Kayode Opeyemi, a former consultant with KPMG and now a respected expert in financial technology and risk management, has shared deep insights into how Nigerian startups are dealing with compliance pressures from financial regulators. In a recent interview with Laolu Afolabi, he explained how artificial intelligence (AI) and regulatory technology (RegTech) are changing the game for fintechs struggling with rules from the Central Bank of Nigeria (CBN) and the Nigerian Financial Intelligence Unit (NFIU).
Opeyemi noted that over the last ten years, fintechs have moved from being the “new kids on the block” to serious players in Nigeria’s financial sector. With that growth has come stricter scrutiny from regulators. While early on, fintechs enjoyed minimal oversight, today they are expected to meet the same standards as traditional banks. This includes tighter Know Your Customer (KYC) rules, better transaction monitoring, and prompt reporting of suspicious transactions.
According to Opeyemi, the pressure has increased since 2024, when major fintech players like Moniepoint and Opay were sanctioned by the CBN over weak KYC processes. These failures made it hard to monitor and report risky transactions effectively. He stressed that compliance should not be a “checkbox” activity but a proactive process, especially for startups looking to grow quickly.
He warned that many startups scale without building solid internal controls, which leads to poor monitoring, weak staff training, delayed reporting, and even filing errors. Some also suffer from a lack of leadership focus on compliance and insufficient human resources. As Opeyemi put it, “Fast growth without a proactive and scalable control environment is a recipe for disaster.”
When asked how startups are dealing with overlapping regulations from bodies like the CBN, NFIU, and the Securities and Exchange Commission (SEC), he admitted that the situation is messy. However, he recommended always complying with the strictest regulation when rules overlap. He also said RegTech tools are beginning to help by automating reporting and reconciling controls with regulatory requirements. Still, he warned that no tool can replace human judgement, especially when interpreting complex or conflicting regulations.
In terms of AI use, Opeyemi said fintechs are training systems to monitor red flags, track key risk indicators, and pre-fill Suspicious Transaction Reports (STRs). These AI models are helping teams work faster and reduce errors. But he also emphasized that Nigerian regulators expect transparency. That means every AI decision must be explainable—no black-box models allowed.
One of the big challenges for AI and KYC in Nigeria remains the country’s fragmented ID system. While tools like Smile ID now allow startups to verify identities using BVN and NIN in real-time, issues like data access and inconsistent records still slow down onboarding. Opeyemi praised recent efforts to link NIN with passports and phone numbers, calling it a step in the right direction.
On the question of managing dual reporting duties—such as filing reports with both the CBN and the SEC—he said that RegTech platforms can now provide modular reporting. This lets startups collect data once and generate multiple regulator-specific reports, saving time and avoiding duplication. But again, he warned that such tools only work when the startup has strong internal governance, quality data, and strategic oversight.
Opeyemi also tackled a common mindset challenge: many startups still see compliance as a cost. But he argued that compliance is like the brakes on a car. Good brakes let you go faster with confidence. In the same way, strong compliance allows a startup to grow without fear of shutdowns or sanctions.
When it comes to using foreign-hosted RegTech tools, he warned that startups must consider data sovereignty issues under Nigeria’s Data Protection Regulation (NDPR). Firms must know where their data is stored, who can access it, and how incidents are handled. Due diligence is critical to avoid violations.
He stressed that automation should only go so far, especially in sensitive areas like Politically Exposed Persons (PEP) checks. While automation can flag high-risk transactions, only trained compliance officers should make final decisions.
Interestingly, he noted that more startups now see strong compliance as a competitive edge. It helps them gain trust from investors, partners, and banks. Startups with strong compliance systems are more likely to attract funding and close major deals. Investors are now looking closely at governance, controls, and risk management before putting in money.
Finally, he pointed to areas like agency banking, mobile KYC, informal sector onboarding, and AML for micro-transactions as the most promising opportunities for local RegTech innovation. With Nigeria’s cash-heavy and mobile-first economy, he believes local players are in the best position to build tailored solutions that work in this environment.
From his KPMG experience, Opeyemi highlighted that one of the biggest mistakes startups make is treating compliance as an afterthought. He advised startups to build strong compliance structures early—starting from board-level oversight to documented policies and ongoing engagement with regulators.
According to him, regulators should be seen not as enemies but as strategic partners who ensure long-term success. In this era of tighter financial oversight and rising regulatory risks, the fintechs that invest early in compliance are the ones that will survive and thrive.
