This directive comes under the recently enacted Nigeria Tax Administration Act, 2025 and the Nigeria Tax Act, 2025, aimed at enhancing regulatory oversight and closing existing gaps in the financial system.

Key Provisions & What’s New

• Who it applies to: All individuals and entities engaging in economic activity, including those exploiting intellectual or tangible property for income, regardless of their residential status in Nigeria. That means both traditional banking customers and users or providers of virtual asset services (e.g. crypto exchanges, custodial platforms) are affected.
• Required details: At minimum, the customer’s name, NIN, Tax ID, phone number, address, and email. For VASPs, information on the type, date, and value of virtual asset transactions must also be submitted on a monthly basis.
• Reporting thresholds: Financial institutions must report quarterly to tax authorities.
  • For individuals: where cumulative monthly transactions exceed ₦25 million
  • For corporate customers: where cumulative monthly transactions exceed ₦100 million.

Enforcement & Penalties

• Non-compliance by VASPs could incur a ₦10 million fine, plus ₦1 million for every subsequent month of continued non-compliance. In extreme cases, the Securities and Exchange Commission (SEC) may revoke licenses.

Why This Matters

• Improved Compliance & Tax Revenue: With estimated leakages running into hundreds of billions yearly, tighter KYC/ID norms and mandatory Tax IDs are expected to bring those currently outside the formal tax net into compliance.
• Curbing Illicit Finance: The requirement for identification for virtual asset transactions is a response to rising concerns over money laundering, fraud and untracked capital flows in the crypto space.
• Consumer Protection: By enforcing regulatory oversight, authorities aim to shield consumers from fraudulent schemes while ensuring transparency in financial and digital assets services.

Challenges Ahead

• Implementation Readiness: Many Nigerians currently lack an NIN or Tax ID, or struggle to retrieve them. The government will need strong mobilization and public awareness programmes.
• Infrastructure & Data Protection: Ensuring that data collected is securely stored and used responsibly will be crucial to prevent identity theft, breaches, or misuse.

The move reinforces the Federal Government’s commitment to strengthening its regulatory framework, especially as digital finance and virtual assets become more mainstream in Nigeria’s economy.

Stakeholders have been urged to begin preparations to meet these requirements ahead of the January deadline.

In this new era, Artificial Intelligence (AI), once a concept from science fiction, is no longer a luxury but a necessity for growth and survival.

AI is poised to redefine the very nature of work, much like email revolutionised communication. It’s not about replacing human ingenuity but augmenting it, making work more agile, efficient, and ultimately, more rewarding.

A PwC report, “Sizing the Prize,” predicts AI could contribute up to $15.7 trillion to the global economy by 2030. For Africa, the potential is immense, with a 2023 African Development Bank report suggesting AI could boost the continent’s GDP by up to $1.2 trillion by 2030.

Nigeria, with its rapidly growing tech sector, stands to benefit immensely. The government’s commitment to developing a national AI strategy signals a clear understanding of this technology’s importance for the nation’s economic future.

For Nigerian businesses to compete on a global stage, they must strategically commit to AI adoption, moving beyond mere interest to a multi-pronged approach that includes deployment, training, and a fundamental shift in mindset.

AI is not a replacement for talent; it’s a powerful coworker. Companies must communicate that AI is an enabler, freeing employees from repetitive tasks to focus on higher-value, creative, and strategic work. This mindset shift is crucial for successful integration.

AI can automate routine tasks, freeing up employees to dedicate their energy to more impactful work. One key way it transforms the workplace is through the automation of repetitive tasks.

AI-powered Robotic Process Automation (RPA) can handle routine jobs like data entry, invoice processing, and report generation, significantly boosting efficiency and accuracy. This allows staff to focus on more strategic and creative responsibilities.

Beyond automation, AI also offers enhanced data analytics. Its algorithms can quickly sift through massive datasets, providing businesses with actionable insights for informed decision-making.

This capability helps companies uncover trends and predict outcomes much faster than traditional methods.

Furthermore, AI improves the customer experience through tools like AI-powered chatbots and virtual assistants, which provide 24/7 customer support, handle routine queries, and free up human agents for more complex issues.

