • Complex Ownership Structures: The use of nominee directors and complex corporate arrangements increases the risk of concealment of beneficial ownership. • Regulatory Challenges: many independent professionals offering TCSP services are not under SCUML regulations. • High-Risk Clientele and Transactions: TCSPs often serve high￾net-worth individuals and politically exposed persons (PEPs), increasing ML/TF exposure.

• Limited AML/CFT Awareness: Many TCSPs lack sufficient understanding of their AML/CFT obligations, resulting in weak compliance practices. To mitigate these risks, the assessment recommends a multi-pronged approach, including: • Enhanced Supervision and Enforcement: Strengthening the capacity of regulators to conduct risk-based supervision and enforce compliance. • Improved Beneficial Ownership Transparency: Mandating stricter reporting requirements and leveraging technology for enhanced due diligence. • Capacity Building and Awareness: Conducting targeted training programs to improve TCSPs' understanding of AML/CFT responsibilities. • Strengthened Collaboration: Enhancing cooperation between regulators, law enforcement, and industry stakeholders to improve information sharing and enforcement efforts. Addressing these vulnerabilities is critical to reducing the sector’s ML/TF risks and aligning Nigeria’s AML/CFT regime with international best practices. Strengthening the regulatory framework, enhancing risk-based supervision, and fostering industry-wide compliance culture will significantly improve the resilience of TCSPs against financial crime threats.

Chapter One Introduction Background Trust and Company Service Providers (TCSPs) in Nigeria serve as intermediaries in business structuring, providing services such as company formation, management, and the administration of trusts and other legal arrangements. While these services are vital for economic development and ease of doing business, they also present significant risks for Money Laundering (ML), Terrorist Financing (TF), and Proliferation Financing (PF). Criminals exploit TCSPs to obscure beneficial ownership, create complex corporate structures, and facilitate illicit financial flows. Given Nigeria’s commitment to improving its Anti-Money Laundering (AML), Counter-Terrorist Financing (CFT), and Counter-Proliferation Financing (CPF) frameworks, this Sectoral Risk Assessment (SRA) provides a detailed evaluation of the risks inherent in the TCSP sector and identifies measures to mitigate vulnerabilities. Key Findings • High Exposure to ML/TF/PF Risks: TCSPs offer services that enable the creation of complex and opaque legal entities, increasing their potential misuse for illicit financial activities. Criminals exploit these structures to launder money, evade taxes, and finance terrorism. • Regulatory and Supervisory Gaps: Despite regulatory efforts, all operators in the sector have not been fully incorporated under the AML/CFT regime. This is attributed to operations of some independent professionals(lawyers in particular)

• However, there have been rapid adoption and implementations of AML/CFT/CPF requirements, leading to a well developed compliance practices in the sector. • Implementation of Customer Due Diligence (CDD): Know Your Customer (KYC) and Customer Due Diligence (CDD) checks in the sector is highly developed and effective, making it difficult for individuals and entities involved in illicit activities to exploit TCSPs services. • International Pressure and Compliance Requirements: Nigeria's placement under the International Cooperation Review Group (ICRG) monitoring process has also improved swift remediation of deficiencies in the TCSP regulatory environment with SCUML and SEC effectively providing supervision, enforcement and awareness creation in the sector. • Vulnerability to Foreign and Domestic Illicit Activities: The use of TCSPs in cross-border transactions amplifies their exposure to international money laundering schemes, tax evasion, and illicit financial flows. Risk Ratings • Inherent Risk: Medium – The nature of TCSP services, the complexity of corporate structures, and the anonymity of beneficial owners make the sector highly susceptible to ML/TF threats. • Control Effectiveness: High – Regulatory oversight and enforcement mechanisms are strong, with significant improvements in transaction monitoring and compliance practices by the operators. • Residual Risk: Medium – Despite some potential and actual ML/TF/PF vulnerabilities in the sector , the combination of strong controls, inter-agency collaborations, effective and dissuasive

sanctions, and sustained outreach to the sector has reduced the sector ML/TF/PF residual risks. Methodology The Sectoral Risk Assessment was conducted using a risk-based approach that combined both qualitative and quantitative analysis. The methodology involved: • Regulatory Review: Analyzing existing laws, regulations, and compliance reports to identify gaps in the legal and supervisory framework. • Stakeholder Engagement: Conducting surveys, interviews, and consultations with TCSPs, regulatory bodies, financial intelligence units, and law enforcement agencies to assess the sector's risk exposure. • Data Analysis: Reviewing Suspicious Transaction Reports (STRs), enforcement actions, and intelligence reports to determine patterns of illicit activities involving TCSPs. • International Benchmarking: Comparing Nigeria’s TCSP regulations with global best practices and Financial Action Task Force (FATF) recommendations to identify areas for improvement. Recommendations

1. Strengthen Regulatory Oversight: strengthen exiting regulatory framework for TCSPs and enhance the capacity of existing oversight bodies.
2. Enhance Compliance Frameworks: continue to sustain the robust licensing requirements for TCSPs and ensure TCSPs continue to implement robust AML/CFT/CPF controls, and enforce mandatory KYC/CDD procedures.
3. Capacity Building and Awareness: Conduct targeted training programs to educate TCSPs on their obligations under

AML/CFT/CPF regulations and enhance their ability to detect and report suspicious activities. 4. Increase Enforcement Actions: Implement stricter penalties for non-compliance, increase on-site inspections, and enhance monitoring mechanisms to ensure adherence to regulatory requirements. 5. Improve Beneficial Ownership Transparency: continue to enforce comprehensive disclosure of beneficial ownership information for entities serviced by TCSPs to enhance transparency and prevent misuse for illicit financial activities. Conclusion The Sectoral Risk Assessment confirms that TCSPs in Nigeria face significant potential ML/TF/PF risks. However these vulnerabilities have been largely addressed through stronger oversight, robust enforcement mechanisms, and enhanced awareness among stakeholders. Generally, Nigeria has aligned its AML/CFT/CPF regime with international standards, ensuring compliance with global regulatory expectations and strengthening the integrity of the financial system.

