STARK LEGAL is a 21st century fully serviced commercial law firm in Nigeria that has consistently provided legal support to local and international corporate bodies, government agencies, non-government organizations and individuals. Over the years, like the mustard seed, we have grown in leaps and bounds and stayed a step ahead of our contemporaries by constantly challenging ourselves to bring new and original ways of thinking to the most complex challenges our clients face.Forward thinking and commercial in our approach, with significant ‘home-grown’ problem solving experience, we are regarded as the firm of choice for complex and big-ticket transactions and this is attested to by our track record of high value mandates. Our clients choose us because they know we understand the market, their goals and objectives, and offer them the experience, innovation, technical expertise, clarity of advice and full commitment to get their deals done efficiently and most effectively.


A Business Owner’s Legal Guide to Tech Startups in Nigeria

In recent times, there has been a surge in technological growth and development. This has significantly affected the way businesses are run – with far reaching effects in the way companies provide services. Consequently, businesses have to maintain competitive edge and aspire to be ahead of the competition by being up-to-date with the latest trends in their industries. 

Business owners in Nigeria have begun to adopt an e-commerce business model because of its tremendous advantages and the potential for growth. In most cases, new companies have dispensed with the need for brick and mortar stores.  Naturally, while Nigerian tech giants like Konga and Jumia easily come to mind. With the continuous growth of technology, the number of such businesses will only continue to rise. 

Although E-Commerce and tech startups provide a lot of benefits that an Entrepreneur can leverage on to grow his business, there are numerous legal considerations peculiar to it. If these are ignored, the consequences usually have adverse effect on the company’s growth of such business. This article seeks to enlighten entrepreneurs on the legal implications for an E-Commerce startup in Nigeria. 


  • Business Registration 

To provide commercial services (including e-commerce), the Corporate Affairs Commission requires that such persons to register the entity under the Companies and Allied Matters Act. The type of business structure chosen will depend on certain factors such as budget and funding, taxation, etc.

It should be stated that the requirement of obtaining a tax identification number has now become stringent. This requirement is often paramount to be eligible to open a business account with most Nigerian banks. It is also interesting to know that in some cases, there may be need to register with the Special Control Unit Against Money Laundering.


  • Domain Name Registration

A domain name is a unique name that individuals or businesses register with a domain registrar to claim their own space on the internet. A registered domain name can be used as the name for a website, for an email or both. A major legal consideration in choosing a domain name is to ensure that such domain name is not already in use by another person. This is because the Nigerian Cyber Crime Act 2015 makes it a punishable offence for anyone to intentionally register a domain name that is already been used by another.

Availability of a domain name can easily be verified on popular hosting sites. This will quickly reveal if a name is available for use on the internet. In the event that there is need to ensure that the name is not already registered as a business name elsewhere, a search at the CAC or other appropriate quarters will be an extra layer of protective measure. 

In addition, any tech startup or e-commerce business would naturally require that you develop and maintain a website. An important factor to consider in building a website is to exercise caution in ensuring that images, logos and design used in developing such website are not already owned by another person. Images, logos or designs on the internet cannot just be copied without getting due consent from the owner. This is because there is always the potential risk of being subject of copyright-violation claim.

Where a web developer is involved, there is a dire need to sign a contract with the web developer that would spell out the intellectual property rights and obligations. It would be wise for this contract to include non-disclosure obligations as well. This is important to prevent exposure to liabilities and preventing the web developer or a third party from leveraging on insider information about your business idea obtained while developing the website.


  • Data Privacy 

A good part of any e-commerce business transaction would require that customers disclose sensitive private information about themselves over the internet.  Such could include: credit card details, bank account details, names, addresses, employment status, age, marital status, family and ethnic background of an individual. Because the internet is a breeding zone for hackers who usually exploit these data to the detriment of the people that disclose them, it becomes very necessary that you protect your customers from these potential hackers.

The Nigeria Data Protection Regulation and the Nigerian Cyber Crime Act, 2015 contains rules and regulations that an e-commerce outfit should follow. It is an offence to breach these rules.