AI also facilitates smarter collaboration. It can transcribe meetings, translate languages in real-time, and summarize lengthy documents, making communication smoother, especially for remote or global teams.

In addition, it enhances efficient talent management by streamlining the recruitment process, sifting through resumes to identify the best-fit candidates.

In an increasingly digital world, AI is also crucial for stronger cybersecurity, playing a key role in detecting and responding to cyber threats to protect sensitive company data.

AI offers a unique advantage in creative marketing, a field where originality and strategic thinking are paramount. It doesn’t stifle creativity; it amplifies it. AI-powered tools can analyse market trends, consumer behaviour, and campaign performance with incredible speed and accuracy.

This data allows creative teams to move beyond guesswork and create highly targeted, personalised content that resonates deeply with their audience.

For example, an AI tool can analyse thousands of social media posts to identify emerging trends and emotional sentiment around a brand. This insight allows marketers to craft campaigns that are not only relevant but also culturally timely.

Additionally, AI can automate the creation of marketing materials like social media captions, email subject lines, and ad copy, freeing up creative professionals to focus on big-picture strategy and innovative campaign concepts. In essence, AI handles the data and the drudgery, while the human mind is left to do what it does best – create.

Nigeria and the broader African continent, with a young, tech-savvy population, are perfectly positioned to lead this AI revolution. Businesses in Lagos, Nairobi, and beyond are already leveraging AI in various sectors, from fintech to agriculture.

The post-COVID workplace is not just about remote work; it’s about smart work. It’s about empowering employees with tools that enhance their capabilities, fostering a culture of innovation, and strategically leveraging AI to build resilient, globally competitive businesses.

The future of work is here, and it is intelligent, collaborative, and boundless. Nigerian companies have a critical window to position themselves at the forefront of this wave, understanding that AI is not a futuristic concept but a present-day imperative for growth and global relevance.

This year the company is placed furthest in Completeness of Vision. Infobip views this third consecutive recognition as acknowledging its status as a global CPaaS powerhouse.

Magic Quadrant reports are a culmination of rigorous, fact-based research in specific markets, providing a wide-angle view of the relative positions of the providers in markets where growth is high and provider differentiation is distinct.

Providers are positioned into four quadrants: Leaders, Challengers, Visionaries and Niche Players.

The research enables customers to get the most from market analysis in alignment with their unique business and technology needs. As a Leader, Infobip is recognized for both its Ability to Execute and its Completeness of Vision.

Infobip powers conversations for some of the world’s most innovative businesses including Microsoft, Uber, Meta, NEXT, Digitaleo, AXA Partners, and the MoneyGram Haas F1 Team.

Its full-stack omnichannel platform spans voice, SMS, email, and Rich Communication Services (RCS), delivering advanced conversational capabilities and AI-enhanced experiences.

Complementing this, Infobip’s strategic partnerships with Deutsche Telekom AG, NVIDIA, Telefónica, and others highlight its commitment to driving innovation and building next-generation communication and AI infrastructures.

Infobip is accelerating the future of CPaaS through bold innovation in AI and automation. Its AI Hub seamlessly integrates agentic AI, generative AI and advanced analytics to drive scalable customer engagement.

At the same time, Infobip is driving global adoption of RCS Business Messaging and pioneering the expansion of the Network API ecosystem, reinforcing its leadership in emerging communication technologies.

Silvio Kutić, CEO at Infobip, said: 

“We’re not just participating in the evolution of communications; we are defining it in co-creation with our customers and partners. We will continue setting the pace in transforming how global enterprises connect, engage, and grow. We believe that being recognized by Gartner as a Leader is a strong validation of our continuous innovation and strategic foresight.”

But in 2025, this tradition may be past its expiry date. Why? Because our over-reliance on passwords is becoming the very risk we seek to avoid.

According to Verizon’s Data Breach Investigations Report (2024), 81% of breaches still involve weak or stolen passwords.

As threat actors evolve and AI becomes part of their toolkit, even the strongest passwords can be broken in minutes, not months. It’s time we ask — are we clinging to an outdated security method that’s holding us back?