Chapter Two Overview, Context, Legal and Regulatory Framework for the TCSPs Sector in Nigeria • Overview and Context of Trust and Company Services in Nigeria Trust is a legal instrument or device whereby a person called a Settlor delivers part or all of his properties to another person called Trustee who administers and manages the property/ies for the benefit of designated person/s called Beneficiaries. The term “person” may refer to an individual or natural person or a juridical person like a corporation. It is a transaction usually composed of three parties (Settlor, Trustee, and Beneficiaries), each with his own obligations and rights, and involving properties and property interests to address various kinds of purposes. The most notable feature of Trust is grounded in the fact that the legal title to the property is in one person while the beneficial interest which is referred to as the “equitable title” is in another person. The legal right ownership and control are in the trustee, subject to the duty of applying and using the property as directed by the Settlor, while the right to enjoy the benefits from the property is in the beneficiary of the trust. In the Nigerian context, Trust can be divided into Living and Testamentary. Living Trust is a Trust created during a Settlor’s lifetime and which is expected to take effect during the lifetime of the Settlor. A Living Trust covers three aspects of a Settlor’s life: when the Settlor is alive & well, when the Settlor becomes incapacitated and when the Settlor dies. In a Living Trust, assets must be re-registered, retitled or otherwise validly transferred to the Trustee. This is particularly necessary to prevent the probate process on the settlor’s demise. A Testamentary Trust on the other hand, is created as part of

a will and becomes active after the settlor’s death. With a Testamentary Trust, properties must go through probate before they become subject to the Trust.1 Trust arrangements in Nigeria could also be classified as offshore or local trust(Conventional and Absolute Nigerian trust) The distinction between a traditional trust and an offshore trust is simply that an off￾shore trust is created outside the jurisdiction of a settlor. 2 Company services in Nigeria basically include company formation & registration, company secretarial services and Nominee services. Company secretarial services involves administration of a company with regards to ensuring compliance with the statutory and regulatory requirements3 including maintaining records, filing returns, and advising on corporate governance, all of which are crucial for smooth business operations and legal adherence. A Nominee is a person who holds assets on behalf of another person but who does not have any beneficial interest in the assets. A nominee can also be described as an agent and is nominated in that capacity for the interest of the appointer (principal). The meaning and role of the nominee can also change depending on the context. For example the Securities and Exchange Commission Rule on Nominee Companies (New Rules and Sundry Amendments as at January 21) defines Nominee Company as “a company formed by a bank or other financial institution for the purpose of holding securities and other assets and administering them on behalf of the actual owners under the terms of a custodial or nominee agreement“ 4 1 https://stltrustees.com/estate-planning/types-of-trust/ 2 https://www.mondaq.com/nigeria/trusts/713538/trust-beyond-borders-offshore-trust-or-local-trust 3 https://www.resolutionlawng.com/company-secretarial-services-in-nigeria/ 44 https://sec.gov.ng/regulation/rules-codes/

TCSPs providing nominee services in Nigeria can act as either nominee directors or nominee shareholders. A nominee director is a director duly appointed to act on behalf of the actual director of a company and whose authority to act is derived from a contract or power of attorney duly executed by the appointor. The power of attorney or contract clearly outlines the acts which the nominee director can undertake and the extent of the nominee's powers. These acts may include opening a corporate bank account on behalf of the company, signing documents, executing contracts and agreements on behalf of the company, attending board and company meetings, ensuring regulatory compliance, filing returns at the Corporate Affairs (CAC). A TCSP can also be a nominee shareholder, where they are appointed by the beneficial owner of shares in a company to carry out the duties of a shareholder on his behalf subject to the terms contained in the declaration of trust appointing them as nominee shareholder. These duties include attending meetings, voting in meetings, accepting notices and other correspondence from the company on the beneficial shareholder's behalf, etc5. Structure and Size of the Trust and Company Service Provider Sector Trust service providers in Nigeria are either corporate trustee or lawyers and accountants offering private trustees services to high net-worth individuals and corporate clients. Oftentimes lawyers and accountants float independent entities that offer trust and company services to their existing client to avoid professional conflict issues that may arise from their existing relationship with the clients. 5 Mondaq.com

Corporate trusteeship in Nigeria refers to the role played by licensed corporate entities in managing trusts, estates, and other fiduciary responsibilities on behalf of individuals, organizations, or the public. Corporate trustees act as fiduciaries, ensuring that assets are managed and distributed according to the terms of a trust deed or other legal agreement. Corporate trustees are mostly affiliates of banks & financial institutions (Banks & Financial Institutions (e.g., First Trustees, UBA Trustees, Stanbic IBTC Trustees) or independent companies set up for offering trust and company services.(e.g., United Capital Trustees, FBNQuest Trustees) The size of the TCSPs sector in Nigeria is quite difficult to estimate given the spectrum of professionals and companies operating in the sector, particularly lawyer who offer it as a legal service. As 31st December, 2025, SCUML has registered 1,143 TCSPs that are currently under its AML/CFT supervision. Nature of Activities Trust or company service provider means any person that, by way of its business, provides any of the following services to third parties:6 a) The formation of companies or other legal persons. b) Acting as, or arranging for another person to act as, a director or secretary of a company, a partner of a partnership, or a similar position in relation to other legal persons. c) Providing a registered office, business address, correspondence or administrative address and other related services for a company, a partnership or any other legal person or arrangement. 6 https://www.fatf gafi.org/documents/riskbasedapproach/documents/rba-trust company-service providers.html?hf=10&b=0&s=desc(fatf_releasedate)

d) Acting as, or arranging for another person to act as, a trustee of an express trust or a similar legal arrangement. e) Acting as, or arranging for another person to act as, a nominee shareholder for another person other than a company listed on a regulated market that is subject to disclosure requirements in accordance with Union law or subject to equivalent international standards. In Nigeria, Trust and company service providers (TCSPs) are involved in a wide range of services and activities for their clients. These services include acting as a director or secretary of a company or similar position, providing a registered office or business address for a company, acting as trustees of an express trust, among others. However, not all the professionals and companies active in this sector provide the same services. Corporate Trust companies which are mostly set up by banks but independently of the banks’ operations, are more involved in trust services such as Debenture Trusts (Consortium/Syndicated), Bond Trusteeship (Government & Corporate), Trust of Collective Investment Schemes/REITs (Real Estate Trusts), Endowments/Foundations, Estate Planning, Nominee Services, Funds/Portfolio Management, escrow services etc 7 These services are relatively vulnerable to money laundering abuse because it provides some anonymity to the beneficial owners of the transactions. A classic case was in respect of a former Minister of Power who used a blind trust arrangement to inappropriately acquire privatized electricity distribution rights under a process he supervises as a cabinet Minister. 8 7 National Inherent Risk Assessment Of Money Laundering In Nigeria, 2022 8 http://saharareporters.com/2012/08/29/barth, (http://saharareporters.com/2012/08/29/barth nnaji%E2%80%99s-resignation-testament-need-publicdeclaration assets)