For instance, Section 9 of the Nigerian Cyber Crime Act which deals with intercepting electronic messages provides that any person who unlawfully destroys or aborts any electronic mails or processes through which money and/or valuable information is being conveyed is guilty of an offence and is liable to imprisonment for 7 years in the first instance and upon second conviction shall be liable to 14 years imprisonment.

Similarly, section 2.3 of the NITDA Draft Guideline on Data Protection deals with consent and provides that no data shall be obtained except the specific purpose of collection is made known to the Data Subject. If further provides that Data Controller is under obligation to ensure that consent of a Data Subject has been obtained without fraud, coercion or undue influence.

Section 2.10 of the NITDA Guideline on Data Protection deals with penalties and provides that any person subject to the Regulation who is found to be in breach of the data privacy rights of any Data Subject shall be liable in addition to any other criminal liability, the following:


  1. in the case of a Data Controller dealing with more than 10,000 Data Subjects, payment of the fine of 2% of Annual Gross Revenue of the preceding year or payment of the sum of 10 million naira whichever is greater;
  2. in the case of a Data Controller dealing with less than 10,000 Data Subjects, payment of the fine of 1% of the Annual Gross Revenue of the preceding year or payment of the sum of 2 million naira whichever is greater.

There are other numerous offences provided in these laws that prescribe offences and penalties in the event of a breach. The best way to abide by these rules is by integrating these rules in your data management software and through a carefully drafted Privacy Policy, and Terms & Conditions.


  • Credit Card Transactions 

It is common practice for online business owners to integrate a payment gateway on their websites through which customers pay for goods bought or services rendered online. This can be done via two methods – either by directly applying to be issued a merchant account or by using the services of third-party provider (e.g. GTpay, Paypal, E-transact) who is already registered as a merchant account.

Whatever method that the business owner chooses, it is important that due diligence is conducted to ensure that the merchant account chosen complies with the Payment Card Industry Security Standard Council, (PCI SSC) guidelines. The PCI SSC is a widely accepted set of policies and procedures created jointly in 2004 by four major credit-card companies: including Visa and MasterCard. It is intended to optimize the security of credit, debit, and cash card transactions and protect cardholders against misuse of their private data.


  • Trademarks 

Trademarks are images, logos, pictures, symbols, names, signs, designs, colors, sounds and jingles etc. which distinguish your product or service from others. With the surge in e-commerce related activities, it is now easier for one’s trademark rights to be stolen or infringed upon. By registering trademarks, the owner of the registered trademark retains exclusive right of use and can institute a legal action against anybody who infringes on this right.

The business owner should also look at trademark issues as a duty, every business owes to other people not to infringe on their own trademark rights.


  • Online Advertising Rules

Advertising of goods and services in Nigeria is regulated under the code of Advertising Practice and Sales Promotions Guideline of Advertising Practitioners Council of Nigeria (APCON).

It provides amongst other things that:

  1. The commercial nature of the communication must not be concealed or misleading; it should be made clear in the subject header.
  2. There should be clarity of the terms and offer and devices should not be used to conceal or obscure any material factor such as the: the price or other sale conditions likely to influence the customer’s decision
  3. There should be clarity as to the procedure for concluding the contract.
  4. All marketing communications sent via electronic media should include a clear and transparent mechanism enabling the consumer to opt-against receiving future solicitations.


  • Tax Considerations 

The law on taxation in Nigeria requires that so long as one has a business in Nigeria or derives income from Nigeria, such person would be liable to pay tax. The principal law is the Companies Income Tax Act (CITA) which imposes Companies Income Tax on profits accruing in, derived from, brought into or received in Nigeria. It is payable by companies that are registered in Nigeria and non- resident entities carrying on business in Nigeria at a rate of 30% on profits made by the Company. 

In essence, an e-commerce business owner whose business is targeted at the Nigerian market and who derives revenues or income from such a business is liable to taxation in a manner applicable to businesses with traditional offices in Nigeria and would be required to pay Company Income Tax of 30% on its profits. 