The Problem with Passwords Today

The data is damning. According to Nordpass, the weak password of “123456” persists in being used as a password, easily cracked within 1 second by hackers.

An online security survey by Google and Harris Poll in February 2019 found that at least 65% of people reuse passwords across multiple, if not all, sites, exposing them to credential-stuffing attacks at scale.

Newer threats are only accelerating this risk. Brute-force attacks have moved from CPUs to high-speed GPUs — some capable of guessing over a million password combinations per second meaning what once took years to crack can now be done in minutes using AI-enhanced tools.

The Dark Side of Passwords: A Cybercrime Economy

The underground market for stolen credentials is vast and lucrative. It’s estimated that over 24.6 billion username-password combinations are currently circulating across cybercriminal marketplaces — although the true scale is difficult to verify due to repeated resale of stolen data.

In bulk, these credentials are even cheaper — as seen in the Booking.com scam, where thousands were sold for just $2,000 with new credentials offered every month, depending on breaches and leaks.

The most valuable logins include banking, email, cloud, crypto, corporate VPNs and social media accounts, which are commonly reused for phishing, identity theft, malware campaigns, and business email compromise.

Behind these thefts are some of the world’s most sophisticated threat groups, including Kimsuky (North Korea), MuddyWater (Iran), and APT28/29 (Russia) — often using malware like Lumma and MaaS platforms, targeting MFA tokens and crypto wallets, spreading over Telegram bots, that make infostealing scalable and profitable. It was reported that in 2024 alone, 3.9 billion credentials were compromised via malware infections across 4.3 million devices.

Even multi-factor authentication (MFA), while crucial, is being challenged by tools like EvilProxy, which can intercept MFA tokens.

This growing cybercrime economy is not just a technical threat — it’s a geopolitical and economic ecosystem as these threats now can come from anywhere at all thanks to MaaS and Phishing-as-a-Service (PhaaS) platforms.

Together with infostealer-as-a-service and phishing kits for hire, these attacks are no longer limited to state actors — they’re available to anyone with a Bitcoin wallet.

The Rise of Passwordless Authentication

In contrast, passwordless security is becoming not only possible — it’s practical. Companies like Google, Microsoft, and Shopify are rolling out Passkeys — encrypted cryptographic keys tied to biometric or device-based authentication.

Microsoft wants its more than one billion users to stop using passwords to log into their Microsoft accounts while Gartner predicts that 60% of enterprises will eliminate passwords for most use cases by 2025.

In sectors like finance, healthcare, and government, hardware tokens, multi-factor logins, and biometric identification are taking over.

Even in countries like Singapore and India, government-backed digital identity systems are accelerating passwordless adoption for banking, insurance, and healthcare access. This is driven by a desire to enhance security, improve user experience, and streamline digital interactions.

In Singapore for instance, Singapore’s National Digital Identity (NDI) system built on Singpass, connects over 700 government agencies and private businesses.

Options like facial recognition, digital ID cards, and QR codes confirm user identities quickly and are more secure than traditional passwords.

India’s Aadhaar, the world’s largest biometric system supports secure digital identity verification via OTPs and biometrics, while Australia’s Digital ID roadmap is investing in federated, passwordless frameworks

Behavioural Resistance: Why We Still Cling to Passwords

Despite security advances, people still trust what they know — and passwords feel familiar. But that familiarity comes at a price. Passwords are easily guessed, forgotten, shared, or stolen.

Check Point notes that poor password hygiene — such as reusing passwords, writing them down, or using personal data — continues to be a major weak link in corporate and personal security.

Even worse, phishing attacks — many AI-generated — continue to steal login credentials at scale, despite the presence of two-factor authentication (2FA). The rise in AI-powered phishing and deepfake attacks only makes password-based systems more vulnerable.

Risks of Staying with Passwords in a Post-AI World

The evolution of AI is making password-based authentication obsolete:

• Deep learning models are trained on billions of leaked passwords and can predict common patterns faster than ever.
• Voice- and video-based impersonation attacks using deepfakes can bypass even multi-factor authentication if based on weak identity layers.
• Cloud-based GPUs are democratising the power to break passwords at scale, enabling ransomware groups and script kiddies alike to compromise systems rapidly.