TCSPs set up by law firms with limited capability and lack of economies of scale enjoyed by the ones owned by banks to financial services have been mostly known with company secretarial services. However, evidence from SCUML supervision revealed that they also serve as nominee directors and shareholders. For example, XYZ Nominees Ltd, a company service provider affiliated to one of the leading law firms in Nigeria was appointed as a nominee director on the Board of MM LTD/GTE (a Non-Profit company recently incorporated in Nigeria). Estate Planning and other services offered by TCSPs in Nigeria are mostly used by corporate organizations and high net worth individuals. TCSPs have also been seen acting as nominee directors and shareholders in Nigeria. Business relationships are mostly long￾time businesses. Trust or company service providers have high-end clients that prefer to be anonymous, PEPs, Listed companies, and high net-worth individuals. Legal and Regulatory Framework While Trust laws in Nigeria are largely derived from English common law principles, they have evolved to accommodate local needs and practices. The Trustee Investment Act of 1962 and subsequent amendments provide a regulatory framework for the establishment and administration of trusts in Nigeria. The following laws and regulation relates to operation of trust and consequently operations of TCSPs in Nigeria. • Investment and Securities Act, 2025 and Its Relevance to AML/CFT Regulation of TCSPs

The Investment and Securities Act, 2025 (ISA 2025) is a key legal framework governing Nigeria’s financial and investment sectors. It provides comprehensive regulations for investment activities, securities markets, and the overall financial ecosystem. While the ISA 2025 primarily focuses on capital markets, its provisions have significant implications for the regulation of TCSPs, particularly in addressing AML/CFT concerns. The Act plays a crucial role in strengthening corporate governance, transparency, and financial crime prevention within the TCSP sector. Key aspects of the ISA 2025 relevant to TCSP regulation include: • Enhanced Beneficial Ownership Disclosure: The Act mandates the disclosure of beneficial ownership in corporate entities and investment schemes. This requirement directly addresses the opacity of TCSP services, ensuring greater transparency in the structuring of companies and trusts. • Corporate Governance and Compliance Standards: ISA 2025 establishes stringent corporate governance requirements for financial institutions and related entities. By extending these standards to TCSPs, regulators can enhance compliance with AML/CFT laws and mitigate risks of illicit financial activities. • Licensing and Regulatory Oversight: The Act strengthens the licensing framework for entities involved in financial services, including investment-related trusts and corporate service providers. TCSPs operating within the financial system may be required to comply with stricter licensing conditions that align with AML/CFT measures. • AML/CFT Obligations: ISA 2025 integrates AML/CFT provisions, making it mandatory for regulated entities to conduct KYC/CDD checks, report suspicious transactions, and maintain

adequate records. The application of these requirements to TCSPs will enhance their risk management frameworks. The ISA 2025 is implemented by the Securities and Exchange Commission (SEC). SEC has a robust AML/CFT framework that ensures TCSPs are effectively supervised through joint sensitization and compliance examination with SCUML. SEC has also issued a code of conduct for trustees. • Corporate and Allied Matters Act, 2020 The Corporate and Allied Matters Act, 2020 (CAMA 2020) is the primary legislation governing corporate entities, business names, and incorporated trustees in Nigeria. It replaced the 1990 version to modernize corporate regulations, improve business transparency, and align with international best practices. Trust and Company Service Providers (TCSPs) play a critical role in corporate structuring, nominee services, and trust administration. CAMA 2020 has several implications for TCSPs, particularly concerning AML/CFT compliance and corporate governance as follows:

1. Beneficial Ownership Transparency • TCSPs must ensure compliance with Part B, Section 119 of CAMA 2020, which mandates the disclosure of individuals with significant control over a company. • This aligns with FATF Recommendation 24, strengthening AML/CFT measures against illicit financial flows and tax evasion. • TCSPs managing corporate structures must collect and maintain accurate, up-to-date information on beneficial owners. •

2. Stricter Corporate Governance Requirements • Nominee directors and shareholders must be properly disclosed, and TCSPs managing such structures must ensure transparency. • Companies must maintain proper records of directors, shareholders, and beneficial owners, ensuring compliance with reporting obligations. • Electronic submission of annual returns, incorporation documents, and statutory filings will streamline corporate services.

3. New Rules for Insolvency and Liquidation • CAMA 2020 introduces business rescue mechanisms that TCSPs must be aware of when advising distressed companies. • Insolvency practitioners and TCSPs dealing with corporate restructuring must comply with new insolvency laws and debt recovery procedures. • Money Laundering (Prevention & Prohibition), 2022 Under the Money Laundering (Prevention and Prohibition) Act, 2022 TCSPs—which include lawyers, notaries, trust companies, and other professionals engaged in the creation, management, and administration of corporate entities—are categorized as Designated Non-Financial Businesses and Professions (DNFBPs). This means they are subject to stringent AML/CFT obligations. The key implications are as follows:

4. Expanded Compliance Obligations TCSPs must:

• Implement robust Customer Due Diligence (CDD) measures, including Know Your Customer (KYC) processes, to verify the identity of beneficial owners of entities. • Conduct Enhanced Due Diligence (EDD) for high-risk clients, including politically exposed persons (PEPs) and complex legal structures. • Keep records of transactions and beneficial ownership information for at least five years. • Report suspicious transactions to the Special Control Unit against Money Laundering (SCUML) and the Nigerian Financial Intelligence Unit (NFIU). 2. Beneficial Ownership Transparency TCSPs play a crucial role in setting up trusts, shell companies, and foundations, which can be exploited for money laundering. The Act requires: • Mandatory disclosure of beneficial ownership information to competent authorities. • Strict penalties for concealment or failure to disclose accurate beneficial ownership details. 3. Increased Supervision and Enforcement • The Act empowers SCUML to supervise TCSPs more rigorously, ensuring compliance with AML/CFT laws. • Regulatory authorities can conduct on-site and off-site inspections to verify AML/CFT controls. • TCSPs face criminal liability, fines, and license revocation for non-compliance. 4. Prohibition of Cash Transactions above Limits • The Act prohibits cash payments exceeding NGN 5 million (individuals) and NGN 10 million (corporate bodies) for business transactions.

