This comprehensive guide examines the current state of AI regulations in Nigeria, outlines existing laws and draft policies, and provides actionable compliance guidance for organisations preparing for the responsible adoption of AI.
The Current Legal Landscape for AI Regulations in Nigeria
Nigeria does not yet have a standalone AI Act. Instead, AI governance is currently shaped through a combination of data protection laws, cybercrime legislation, sector-specific regulations, and emerging AI policy instruments. Understanding this patchwork of rules is essential for any organisation developing or deploying AI systems within Nigeria.
Nigeria Data Protection Act (NDPA) 2023 & GAID 2025
The Nigeria Data Protection Act (NDPA) is the most significant law affecting AI regulations in Nigeria. Enacted in 2023, it establishes the Nigeria Data Protection Commission (NDPC) and defines legal obligations for data controllers and processors handling personal data — including data used in AI systems. The General Application and Implementation Directive (GAID) 2025 provides practical enforcement rules for the NDPA.
Key NDPA compliance requirements affecting AI systems include:
- Lawful data processing grounds
- Data subject rights
- Consent mechanisms
- Data Protection Impact Assessments (DPIAs)
- Risk classification for high-impact processing
- Human oversight requirements for automated decisions
Any AI system that processes personal data must fully comply with NDPA rules, particularly when automated decision-making affects individuals’ rights, finances, employment, or access to services.
Cybercrimes (Prohibition, Prevention, etc.) Act 2015
This Act addresses criminal activity in digital environments, including offences arising from the misuse of AI. While not specifically targeting AI, the law establishes a framework applicable to malicious applications of the technology.
The Cybercrimes Act covers several areas relevant to AI systems:
- Identity theft and fraud
- System interference
- Data manipulation and unauthorised access
- Cyber-enabled financial crimes
- Protection of critical national information infrastructure
AI developers and platform operators are indirectly regulated by this law, particularly when AI tools could be weaponised for cybercrime or other digital harm.
National Artificial Intelligence Strategy (NAIS)
Nigeria’s National Artificial Intelligence Strategy, developed under NITDA and the National Centre for Artificial Intelligence and Robotics (NCAIR), functions as a policy roadmap rather than an enforceable law. Released in 2024, it outlines national priorities for AI development and governance.
The NAIS identifies four broad AI risk categories:
- Economic risks
- Ethical risks
- Societal risks
- AI model risks
While not legally binding, the NAIS shapes the direction of AI regulations in Nigeria and informs future legislation. It emphasises the ethical use of AI, skills development, research funding, responsible data practices, and public-sector AI integration.
Draft and Emerging AI Regulatory Instruments
Several regulatory instruments are currently under development that will significantly shape the future of AI governance in Nigeria. Organisations should monitor these developments closely to prepare for compliance.
NITDA Draft Code of Practice for Artificial Intelligence
The National Information Technology Development Agency (NITDA) has proposed a draft AI Code of Practice to establish baseline standards for AI development and deployment in Nigeria. Although still under consultation, it introduces key governance principles that are likely to become mandatory.
Key elements of the draft code include:
- Transparency and accountability requirements
- Risk-based classification of AI systems
- Human oversight for high-impact AI
- Ethical safeguards and bias mitigation
- Explainability requirements
- Compliance audits and reporting
Once formalised, this code is expected to become a cornerstone document in Nigeria’s AI regulatory ecosystem, particularly for technology companies and AI developers.
Nigeria’s AI Bill
In November 2023, Nigeria took a significant step toward formal regulation of artificial intelligence with the introduction of a new bill that would make registration and licensing compulsory for anyone developing or using AI technologies in the country. The proposed legislation, tagged “A Bill for an Act to Ensure Proper Control of Usage of Artificial Intelligence (AI) Technology in Nigeria and for Related Matters, 2023,” was sponsored by Sada Soli and received its first reading at the House of Representatives.
Key provisions of the bill include:
- Mandatory registration and licensing for AI developers and deployers
- Creation of a National Artificial Intelligence Council
- Risk-based classification system for AI technologies
- Ethical use, transparency, and accountability requirements
- Data protection and alignment with existing laws
- Import controls for foreign AI platforms
If passed, this bill would establish Nigeria’s first comprehensive legal and institutional framework for governing AI, setting standards for ethical use, oversight, and accountability.
NCC Draft Internet Code of Practice
The Nigerian Communications Commission has released a Draft Internet Code of Practice, which contains provisions addressing AI systems deployed on telecommunications networks and digital platforms. This regulation particularly affects telecommunications operators, ISPs, and digital platform providers that offer AI-driven services.
The draft code includes oversight on:
- AI-powered content moderation
- Algorithmic service delivery
- Consumer protection mechanisms
- Transparency in automated systems
- Data handling practices
Classification of AI Regulations in Nigeria
Passed and Enforceable Laws
- Nigeria Data Protection Act (NDPA) 2023 + GAID 2025
- Cybercrimes Act 2015
- Selected NCC data and network governance regulations
- Copyright Act 2022 (for AI-generated content)
- Federal Competition and Consumer Protection Act 2018
- Nigerian Communication Commission Act 2003
Draft or Under Legislative Consideration
- NITDA Draft AI Code of Practice
- NCC Draft Internet Code of Practice
- National Assembly AI Bill (first reading)
- Updated AI strategy implementation frameworks
- NBA Guidelines for AI use in the legal profession
- SEC Rules on Robo-Advisory Services
How AI Regulations in Nigeria Affect Key Economic Players
The regulatory framework for AI in Nigeria has varying implications across different sectors of the economy. Understanding these sector-specific impacts is crucial for compliance planning.