In short: the longer we wait to go passwordless, the more we expose ourselves.

What Organisations Should Do Now

• Pilot passwordless systems using biometrics, tokens, or Passkeys.
• Use tools like Check Point Harmony to prevent password reuse and phishing.
• Enforce Privileged Access Management (PAM) solutions and Zero Trust architectures.
• Educate teams not just on stronger passwords — but on phasing them out altogether.

Check Point emphasises password length, diversity, and uniqueness but is also aligned with the need to explore post-password approaches.

World Password Day shouldn’t just be about creating stronger passwords. It should be a prompt to imagine a future without them.

The tools exist. The threats demand it. The only thing missing is our willingness to let go.

In an era where your digital life’s worth is almost equivalent to your social media following, there’s an older man in the corner that nobody’s paying much attention to – email.

It’s the guy who’s been at the party since it started but now seems a little out of place next to the cool kids on the block, WhatsApp and Telegram.

The Cool Kids: Messaging Apps

You’re at a family dinner, and your phone pings. It’s a WhatsApp message from your gym announcing a discount. Convenient, right?

Messaging apps have become the convenience stores of communication – quick, accessible, and right around the corner.

They’re nimble; they’re quick; they get the job done. You can almost hear email coughing in the background, saying, “I used to be the star player here.”

But What About Email?

However, dismissing email is like ignoring the wisdom of your grandparents while tuning in to the latest reality show. Yes, the latter is entertaining, but the former has depth, resilience, and character. According to Statista, email usage still trumps WhatsApp by nearly double.

It said that in 2022, the number of global email users amounted to 4.26 billion and will grow to 4.73 billion in 2026. Email is the vintage wine; it just gets better with age.

Case Study: Fashion Retail

Let’s take a look at the fashion retail industry. Brands often use WhatsApp or SMS for flash sales or quick announcements. However, email is king when it comes to detailed seasonal catalogues or loyalty programs.

Why?

Because an email allows for more content and it’s not intrusive. Moreover, businesses often find it easier to navigate the regulatory and compliance aspects of email marketing.

Leadership Meeting on WhatsApp?

Picture this: Your boss shifts your department’s bi-weekly leadership meeting discussions to WhatsApp. The finance guy sends Excel sheets, and the digital marketing lead responds with emojis.

The brand management lead uses this as an opportunity to share his collection of cat GIFs. Nightmare, right? There are spaces where messaging apps fall flat, and that’s where the robustness of email shines.

The True Value of Email

Let’s get sentimental for a moment. Remember the anticipation you felt when waiting for that college acceptance email? How about the joy of seeing a job offer appear in your inbox?

Emails carry an emotional weight that a messaging app can’t emulate. It’s the ‘sealed with a kiss’ of digital communication.

Not going away soon

In a nutshell, email marketing isn’t going away just because messaging apps are multiplying like rabbits. If anything, they’re like the odd couple who bicker but can’t do without each other.

Messaging apps are the espresso shots—quick, potent, and effective. On the other hand, emails are like a family dinner—thoughtful, abundant, and deep.

In the end, a balanced diet needs both the quick energy of sugar and the sustained release of complex carbs. Similarly, a well-rounded communication strategy needs both email and messaging apps.

One is not better than the other; they’re just different. And like any odd couple, they’re most effective when combined.

[Featured Image Credit]

“New and evolving threats are landing in users’ mailboxes daily, particularly within the hybrid workforce context, often using phishing campaigns that rely on clever techniques and panic to get users to click on links and share credentials or sensitive information, such as banking details,” explains Gideon Viljoen, Pre-Sales Specialist: ICT Security at Datacentrix, a leading hybrid ICT systems integrator and managed services provider.

“US wireless network operator Verizon confirms in its Data Breach Investigations Report 2023 that 74 percent of data breaches (three out of four) involve a human element, with people being involved either via error, privilege misuse, use of stolen credentials or social engineering.”

Social engineering is a lucrative tactic for cybercriminals, the report says, especially given the rise of those techniques being used to impersonate enterprise employees for financial gain, an attack known as Business Email Compromise (BEC).

