NFIU Upgrades GoAML Platform: Key Updates Reporting Entities Must Note

The Nigerian Financial Intelligence Unit (NFIU) is Nigeria's central agency responsible for the receipt, analysis, and dissemination of financial intelligence relating to money laundering, terrorism financing, proliferation financing, and other financial crimes. Established to strengthen Nigeria's anti-money laundering and counter-terrorism financing (AML/CFT) framework, the NFIU plays a critical role in safeguarding the integrity of the financial system and supporting law enforcement and regulatory authorities.

In furtherance of this mandate, the NFIU operates goAML, an electronic reporting platform developed by the United Nations Office on Drugs and Crime (UNODC). goAML serves as the primary channel through which reporting entities submit statutory reports to the NFIU in a secure, standardised, and structured manner.

The goAML platform facilitates the reporting of, among others:

• Suspicious Transaction Reports (STRs);
• Currency Transaction Reports (CTRs);
• Large Cash Transaction Reports (LCTRs);
• Foreign Transaction Reports (FTRs); and other regulatory disclosures required under Nigeria's AML/CFT laws and regulations.

Beyond its reporting function, goAML supports intelligence analysis, risk assessment, and regulatory oversight by enabling the NFIU to identify trends, detect suspicious activity, and disseminate actionable intelligence to relevant authorities in a timely manner. For reporting entities, the platform promotes regulatory compliance, transparency, and accountability while reducing manual processes and improving reporting accuracy.

Recent updates to the goAML platform reflect the NFIU's continued efforts to enhance reporting efficiency, data quality, and compliance monitoring. These changes underscore the need for reporting entities to review their internal processes and ensure continued alignment with regulatory expectations.

WHY REPORTING MATTERS

Reporting through the goAML platform is a cornerstone of Nigeria's AML/CFT/CPF framework and serves several critical objectives. At its core, reporting enables the NFIU to identify, analyse, and detect financial activities linked to money laundering, terrorist financing, proliferation financing, and other serious financial crimes. By aggregating reports across multiple institutions and sectors, the NFIU is able to detect patterns, linkages, and trends that may not be visible from the perspective of a single reporting entity.

Reporting through goAML is a legal and regulatory obligation, not a discretionary exercise. Financial institutions and Designated Non-Financial Businesses and Professions (DNFBPs) are required to submit reports in accordance with the Money Laundering (Prevention and Prohibition) Act 2022, terrorism prevention legislation, and applicable NFIU regulations, guidelines, and directives. Failure to report, delayed reporting, or inaccurate reporting may result in regulatory sanctions, administrative penalties, reputational damage, and in some cases, personal liability for responsible officers.

Nigeria's reporting framework also aligns with international standards set by the Financial Action Task Force (FATF) and facilitates international cooperation and information sharing. High-quality and consistent reporting strengthens Nigeria's credibility within the global financial system and reduces the risk of heightened scrutiny, correspondent banking restrictions, or sanctions exposure.

KEY GOAML PLATFORM UPDATES

1. Introduction of New STR Types

The upgraded framework introduces six suspicious-based STR categories:

• Terrorism Financing STR
• Kidnapping for Ransom STR
• Corruption STR
• Fraud STR
• Drug Trafficking STR
• STR (General)

The General STR is now limited to cases where the suspected predicate offence does not fall within the five prevalent categories. Reporting entities must now select the STR type that directly corresponds to the suspected offence.

2. Expanded and Reclassified Report Types

• Foreign Transaction Report (FTR): Now exclusively for cross-border transactions meeting the USD 10,000 threshold.
• Currency Transaction Report (CTR): Limited to domestic transactions (₦5 million for individuals, ₦10 million for corporates).
• PEP Transaction Report: A new monthly report covering all PEP transactions, whether suspicious or not.
• BVN Name Change Request: Now submitted through a dedicated report type.