• TCSPs must ensure that transactions involving company formation, asset management, or trust services comply with these limits. 5. International Cooperation and FATF Alignment • The Act enhances Nigeria’s international cooperation in combating transnational money laundering. • It aligns Nigeria’s regulatory framework with FATF Recommendation 24, which mandates transparency in beneficial ownership of legal entities.

Chapter Three Threat Assessment Overview of Relevant Data from Suspicious Transaction Reports Analysis of Trust Companies and Service Providers (TCSPs) Trust Company and Service Providers (TCSPs) are vulnerable to Money Laundering (ML) and terrorism financing (TF) activities because of their ability to create and manage legal entities that criminals can easily use to conceal ownership and transfer illegal funds. key threats include: complex corporate structures, nominee shareholders, lack of beneficial ownership transparency, high-risk jurisdictions, cross border transactions, professional enablers, tax evasion practices when not properly managed. In accordance with Section 17 (2) (f) of the MLPPA, 2022, DNFBPs under which TCSPs are classified are required to submit cash-based transaction reports and currency transaction reports (CTRs) to SCUML. In separate section of the same law, TCSPs are required to file suspicious transaction report to the NFIU, within 24 hours. TCSPs’s capacity for identification and reporting of STR appears to be very low, which corroborates the almost nonexistent STR filed from the sector. Notwithstanding Analysis conducted on STRs filed revealed that both lawyers and accountants were captured as TCSPs. For the purpose of this sectoral risk assessment the NFIU received a total of 30 (thirty) STRs/SARs from financial institutions relating to their activities. Analysis of the reports submitted demonstrated huge cash transfers followed by immediate transfers to individuals/corporate entities or immediate cash withdrawals. This indicates the prevalence of cash transaction in the TCSPs sector, making it vulnerable to abuse by money launderers. Out of the 30 STRs/SARs filed to the NFIU on TCSPs,

twenty-two (22) were filed on money laundering, 4 (four) were fraud related and four (4) were on tax evasion. Analysis of reports filed by Financial Institutions to the NFIU from January, 2022 to December 2024 is shown below: Table 1: Break Down of STRs filed by Banks for TCSPs from 2022-2024 Reports Filed by FIs 2022 2023 2024 STR 5 9 16 SAR NIL Chart 1: Bar Chart showing STRS filed on TCSPs Based on table and chart one above, it is observed that five (5) STRs were filed on activities TCSPs in the year 2022, nine (9) STRs were filed in the year 2023 and sixteen (16) were filed in the year 2024. There was no suspicious activity report filed by banks on activities of TCSPs in the years 2022, 2023 and 2024. Overall, the number of STRs filed by banks on activities of TCSPs has increased from the year 2022 to 2024. It is worthy to note that there is a significant increase of twenty￾three (23) percent from 2023 to 2024.

ML/TF threats specific to TCSPs Based on the Thirty (30) Suspicious Transaction Reports (STRs) that were filed to the NFIU on the activities of trust companies and service providers there was no transaction that the NFIU suspects to be of Terrorism Financing in nature. The reason is because there was no transaction by any of the TCSPs reported to have taken place in a place of high insecurity or had indicators/red flags for terrorism financing. The locations as seen from the STRs analyzed were mostly Abuja, Lagos Ondo, Asaba etc. In addition, all the transactions reviewed and analyzed highlighted that the individuals /firms reported are trust companies registering and managing business entities held in trust. However, the analyses of the 30 STRs by the NFIU resulted in conclusion that trust companies and service providers could be used as vehicles for Money Laundering. Predicate Crimes Associated with TCSPs The major predicate crime found to be associated with trust companies and service providers is Money Laundering. The justification for this conclusion by the NFIU is based on the Money Laundering indicators/red flags found from the nature of STRs reported to the NFIU. The table and chart below provide a graphical presentation of the findings. Table 2: Break down of STRs filed on TCSPs according to client type Client Type Number of STRs filed Companies 16 Individual 14 Total 30

Chart 2: Break Down of STRS on TCSPs according to Clients Based on table and chart 2 above, out of the 30 STRs filed on TCSPs 14 of the STRs were related to individuals who are not qualified to operate as trust companies and service providers but received funds from different sources in a suspicious manner that appeared to be Money Laundering. The narrations for these transactions showed huge inflows followed by immediate outflows, huge inflows in trenches and huge inflows from different unrelated entities including trust companies. Accounting firms, law firms and registered secretaries. Based on table and chart 2 above the remaining 16 STRs were related to registered accounting firms that carried out transactions that had Money Laundering patterns. One of the firms received structured inflow of NGN100,000,000 in 13 tranches and other amount totaling NGN1,300,000,000 and immediate withdrawal. High frequency inflows were also observed into the accounts of TCSPs from unknown source and unknown purpose of transactions in both Naira and USD.

Table 2: Break down of STRs filed on TCSPs according predicate offences Crime type Number of STRs Money laundering 22 Fraud 4 Tax evasion 4 total 30 Table 3 Chart 2: Break Down of STRS filed on TCSPs according to predicate offences. From the table above, TCSPs are more susceptible to money laundering related criminal activities because of its complex corporate structures, lack of beneficial ownership transparency etc. the above table/chart show that 73 (seventy-three) percent of the STRs analyzed were strong red flags for Money Laundering (ML) related crimes.

Case studies of ML/Tax Evasion activities TCSPs STR on entities receiving structured deposits. CASE STUDY ONE Details: We reviewed the account of ABC TRUSTEES and observed huge inflow followed by immediate huge outflows. We reviewed the account and observed structured inflow followed by immediate huge outflows. The customer received structured inflow of NGN100,000,000 in 13 tranches and other amount totaling NGN1,300,000,000 from XYZ NIG LTD (a contractor to a government agency) in November 5, 2024, followed by immediate multiple outflows of NGN1,200,000,000 to Call deposit booking. The customer has done a cumulative credit turnover of N4,354,941,972.75 in 8 months (January, 2024 till date). Further review shows that the customer has a pattern of receiving multiple and structured inflows followed by multiple outflows via ALAT NIP transfer. No adverse news found regarding the entity and its directors on open source. STR recommended for structured inflows and multiple outflows. The transaction is suspicious based on the fact that ABC Nig Ltd which is into contract may be sending kickbacks to a trustee for investment. Indicators/Red Flags: v Huge large deposits from a contractor working for the government, v The structured deposits are red flags for kickbacks Location: Abuja, Nigeria