AI Startups & Tech Developers
- Must implement data compliance frameworks
- Required to conduct DPIAs for high-risk models
- Subject to algorithmic accountability requirements
- Need to maintain documentation of AI systems
- May require registration under the proposed AI Bill
Financial Institutions & Fintechs
- Stricter controls over automated credit scoring
- Transparency obligations for AI-driven risk decisioning
- Enhanced consumer protection requirements
- SEC Rules on Robo-Advisory Services Compliance
- Need human oversight for financial AI systems
Public Sector Agencies
- Mandated to ensure the protection of citizens’ rights protection
- Responsible for ethical AI deployment in governance
- Required audit trails and accountability reporting
- Must conduct impact assessments before AI implementation
- Need transparency in public-facing AI systems
Telecoms & Digital Platforms
- Oversight on AI content moderation
- Consumer data protection responsibilities
- Algorithm transparency requirements
- NCC compliance for AI-powered services
- Potential import restrictions on foreign AI tools
AI Compliance Checklist for Nigerian Organisations
Organisations deploying AI in Nigeria should implement a comprehensive compliance framework to ensure compliance with current regulations and prepare for forthcoming requirements. This checklist provides a starting point for building AI governance.
Governance & Accountability
- Appoint a Data Protection Officer (DPO)
- Establish AI governance leadership
- Maintain documented AI policies
- Define roles and responsibilities
- Create AI incident response plans
Data Management & Legal Basis
- Maintain Records of Processing Activities (ROPA)
- Define consent mechanisms and lawful processing bases
- Secure children’s data with enhanced protections
- Document data sources and processing activities
- Implement data minimisation practices
Risk and Impact Assessments
- Conduct DPIAs for automated and high-risk AI systems
- Maintain AI risk registers
- Schedule periodic compliance audits
- Document risk mitigation strategies
- Assess algorithmic bias risks
Transparency & Human Oversight
- Provide explanation pathways for AI decisions
- Implement human-in-the-loop mechanisms
- Create appeal and review channels
- Document AI system capabilities and limitations
- Disclose AI use to affected individuals
Security & Vendor Management
- Use strong cybersecurity protocols
- Execute data processing agreements
- Vet cloud and AI vendors for compliance readiness
- Implement access controls for AI systems
- Conduct security testing of AI applications
Ethics & Bias Mitigation
- Implement fairness testing and bias controls
- Document ethical oversight processes
- Perform regular algorithm quality reviews
- Consider diverse stakeholder perspectives
- Monitor for unintended consequences
What Comes Next for AI Regulations in Nigeria
As AI continues to evolve, Nigeria’s regulatory landscape is expected to develop significantly in the coming years. Organisations should prepare for these anticipated changes to maintain compliance and competitive advantage.
Key regulatory developments on the horizon include:
- A standalone Artificial Intelligence Act
- Mandatory algorithm impact assessment frameworks
- More vigorous enforcement via NDPC and sector regulators
- AI certification and licensing regimes
- National AI registration systems for high-risk applications
- Sector-specific AI regulations for healthcare, finance, and education
The regulatory direction suggests a shift toward a risk-based AI classification model, similar to the EU AI Act, increased transparency requirements, and stricter accountability for the deployment of harmful AI. Nigeria’s approach is likely to balance support for innovation with appropriate safeguards.
International Alignment
International developments are also shaping Nigeria’s AI regulatory approach. The country has signed the Bletchley Declaration on AI Safety alongside 28 other nations and is actively participating in global AI governance discussions. This international engagement suggests Nigeria will align aspects of its regulatory framework with global standards while adapting them to local needs.
Regulatory Capacity Building
A significant focus in the coming years will be on building regulatory capacity within Nigerian institutions. NITDA, NDPC, NCC, and other agencies are investing in technical expertise and governance frameworks to oversee AI systems effectively. This capacity-building will be crucial to the successful implementation of AI regulations.
Why AI Regulations in Nigeria Matter
Proper AI regulations in Nigeria are essential for multiple stakeholders and serve several critical functions in the digital economy.
Benefits of Effective AI Regulation
- Protects citizens’ data and rights
- Encourages responsible innovation
- Builds trust in AI-driven systems
- Prevents misuse and digital harm
- Strengthens Nigeria’s global AI competitiveness
- Creates regulatory certainty for investors
- Promotes ethical AI development
Risks of Inadequate Regulation
- Potential for algorithmic discrimination
- Privacy violations and data misuse
- Lack of accountability for harmful AI
- Regulatory fragmentation across sectors
- Barriers to international AI collaboration
- Erosion of public trust in technology
- Competitive disadvantage in global markets
For businesses operating in Nigeria’s digital economy, proactive compliance with AI regulations is not merely about avoiding penalties; it is about building sustainable, trustworthy AI systems that can compete globally while effectively serving local needs.
Final Thoughts
AI regulations in Nigeria are not static; they are actively developing alongside global technological progress. The country is taking significant steps toward creating a comprehensive framework that balances innovation with the protection of rights and values. Businesses, developers, and institutions must proactively align with current legal expectations while preparing for stricter future controls.
As Nigeria continues to position itself as a leader in Africa’s digital economy, its approach to AI governance will play a crucial role in determining how technology shapes the nation’s future. By understanding and engaging with these regulatory developments, stakeholders can help ensure that AI serves as a force for positive transformation in Nigeria.
Bio
Ugochukwu is a freelance journalist and Editor at AIbase.ng, with a strong professional focus on investigative reporting. He holds a degree in Mass Communication and brings extensive experience in news gathering, reporting, and editorial writing. With over a decade of active engagement across diverse news sources, he contributes in-depth analytical, practical, and expository articles that explore artificial intelligence and its real-world impact. His seasoned newsroom experience and well-established information networks provide AIbase.ng with credible, timely, and high-quality coverage of emerging AI developments.