The median amount stolen in BECs, it reveals, has increased over the last few years to $50,000 USD, based on Internet Crime Complaint Center (IC3) data, which might have contributed to pretexting incidents – a specific type of social engineering attack – nearly doubling this past year.

With the growth of BEC, enterprises with distributed workforces face a challenge that takes on greater importance: creating and strictly enforcing human-centric security best practices.

Fighting fire with fire: User training and next-gen technology essential

“With a rapidly evolving landscape, changing attack strategies and new compromise techniques being introduced daily, it is imperative that users are trained and kept up to date on the latest campaigns and techniques being used,” says Viljoen.

“This is the most effective way of ensuring a more secure environment, with users acting as a ‘human firewall’ for organisations, and being able to spot, report and block compromise attempts. User awareness training is an excellent proactive option to assist email gateway administrators and engineers in staying on top of campaigns and potential breaches.

“And further to this, a collaborative workforce between machines and humans is key to successfully stem the attack on organisations, with the use of AI (artificial intelligence) additionally providing a smarter, faster approach to protecting against email phishing and breaches.

“AI is being used increasingly to run phishing campaigns and information collection, doing the heavy lifting on behalf of threat actors. A good example of this is how AI-powered chatbot ChatGPT has been used to help less-skilled cybercriminals to write malware and launch cyberattacks.

“So, having a technology in place to combat this is a necessity, and businesses cannot rely on a human alone to be able to administer and catch these threats.”

IBM’s recently launched Cost of a Data Breach Report corroborates this statement, affirming that AI and automation have had the biggest impact on speed of breach identification and containment for studied organisations.

The report says that businesses making extensive use of both AI and automation experienced a data breach lifecycle 108 days shorter than those companies that had not deployed these technologies (214 days versus 322 days).

According to the 2023 report, the incident costs shouldered by those organisations that were using AI and automation were significantly lower; on average, nearly $1.8 million lower data breach costs than organisations that didn’t deploy these.

How to protect business email

The best starting point for a business’s email security, according to Viljoen, is to invest in an email gateway solution.

“In fact, Datacentrix’s recommendation is that organisations implement an email gateway solution as a first priority before looking at any other security product.”

With a variety of toolsets available on the market, finding the best fit for your organisation is key, Viljoen clarifies. “There are full enterprise solutions, as well as small-to-medium business email offerings available to provide a secure email environment. These solutions offer reactive, real-time and proactive response solutions to secure the gateway.”

They also encompass a variety of functionalities that address the various aspects of an email gateway, namely:

• Spam filtering and blocking;
• Stationery (email signatures and campaigns);
• Anti-phishing (known bad threat actors);
• Sandboxing (‘detonation’ of suspicious emails found);
• Zero Day protection (behavioural or unknown/untrusted email domain);
• Data leak prevention (internal and external sharing of sensitive information);
• Email blocking (verification, blacklisting, whitelisting); and
• User awareness training and campaigns (helping users to keep up with phishing techniques and how to defend against those).

Ensuring that the gateway is configured and maintained from the start is critical, with the requirement that a specialist, either an internal engineer or an expert managed services provider, enforces the policies and rules and maintains best practice standards.

“Once you have the right technology in place and capabilities are procured and enabled within the organisation, the next step is to see that the policies and rule sets are updated, checked and verified in a cost-effective way to ensure losses are minimised. Running best practice assessments on policies and rules on a frequent basis is also vital to ensure a secure gateway.

“Finally, it is critical to utilise tools, such as pen testing and auditing, to ensure that the environment is hardened and stringently tested at frequent intervals.”

Email is the medium that bolstered how we exchange messages, both personally and professionally. However, within the vicinity of email, a significant evolution has taken place with the inception of Gmail.

Let’s see what makes Gmail stand out among other traditional email services.