STRs on individuals depositing FX funds into a trustee company CASE STUDY TWO details: The account of XYZ CAPITAL LIMITED witnessed huge FX inflows in the sum of $594,902.52 and $299,990.00 totaling $894,892.52 on October 3rd and 8th 2024 from MR ABC. The customer has made a cumulative credit turnover of 894,892.52 in October till date. Further analysis conducted revealed that Mr. ABC’s transaction pattern is quite suspicious considering the history of the account. Indicators/Red Flags: v Huge volume of transactions credit totaling $894,892.52 v The transaction is inconsistent with the customer profile v The relationship between the individual and the trustee company is not established Location: Lagos, Nigeria

Emerging threats and typologies. In summery the emerging threats of Money Laundering through TCSPs has been established based on the 30 (thirty) STRs that were reviewed and analyzed by the NFIU Individuals were seen depositing huge funds into trust companies without justification as to the source of the funds. This is a big red flag for Money Laundering. Furthermore, Trust companies can serve as an avenue for the collection of kickbacks from government contractors.

Chapter Four Vulnerability Assessment Introduction As a key component of any AML/CFT risk assessment, significant consideration is given to the assessment of key issues driving ML/TF vulnerabilities in the Trust and Company Service Providers (TCSP) sector. The vulnerability assessment covers sectoral drivers such as the size and number of operators, market entry control, cross-border operations and exposures, regulatory frameworks, etc. Vulnerability drivers at the firm level, such as gaps in the adoption and implementation of compliance measures—including customer due diligence, identification and reporting of suspicious transactions— were also examined. The rating ranges from Lowly Significant to Very Significant as follows: • Lowly Significant: The sector shows a strong organizational framework with negligible exposure to ML/TF/PF risk. • Moderately Significant: The sector presents some weaknesses in its organizational framework and/or exposure to ML/TF/PF risk. • Significant: The sector exhibits significant weaknesses in its organizational framework and/or substantial exposure to ML/TF/PF risk. • Very Significant: The sector demonstrates highly significant weaknesses and/or a high exposure to ML/TF/PF risk. Vulnerability Analysis and Ratings

• Size, Ownership Structure, and Market Entry The TCSP sector in Nigeria is diverse, with firms ranging from small, independent but affiliatesof law or accounting practices. To large incorporated entities affiliated with big commercial banks and financial institutions in Nigeria.. Many TCSPs are structured as limited liability companies, sole proprietorships, or partnerships, making them susceptible to vulnerabilities associated with legal persons and arrangements. The National Risk Assessment (NRA) 2022 identified these legal forms as medium to highly vulnerable. However, stringent market entry controls—administered by regulatory bodies and professional associations—mitigate these risks. Although foreign participation is restricted, Politically Exposed Persons (PEPs) are active in the sector, particularly within smaller firms, increasing risks such as the commingling of illicit funds. Vulnerability Rating: Lowly Significant (1) • Use of Cash Cash transactions within the TCSP sector are minimal. Analysis of Cash-Based Transaction Reports (CBTRs) from the DNFBP subsector indicates a low cash transaction profile. Vulnerability Rating: Lowly Significant (1) • Cross-Border Operations and Exposures The TCSPs sector in Nigeria has shown some exposure to cross border operations. While evidences are scanty on the creation of offshore trust and company formation services in offshore financial centre by the TCSPs Nigeria, the number of Nigerians listed in offshore financial centre scandals, from the Panama to the Pandora papers scandals revealed that high net worth Nigerians may be using TCSPs in Nigeria to create legal person and arrangements overseas. 9 However Nigeria is not known for providing offshore trust or offshore financial services. SCUML compliance examinations have also shown few 9 https://www.aneej.org/from-panama-to-pandora-paper-leaks-time-for-nigerian-government-to-act/

instances of TCSPs in Nigeria acting as nominee directors on behalf foreigners - Vulnerability Rating: Moderately Significant (2) • Complexity of Sector’s Structure and Integration with Other Regulated Sectors TCSPs play a critical role in company formation, trust management, and corporate governance, integrating them into high-risk sectors such as real estate, financial services, and legal services. Their ability to create and manage complex structures increases the risk of misuse for illicit financial flows. However, investigative records show limited exploitation of TCSPs for in this regard- Vulnerability Rating: Moderately Significant (2) • AML/CFT Oversight and Compliance Culture Generally, TCSPs demonstrate stronger compliance culture, with independent compliance units and sophisticated AML/CFT tools. Smaller firms, particularly sole proprietorships professional firms, exhibit weaker compliance due to limited resources. Despite ongoing efforts by regulators, capacity gaps persist.- Vulnerability Rating: Lowly Significant (1) • Customer Due Diligence (CDD) CDD measures vary across TCSPs, depending on the nature of services offered. While most firms conduct basic verification, enhanced due diligence (EDD) for high-risk clients, including PEPs, remains inconsistent among smaller firms. Vulnerability Rating: Lowly Significant (1) • AML/CFT Awareness and Training Larger firms exhibit greater awareness of AML/CFT obligations, while smaller firms often lack in-depth knowledge of regulatory expectations. Although training initiatives have increased, poor awareness of AML/CFT measures persists in the small and medium firms.-Vulnerability Rating: Significant (3)

• Detection and Reporting of Suspicious Transaction Reports (STRs) Registration on the goAML reporting platform has significantly improved, yet STR filings remain low. While large firms maintain structured reporting mechanisms, smaller firms lack clear internal procedures for identifying and escalating suspicious transactions. Vulnerability Rating: Moderately Significant (2) • Beneficial Ownership Identification and Verification Regulatory emphasis on transparency has improved beneficial ownership disclosures. However, risks remain due to the potential misuse of nominee arrangements and complex legal structures. This risk has however been moderated with introduction of the CAC public beneficial ownership register. Vulnerability Rating: Lowly Significant (1) • Politically Exposed Person (PEP) Due Diligence While large TCSPs implement PEP screening effectively, smaller firms often lack resources for continuous monitoring. While there have been reported cases in the media of PEP abuse of trust arrangements10, however, limited evidence suggests widespread PEP abuse of TCSP services for ML/TF.- Vulnerability Rating: Moderately Significant (2) • New Technology and Payment Systems The use of digital payment systems and cryptocurrencies for TCSP￾related transactions is almost nonexistent, reducing exposure to risks associated with anonymous financial flows.- Vulnerability Rating: Lowly Significant (1) 10 https://www.voanews.com/a/a-13-2006-10-12-voa24/313911.html , http://saharareporters.com/2012/08/29/barth nnaji%E2%80%99s-resignation-testament-need-public-declaration assets) https://www.reuters.com/article/us-nigeria-powerminister idUSBRE87S0UW20120829