3. Standardised Predicate Offences and Indicators

Predicate offences have been consolidated into 21 defined categories, each with uniquely coded indicators, improving consistency and analytical value. For example:

• TerrorismTF – Terrorism and Terrorist Financing
• TerrorismTF-1 – Fund transfers to/from conflict zones

4. Mandatory STR Reporting Rules

With immediate effect, reporting entities filing any of the six STR types must:

• Select at least one predicate offence Where genuinely unknown, UnknownPO may be selected, with a clear explanation (to be used sparingly).
• Select at least one indicator linked to the chosen predicate offence Where no indicator applies, OtherIndctr may be selected with proper justification.
• Mandatory Selection for Prevalent Predicate Offences For terrorism, kidnapping, corruption, fraud, and drug-related offences, reporting entities must select:
  • The correct predicate offence; and
  • One or more applicable indicators under that offence.

Failure to meet these requirements will result in report rejection.

5. Automated Rejection

From 1 February 2026, the goAML system will automatically reject:

• CTRs submitted for cross-border transactions
• FTRs submitted for domestic-only transactions
• STRs without a predicate offence and indicator
• STRs relating to prevalent predicate offences without the required selections

6. Advisory for XML and B2B Reporting Entities

Entities using system integrations must update internal mappings urgently to avoid validation errors and repeated rejections.

7. Upcoming NFIU Training

The NFIU has announced virtual training commencing 5 January 2026, covering the platform upgrade, new report types, and revised validation rules.

WHAT TO TAKE NOTE OF

The goAML upgrade marks a decisive shift toward precision-based, intelligence-driven reporting. Reporting entities must update internal controls, retrain compliance teams, and align reporting systems immediately. Reporting entities are also expected to take note of the following:

1. Report Type Selection

Before submitting any report, ensure that you have selected the correct type based on the nature of the transaction or activity. Suspicious Transaction Reports (STRs) should be used whenever there is suspicion of criminal activity, such as terrorism financing, kidnapping for ransom, corruption, fraud, drug trafficking, or other offences that do not fall into these categories. Transaction Reports are used for reportable financial activity.

This includes Currency Transaction Reports (CTR) for domestic transactions that meet the reporting thresholds, and Foreign Transaction Reports for cross-border transactions exceeding USD 10,000 or its equivalent. Regulatory and administrative reports include BVN Name Change Request Reports, which are used strictly for BVN updates, and PEP Transaction Reports, which capture monthly activity related to politically exposed persons, whether suspicious or not, and irrespective of the transaction amount.

2. Predicate Offence Selection

Every report should be linked to at least one predicate offence that corresponds with the suspicious activity or transaction. If the underlying offence is unknown, you must select UnknownPO and provide a clear explanation in the “Reasons” field. This ensures that the NFIU can accurately classify and process the report.

3. Indicator Selection

Reports must include at least one indicator that corresponds to the chosen predicate offence. Indicators describe the type of suspicious activity observed. If no standard indicator fits the situation, you should select OtherIndctr and provide a detailed explanation in the “Reasons” field. Correct indicator selection helps the NFIU identify patterns and connections more effectively.

4. Mandatory Checks for High-Risk Predicate Offences

Certain predicate offences require additional attention. For STRs involving terrorism or terrorist financing, kidnapping for ransom, corruption, fraud, or drug-related offences, confirm that the correct predicate offence has been selected and that one or more applicable indicators have been included. This step is critical for high-risk reports to ensure they are processed without delay or rejection.

5. XML / B2B Reporting Entities

For institutions that use XML or B2B reporting, ensure that the IT or compliance teams have updated the predicate offence and indicator mappings. Additionally, recent test submissions should have passed validation successfully. Reports that fail these technical requirements may be flagged or rejected after the enforcement date, so adherence is crucial.

6. Classification of Reporting Entities

Reporting obligations apply across several types of entities. Financial institutions include banks, microfinance institutions, fintechs, insurance companies, capital market operators, BDCs, and mobile money operators. Designated non-financial businesses and professions (DNFBPs) include law firms, accounting firms, real estate agents, trust and company service providers, dealers in precious metals and stones, gaming operators, and luxury or hospitality businesses.

Compliance and reporting personnel include compliance officers, AML/CFT/CPF officers, and legal or risk teams responsible for preparing and submitting reports. Thirdparty service providers, such as vendors or consultants supporting goAML reporting, also fall under the broader compliance framework. All entities and personnel must continuously review internal processes, update policies, and train relevant staff to prevent reporting errors, regulatory breaches, or enforcement actions.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.