Gmail: The Modern Email Revolution

1. Cloud-Based Service: One of the defining features of Gmail is that it operates entirely in the cloud. This means your emails are stored on Google’s servers rather than your device. Traditional email often relies on local clients like Outlook, where messages are stored on your computer.
2. Storage Space: Gmail offers a generous amount of storage space, often in the gigabytes. Traditional email accounts provided by ISPs or employers typically have limited storage capacity.
3. Search and Organization: Gmail revolutionized email search with its powerful algorithms. It automatically categorizes and labels emails, making it easier to find what you need. Traditional email requires manual sorting and organization.
4. Spam Filtering: Gmail boasts highly effective spam filters that learn from user actions. Traditional email services might not have as robust spam protection.
5. Integration: Gmail seamlessly integrates with other Google services like Google Drive and Google Calendar. Traditional email may require third-party applications for such integrations.
6. Accessibility: Gmail can be accessed from any device with an internet connection, providing true mobility. Traditional email may require configuring email clients for different devices.

Traditional Email: The Classic Approach

1. Local Control: Traditional email services give users more control over their data as emails are stored locally. This can be an advantage for privacy-conscious users.
2. No Ads: Unlike Gmail, traditional email services typically don’t analyze your emails to display targeted ads, which can be a privacy preference for some users.
3. Independence: Traditional email allows users to set up their own email servers, providing complete autonomy over email management. Gmail relies on Google’s infrastructure.
4. Cost: Many traditional email services are offered for free, especially through ISPs. Gmail may come with a free version, but Google Workspace (formerly G Suite) offers advanced features at a cost.
5. Client Diversity: Traditional email supports a wide range of email clients, allowing users to choose the one that suits their preferences.

The choice between Gmail and traditional email largely depends on your specific needs and preferences. Gmail excels in terms of convenience, storage, search, and integration. It’s an excellent choice for users who value mobility and advanced features.

On the other hand, traditional email services offer greater control, privacy, and independence. They are well-suited for users who prefer managing their email infrastructure or require a more straightforward communication method.

In the end, both options have their merits, and the decision ultimately boils down to what aligns best with your communication and privacy requirements. Whether you’re embracing the modern convenience of Gmail or cherishing the classic control of traditional email, the goal remains the same: efficient and effective communication.

Sure, you can go through every single email, sort them all, and delete what you don’t need. But who has the time?

Here are five tips that can help you keep your email inbox under control — and keep your sanity in the process.

1. Unsubscribe from the chaos

Think of all those useless, annoying emails you receive from online stores or services you never signed up for. They take up valuable space in your inbox and can be distracting when you’re trying to find an important email. If you aren’t reading them regularly, unsubscribe. It will save you a lot of hassle in the long run.

2. Set up filters

Create filters and sort emails into different folders based on categories like sender and subject line. This way, you can find all the emails from your boss, teammate, or client without sifting through dozens of messages. Bonus: you can use filters to unsubscribe from mailing lists all at once by creating a filter that deletes every email that comes from a specific spammer address.

3. Focus on what matters by using folders, tags, and filters

Some items in your inbox are more important than others —essential emails from your team, boss, or clients fall into this category.

Many people have their work email connected to their phone, which means they receive notifications every time they receive a new email (whether it’s essential or not). The best way to avoid being distracted by these notifications is to turn off the ones that are not necessary when you’re working on a task.

4. Delete ancient emails

If you’ve got emails from years ago still sitting in your inbox, delete them! They’re not doing anything but taking up space in your account and making it harder for you to find more recent (and sometimes critical) messages.

5. Only give out email addresses when necessary

Every time you use an email address to register for an account, you open yourself up to more unsolicited mail. If the site allows, consider using a throwaway email address instead.

You can also find out if a company will share or sell your information by carefully reading their terms and conditions or privacy policy before signing up.

If you can’t find these on their homepage, a quick search of the business name plus “privacy policy” should lead you there. 

6. Bonus

Managing your inbox can be difficult, but the right tools can help

If you don’t know how to set up and use filters and checkpoints in your inbox, now is the time to learn!

Check out Zoho Mail and learn to manage your inbox in quick steps.

Instead of thinking of it as a chore, try to see it as an opportunity for self-improvement and growth.

The more organized you are with your email, the better off you will be.

[NB: This article was first posted on June 6, 2022 by Vaishnavi Soundarrajan on Zoho blog]