• Third-Party Transactions and Use of Professional Intermediaries Most TCSP engagements are direct, with minimal reliance on third parties, reducing risks related to the misuse of intermediaries.- Vulnerability Rating: Lowly Significant (1) • Regulatory Framework The TCSP sector is subject to comprehensive oversight, including licensing requirements, AML/CFT regulations, and professional conduct standards. However, effective supervision of smaller firms, particularly the independent professionals carrying out the TCSPs services, remain a concern.-Vulnerability Rating: Moderately Significant (2 Vulnerabilities Risk Scoring The scoring of the vulnerabilities is based on a 4 point rating scale as shown below Value Rating Scale Lowly significant 1 TO 1.5 Low Moderately significant 1.6 TO 2.5 Medium Significant 2.6 TO 3.5 High Very Significant 3.6 TO 4.0 Very High Summary and computation of Vulnerability rating for the sector Vulnerability Drivers Rating Value Size, Ownership Structure, and Market Entry Lowly Significant 1 Use of Cash Lowly Significant 1 Cross-Border Operations and Exposures Moderately Significant 2 Complexity of Sector’s Structure Moderately Significant 2 AML/CFT Oversight and Compliance Culture Lowly Significant 1 Customer Due Diligence Lowly Significant 1

Vulnerability Drivers Rating Value AML/CFT Awareness and Training Significant 3 Detection and Reporting of STRs Moderately Significant 2 Beneficial Ownership Identification and Verification Lowly Significant 1 PEP Due Diligence Lowly Significant 2 New Technology and Payment Systems Lowly Significant 1 Third-Party Transactions Lowly Significant 1 Regulatory Framework Moderately Significant 2 Total Sectoral Aggregate 20 Average Sectoral Vulnerability Rating 1.54 Conclusion With an average vulnerability rating of 1.54, the TCSP sector in Nigeria exhibits a Moderately Significant vulnerability level, demonstrating strong controls and limited ML/TF vulnerabilities.

Chapter Five Risk Assessment Nature of Risks Faced by TCSP Operators in Nigeria • Services/Product Risk Trust and Company Service Providers (TCSPs) in Nigeria offer a range of services that include company formation, corporate structuring, trust and fiduciary services, nominee director and shareholder services, and registered office services. These services play a critical role in corporate governance and wealth management but also present significant risks of misuse by criminals for money laundering (ML) and terrorist financing (TF). Research has consistently highlighted how TCSPs can be exploited to facilitate illicit financial activities. Criminals may use these services to create opaque corporate structures that conceal the true ownership and control of assets. For instance, shell companies and trusts may be set up to hide the proceeds of corruption, tax evasion, and fraud. One major concern is the misuse of nominee directors and shareholders, which can create an additional layer of anonymity, making it difficult for authorities to trace the real owners of a business. Similarly, trust and fiduciary services can be used to transfer and manage assets in a way that prevents detection of illicit funds. The National Risk Assessment (NRA) of Legal Persons and Arrangements in Nigeria underscores the vulnerabilities of corporate structures to ML/TF risks, particularly when beneficial ownership is not adequately disclosed. Moreover, TCSPs that facilitate international business transactions face additional exposure to cross-border ML threats. Offshore company registration and the establishment of international trusts can be used for tax evasion, trade￾based money laundering, and illicit capital flight. While TCSPs provide essential services, they must implement strict due diligence measures to prevent their misuse. The failure to identify and verify beneficial

owners, conduct enhanced due diligence (EDD), and monitor client activities can increase the risk of financial crime. • Customer Risk Customer risk in the TCSP sector arises from the profile of clients and the nature of services provided. The following categories of clients pose heightened ML/TF risks: • Politically Exposed Persons (PEPs): Nigeria has a high prevalence of corruption-related money laundering involving PEPs. TCSPs that provide company formation and trust management services for PEPs must apply enhanced due diligence (EDD) to verify sources of wealth and ensure transactions align with declared earnings. • High-Net-Worth Individuals (HNWIs): Many Nigerian HNWIs use offshore trusts and shell companies for asset protection, which may also facilitate tax evasion and money laundering. The Panama Papers scandal revealed widespread use of offshore structures by Nigerian elites, emphasizing the need for stringent KYC procedures. • Cash-Intensive Businesses: Given Nigeria’s large informal economy, TCSPs servicing businesses with heavy cash transactions must ensure adequate transaction monitoring. The rise of cashless policies has reduced direct cash risks, but indirect risks remain through business structures designed to obfuscate cash flow origins. • Entities with Complex Ownership Structures: Many Nigerian companies operate through shell corporations and layered ownership structures, making it difficult to determine ultimate beneficial ownership. TCSPs must conduct enhanced scrutiny on such clients to detect potential ML risks. • Foreign-Based Clients: TCSPs servicing international clients or setting up offshore entities must be aware of jurisdictional risks. Clients from high-risk jurisdictions or those engaged in frequent cross-border transactions require additional risk assessment and monitoring. • • Geographical Risk Certain locations within and outside Nigeria present higher ML/TF risks due to weak regulations, conflict zones, and illicit financial flows:

• High-Risk Domestic Areas: Regions such as the North-East (affected by insurgency) and the Niger Delta (involved in illicit oil bunkering) pose significant ML/TF risks. • Cross-Border Transactions: Nigeria’s economic ties with neighboring countries create opportunities for trade-based money laundering. TCSPs involved in international corporate services must ensure compliance with AML/CFT regulations. • Sanctioned and High-Risk Jurisdictions: Dealing with clients from sanctioned countries or jurisdictions flagged by the Financial Action Task Force (FATF) increases ML/TF exposure. • Delivery Channel Risk The way TCSPs deliver services influences their exposure to ML/TF risks. Key concerns include: • Remote and Online Transactions: The adoption of digital platforms for company registration and corporate structuring increases anonymity risks. Criminals may exploit online services to set up fraudulent entities or conceal ownership. TCSPs must ensure robust digital verification processes. • Third-Party Intermediaries: Many TCSPs engage agents or external consultants for company registration and legal services. Without strict due diligence, these intermediaries may be used to facilitate illicit activities. • Non-Face-to-Face Client Onboarding: While remote onboarding is not yet widespread in the Nigerian TCSP sector, its future growth necessitates stronger verification measures to prevent fraud and identity misrepresentation. Conclusion The TCSP sector in Nigeria presents moderate to high ML/TF risks due to the potential for misuse of corporate structures, trust services, and nominee arrangements. While regulatory frameworks exist, stronger implementation of KYC, EDD, and beneficial ownership disclosure is needed. TCSPs must remain vigilant and ensure full compliance with AML/CFT regulations to mitigate risks associated with financial crime.

