Nigeria Probes Massive ID Fraud Black Market Invading Fintech Sector
Nigeria’s bubbly fintech sector is under fresh scrutiny after the country’s anti-corruption agency uncovered a sprawling identity fraud scheme involving thousands of young Nigerians selling biometric data to digital finance platforms.
According to the Economic and Financial Crimes Commission (EFCC), over 12,000 individuals are allegedly harvesting and reselling critical identity information—including Bank Verification Numbers (BVNs) and National Identification Numbers (NINs)—to fintech companies for as little as NGN 5 K (~USD 3.33) per identity.
The illicit trade, described by the EFCC as a “threat to national security,” exposes a troubling weakness in the Know Your Customer (KYC) processes meant to secure Nigeria’s digital financial systems.
In some cases, scammers reportedly pay victims between NGN 1.5 K and NGN 2 K to surrender personal data, including ID photos, address details, and national ID slips. These details are then used to open accounts linked to fraudulent investment schemes, or to launder money via cryptocurrency and microfinance channels.
The alleged fraudsters, often referred to as “Account Suppliers” or “KYC Groups,” have created a black market for verified identities, exploiting the very infrastructure designed to enhance trust and access in the country’s digital economy.
While the EFCC did not publicly name the fintech companies implicated in the ongoing investigation, it confirmed that arrests have been made and that recovery efforts are underway.
The fallout has also reached Nigeria’s National Identity Management Commission (NIMC), which has moved to distance itself from the scandal. In a statement, NIMC’s spokesperson Kayode Adegoke denied institutional responsibility, stressing that the commission had repeatedly warned citizens against disclosing their NINs to unauthorised parties.
“The NIMC will not be held responsible for any personal information shared by an individual directly or by proxy for the purpose of financial gain,” the statement read. The agency encouraged the public to use its NINAuth mobile app to better control and protect their identity data.
Beyond the data-selling racket, the EFCC also flagged a parallel scheme involving malware and phishing. In one instance, victims were lured by a fake airline promo offering 50% off tickets in exchange for a NGN 500.00 “charity” donation. The scam prompted users to download a counterfeit app embedded with spyware capable of siphoning sensitive banking credentials.
Once accessed, victims’ funds were funneled into accounts, often opened with stolen identities, then converted to crypto to obscure the trail.
The revelations cast a shadow over Nigeria’s fintech boom, which has attracted billions in venture capital and positioned itself as a beacon of innovation and financial inclusion on the continent. The EFCC’s findings now raise urgent questions about compliance lapses and data protection standards in the sector.