Once a company registers for Company Income Tax it is given a unique Taxpayer’s Identification Number (TIN). The TIN is a unique number that identifies a specific company for the purposes of paying taxes. Further, as goods will be sold online, the sale of goods in Nigeria is also subject to Value Added Tax (VAT). VAT is a tax imposed on the supply of goods and services. The tax is charged in Nigeria at 5% of the value of the taxable goods and services. You can read more about the process to register for VAT here.

Under Nigerian Law, there is also a tax levied on ICT companies called the Information Technology Tax. This tax is payable by specified companies (GSM service providers and all telecommunications companies, cyber companies and internet providers, pension managers and pension related companies, banks and other financial institutions, and insurance companies) who have an annual turnover of One Hundred Million Naira (N100, 000,000). The companies are to pay a levy of one per cent (1%) of their annual profit before tax to the National Information Technology Development Fund (“NITD Fund”). This tax when paid is tax deductible for company income tax purposes. The unfortunate thing here is that the term ‘cyber companies’ is not defined by the Act, so there is some ambiguity as to whether e-Commerce companies would fall under that term and therefore liable to pay the tax. It is however something that e-Commerce companies should bear in mind.

Nigeria also offers tax incentives that may be beneficial to eligible e-commerce businesses. Pioneer companies investing in specified industrial activities may, on application, be granted a tax holiday for three years initially, which may be extended for up to two years upon satisfaction of specified conditions. 

There are also export incentives. Export processing zones (EPZs) and free trade zones (FTZs) are locations within Nigeria designated by the government as free areas where export trade activities can be carried on free of tax and foreign exchange restrictions.

An e-commerce company that is engaged in an approved activity in an EPZ and incurs expenditures in its qualifying equipment is entitled to 100% capital allowance in that year of assessment. In addition, a company that is 100% export oriented but located outside an EPZ will enjoy a three-year tax holiday, provided the company is not formed by splitting up or reconstruction of an already existing business and the export proceeds form at least 75% of its turnover.



It is important that before commencing any technological startup or e-commerce venture, one gets acquainted with these legal considerations to protect any online business accordingly. This is because any mistakes made and any neglect of duties owed to customers (e.g. duty to ensure customers’ data protection) can be very expensive and in some instances, attract criminal charges. It may also attract unnecessary legal costs to business while undermining the longevity.

In any case, in educating oneself on these legal considerations and complying with the relevant rules and regulations that have been laid down, it is imperative to inform customers on how their information and data is being utilised. It is a sure way of promoting the integrity of business, attracting and maintaining a loyal customer base within the ambit of the law.


[1] SCUML was established by the Federal Government in September 2005 in compliance with the provisions of the Money Laundering (Prohibition) Act 2004 which was subsequently repealed and amended to Money Laundering (Prohibition) Act 2011(as amended). SCUML was created as part of measures for the implementation of the Financial Action Task Force (FATF) Recommendations on Anti- Money Laundering /Combating the Financing
[2] See Section 6(4) Nigerian Cyber Crime (Prohibition, Prevention, Etc.) Act 2015
[3] The objectives of this Regulation are to safeguard the rights of natural persons to data privacy and to foster safe conduct of transactions involving the exchange of personal data
[4] The Cybercrime Act provides a unified and comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes in Nigeria.
[5] Section 2.3(II) NITDA Guideline on Data Protection 2019
[6] The Advertising Practitioners Council of Nigeria has a vision to promote responsible and ethical advertising practice which extends to online advertising.
[7] APCON (2005) The Nigerian Code of Advertising Practice. Lagos: APCON
[8] Companies Income Tax Act CAP. 60 L.F.N. 1990 ACT CAP. C21 L.F.N. 2004 (PART VII of CITA deals with the Rates of tax, deduction of tax from dividends and relief for double taxation)
[9] Section 40(1) of the Company Income Tax Act
[10] PWC “Nigeria: Corporate Tax Credit and Incentives
No Comments
Post a Comment