Chapter Six Assessment of Controls Industry Standards and Self-Regulation • AML/CFT Market Entry Control In Nigeria, Trust and Company Service Providers (TCSPs) play a critical role in the financial system by offering services such as company formation, trust management, and business administration. Given the susceptibility of TCSPs to money laundering (ML), terrorism financing (TF), and proliferation financing (PF) risks, stringent regulatory oversight is essential to ensuring high standards of integrity, transparency, and compliance with Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) regulations. As part of their regulatory responsibilities, the Securities and Exchange Commission (SEC) enforce rigorous market entry controls to prevent illicit actors from infiltrating the sector. SEC regulatory frameworks ensure that only fit and proper persons with high integrity and professional competence are allowed to operate within the TCSP sector. SEC implements a range of market entry controls that include criminal background checks, Targeted Financial Sanctions (TFS) screening, beneficial ownership identification and verification, and Politically Exposed Persons (PEP) due diligence. • Prudential Regulations TCSPs in Nigeria are also subject to prudential regulations issued by the Securities and Exchange Commission (SEC). These regulations ensure compliance with ethical conduct and promote transparency in the sector. At on-boarding, SEC ensures that applicants for license has the requisite financial, technical and personnel competence to operate. These SEC's Consolidated Rules and Regulations also provide Specific Provisions for Trusts, Nominees, and Fiduciaries. These specific guidelines for entities acting as trusts, nominees, and fiduciaries, emphasize • Verification of the identity of providers of funds, including settlors and trustees.

• Understanding the nature and purpose of trusts, especially discretionary or offshore trusts. • Ensuring that underlying evidence of identity is accessible to law enforcement agencies when required. The SEC has established comprehensive AML and CFT regulations applicable to all Capital Market Operators, including those providing trust and company services. Key provisions include: • Customer Due Diligence (CDD): Obligation to verify the identity of clients, beneficial owners, and understand the nature of their business. • Record Keeping: Maintain records of transactions and identification data for a minimum period, facilitating transparency and accountability. • Internal Controls: Implement internal policies and procedures to prevent money laundering and terrorist financing activities. • Reporting Obligations: Report suspicious transactions to the Nigerian Financial Intelligence Unit (NFIU) promptly. SEC has also published its Code of Conduct for Trustees. Implementation of AML/CFT Preventive Measures • Customer Due Diligence (CDD) Customer Due Diligence (CDD) is a fundamental AML/CFT measure undertaken by TCSPs in Nigeria. As stipulated in the Money Laundering (Prevention and Prohibition) Act, 2022, TCSPs must conduct client identification, verification, and risk assessment to mitigate ML/TF risks. SCUML compliance examinations in 2024 revealed that most TCSPs obtain and authenticate client identity using official documents such as the National ID, Passport, or Corporate Affairs Commission (CAC) registration records. Additionally, they conduct beneficial ownership verification for corporate clients to prevent the concealment of illicit financial activities. • Risk Assessment and Customer Profiling The outcomes of the National Risk Assessment (NRA, 2023) have been communicated to TCSPs through SCUML's website, advocacy engagements, workshops, and seminars. Several TCSPs have incorporated the findings of the NRA into their risk assessment frameworks, considering factors such as the nature

of the client’s business, transaction patterns, geographical exposure, and sector￾specific risks. While some TCSPs have implemented risk-based frameworks effectively, many small and medium-sized TCSPs have yet to fully adopt these measures. The lack of structured risk assessment in smaller firms poses compliance challenges in the sector. • Enhanced Due Diligence (EDD) for High-Risk Clients A risk-based approach necessitates Enhanced Due Diligence (EDD) for high-risk clients. Beyond standard due diligence, TCSPs must gather additional information, verify the source of funds, and continuously monitor transactions. SCUML compliance examination reports indicate that major TCSPs, particularly larger firms, conduct rigorous due diligence before on boarding clients. These firms verify the client’s identity, legal structure, business activities, ownership structure, and financial performance. This ensures enhanced scrutiny of high-risk individuals and entities, including Politically Exposed Persons (PEPs) and businesses in high-risk sectors. • Suspicious Transaction Detection and Reporting TCSPs, like other DNFBPs, are mandated to implement policies and procedures for identifying, internally investigating, and reporting Suspicious Transaction Reports (STRs). AML/CFT routine and thematic examinations conducted in the TCSP sector have revealed increased adoption of risk-based AML/CFT policies. Many firms have enhanced their internal procedures for investigating and reporting suspicious transactions. Registration of TCSPs on the Nigerian Financial Intelligence Unit (NFIU) STR reporting platform has significantly improved. From near nonexistence in 2022, TCSP registrations on the NFIU Simplified STR reporting platform rose from zero in 2023 to 910 by the end of February 2025, representing 79.6% of TCSPs registered with SCUML. Despite this commendable progress, STR reporting still lags behind registration rates. SCUML and the NFIU continue to engage TCSP operators through capacity-building initiatives to enhance their ability to detect and report suspicious transactions effectively.

