TL;DR. Every Nigerian financial institution must file Cash Transaction Reports (CTRs) and Suspicious Transaction Reports (STRs) to the Nigerian Financial Intelligence Unit through the goAML platform — accurately, on time, and with full case documentation.
The regulation in brief
The NFIU operates Nigeria's financial-intelligence reporting under the Money Laundering (Prevention and Prohibition) Act and the Terrorism (Prevention and Prohibition) Act framework. The two principal report types:
- CTR — cash transactions above the regulatory threshold, filed within prescribed windows.
- STR — transactions that raise suspicion based on configured indicators (PEP involvement, structuring patterns, unusual frequency, jurisdictional risk, etc.), filed promptly with full case documentation.
Reports are submitted through the goAML platform in NFIU-specified XML format. Late, malformed, or missing reports are themselves regulatory breaches.
How FinovaMax handles it
- Automated CTR detection. The platform monitors transactions against the CTR threshold (configurable) and identifies reportable transactions as they occur — not in a month-end batch.
- Eight real-time STR detection scenarios. Built-in transaction monitoring covers PEP screening, structuring detection (smurfing patterns), frequency anomalies, jurisdictional risk, sanctioned-party screening, and other typology-driven indicators. Detection scenarios are tunable to the institution's risk appetite.
- goAML-format generation. The platform produces NFIU-compliant XML files for both CTR and STR submission, ready to upload to goAML.
- Case management with SLA tracking. Every flagged transaction routes into a compliance case with assignee, evidence capture, decision rationale, and escalation. Reports are filed only after defensible internal review.
- Bi-annual NFIU returns. The aggregate compliance returns required by NFIU are generated from the same live data, not reassembled.
- Sanctions screening (in parallel). Every transaction passes through screening against OFAC, UN, EU, ECOWAS, and Nigeria Terrorism Sanctions Lists.
Practical implication for your institution
The compliance officer is no longer reading a transaction blotter at the end of each day looking for things that look suspicious. The platform surfaces what crosses the threshold or matches a typology. The compliance officer's role moves from detection to decision — which is where the expertise actually adds value.
Talk to us about your institution
We'll walk through your specific exposure under this regulation and how the platform responds.
Apex Grid Technologies Ltd · RC 9108833 · Lagos & Abuja, Nigeria