Record Keeping TCSPs in Nigeria have a crucial AML/CFT compliance obligation to maintain robust record-keeping practices. Compliance examinations have highlighted the following observations in record-keeping among TCSPs: • Record Preservation: The Money Laundering (Prevention and Prohibition) Act, 2022 mandates a minimum of five years for record retention. However, compliance examinations revealed that most TCSPs retain records for periods ranging from 7 to 10 years, largely due to regulatory and tax compliance obligations. • Customer Identification Data (KYC): Compliance assessments indicate that TCSPs maintain comprehensive KYC records, including client details, beneficial ownership data, and Politically Exposed Persons (PEP) identification. • Transaction Records: TCSPs generally keep detailed records of financial transactions, including bank statements, transaction parties, and the nature of transactions. • Suspicious Transaction Reports (STRs): Larger TCSPs maintain well￾documented records of suspicious activities reported to the NFIU. However, smaller firms, with limited compliance resources, face a higher risk of tipping off clients. • Training Records: Compliance assessments have found that TCSPs maintain adequate documentation of AML/CFT training programs, covering topics such as STR reporting, CDD/EDD, and risk-based approaches. • Accuracy and Completeness: Most TCSPs ensure the accuracy and completeness of their records, with supporting documentation available for compliance examinations. • Accessibility: While TCSPs generally provide accessible records to regulators, smaller firms tend to store records in more easily retrievable formats compared to larger firms, which use complex enterprise solutions. Conclusion The TCSP sector in Nigeria has made significant progress in implementing AML/CFT controls. However, challenges persist, particularly among smaller and medium-sized firms. Continued regulatory engagement, capacity-building

initiatives, and technological advancements will be key to strengthening AML/CFT compliance across the sector.

Chapter Six Summary of Findings Overall ML/TF/PF Threat Assessment The assessment of ML/TF threats within the sector was constrained by limited data, including the frequency of abuse and the estimated proceeds from illicit activities. Consequently, the threat evaluation relied on the analysis of 30 Suspicious Transaction Reports (STRs) filed the accountants. The accounting sector exhibits greater susceptibility to money laundering than to terrorist financing or proliferation financing, as none of the STRs analyzed were linked to these latter threats. The sectoral risk assessment focus group rated the ML/TF threat level as Medium, based on the following

1. TCSPs in Nigeria provide services that can be misused for concealing beneficial ownership, facilitating illicit financial flows, and enabling the misuse of legal entities.
2. The low volume of STRs filed within the sector indicates potential underreporting or lack of awareness.
3. Open-source reports and STR analysis show instances of TCSPs being implicated in financial crimes such as fraud, tax evasion, and corruption. How the impact of the threats is moderated by the relatively small size of the sector and the low significance of TCSPs services compared to other jurisdictions.

Overall ML/TF/PF Vulnerability Assessment Vulnerability Risk Scoring Methodology A four-point rating scale was used to assess vulnerabilities as follows: Value Rating Scale Lowly significant 1 TO 1.5 Low Moderately significant 1.6 TO 2.5 Medium Significant 2.6 TO 3.5 High Very Significant 3.6 TO 4.0 Very High With an aggregate vulnerability score of 20 out of 52, the sector's average vulnerability rating stands at 1.54 (Moderately Significant). The key determinants include:

1. Nature of Services Provided • Company Formation and Management Services: TCSPs facilitate the creation of legal entities and trusts, which can obscure beneficial ownership and be exploited for financial crime.
2. Client Risk Profiles • The sector serves a diverse clientele, including high-net-worth individuals, PEPs, foreign investors, and multinational corporations, increasing the sector’s exposure to high-risk clients.

• Average Sectoral Vulnerability Rating Vulnerability Drivers Rating Value Size, Ownership Structure, and Market Entry Lowly Significant 1 Use of Cash Lowly Significant 1 Cross-Border Operations and Exposures Moderately Significant 2 Complexity of Sector’s Structure Moderately Significant 2 AML/CFT Oversight and Compliance Culture Lowly Significant 1 Customer Due Diligence Lowly Significant 1 AML/CFT Awareness and Training Significant 3 Detection and Reporting of STRs Moderately Significant 2 Beneficial Ownership Identification and Verification Lowly Significant 1 PEP Due Diligence Lowly Significant 2 New Technology and Payment Systems Lowly Significant 1 Third-Party Transactions Lowly Significant 1 Regulatory Framework Moderately Significant 2 Total Sectoral Aggregate 20 Average Sectoral Vulnerability Rating 1.54 Aggregate ML/TF Risk The focus group assessed sectoral risk indicators as follows: Assessed Potential Risk Assessed Actual Risk Geographic Risk High Medium Customer Risk High Medium Service Risk High Medium Delivery Channel Risk Medium Medium • Inherent Risk: Medium-High – TCSPs facilitate financial structuring that can obscure beneficial ownership, increasing ML/TF risks.

• Control Effectiveness: Medium – While regulatory oversight exists, enforcement gaps remain. • Residual Risk: Medium – Strong enforcement, increased adoption and implementation of preventive measures by operators and enhanced compliance practices have helped to moderate ML/TF risks. Recommendation

1. Improving Suspicious Transaction Reporting • Encouraging Timely STR Filing: Increase training and awareness among TCSPs to improve compliance with STR obligations. • Adopting Automated Monitoring Systems: Encourage large TCSPs to integrate AML/CFT monitoring technology.
2. Capacity Building & Awareness Programs • Mandatory AML/CFT Training: Regulatory bodies should ensure that all TCSPs undergo periodic training. • Strengthening Ethical Guidelines: Promote professional integrity through reinforced ethical standards.
3. Strengthening Regulatory & Law Enforcement Collaboration • Improving Information Sharing: Enhance coordination between regulatory agencies and law enforcement. • Developing Public-Private Partnerships (PPP): Foster collaboration between TCSPs and regulators to enhance AML/CFT compliance.
4. Strengthening Regulatory Oversight & Supervision • Implementing Risk-Based Supervision (RBS): Prioritize oversight of high-risk TCSPs.

• Enhancing Compliance Monitoring: Ensure that all TCSPs comply with AML/CFT regulations through targeted compliance checks. • Improving Sanctions & Penalties: Enhance implementation of administrative sanctions and follow up on remedial actions 5. Enhancing Know Your Customer (KYC) & Customer Due Diligence (CDD) Measures • Enhanced Due Diligence (EDD) for High-Risk Clients: Require deeper risk assessments for high-risk clients, including those involved in trust formation and cross-border transactions. Conclusion The AML/CFT risk assessment of TCSPs in Nigeria underscores the need for stronger regulatory oversight, improved compliance culture, and enhanced transparency to mitigate financial crime risks. Way Forward • Full Implementation of Recommendations: All stakeholders must take proactive steps to implement the proposed recommendations. • Continuous Monitoring & Review: Conduct periodic assessments to identify emerging threats and improve regulatory strategies. • Collective Responsibility: Regulatory bodies, law enforcement, and TCSPs must collaborate to build a more transparent and resilient TCSPs sector in Nigeria.