Fintech Regulation in Africa, 2026: The Founder’s Guide to 10 Key Markets
Licenses, capital floors, crypto rules, and data protection duties in Nigeria, Kenya, South Africa, Ghana, Egypt, Ethiopia, Rwanda, Uganda, Tanzania, and Senegal. What you need, who issues it, and what changed in 2025 and 2026.
Africa’s fintech rulebook changed faster in the past 18 months than in the previous five years. Kenya and Ghana passed full virtual asset laws. Nigeria rewrote its securities act and pulled digital assets inside it. South Africa is opening its national payment system to non-banks. Ethiopia raised capital floors and forced wallet interoperability.
If you build or fund fintech on the continent, your compliance plan from 2024 is already stale. This guide gives you the current picture in 10 markets: who regulates you, which license you need, how much capital you must show, where crypto stands, and what changed in 2025 and 2026.
One rule holds everywhere. License first, launch second. Regulators across the continent now enforce perimeter rules, and several have frozen, fined, or delisted unlicensed operators.
The 10-market snapshot
| Market | Lead regulator(s) | Core payments law | Entry capital (payments / e-money) | Crypto status |
|---|---|---|---|---|
| Nigeria | CBN; SEC (digital assets) | CBN PSP Licensing Framework (2020/2021) | ₦100m (PSSP) to ₦2bn (MMO, Switching) | Regulated ISA 2025: digital assets are securities |
| Kenya | CBK; CMA (virtual assets) | National Payment System Act 2011 + Regs 2014 | Set by CBK per authorization category | Regulated VASP Act 2025; regs rolling out in 2026 |
| South Africa | SARB; FSCA; Prudential Authority | NPS Act 1998; reform under way | Activity-based framework opening to non-banks H2 2026 | Regulated 300 CASP licenses issued by end 2025 |
| Ghana | Bank of Ghana; SEC | Payment Systems & Services Act 2019 (Act 987) | GHS 0 (Standard PSP) to GHS 20m (DEMI) | Regulated VASP Act 2025 (Act 1154) |
| Egypt | CBE; FRA (non-bank) | Banking Law 194/2020; Fintech Law 5/2022 | Set by CBE/FRA per activity; FRA consumer-finance fintech licenses frozen | Prohibited without CBE license; none issued |
| Ethiopia | National Bank of Ethiopia | NPS Proclamation 718/2011, amended 1282/2023 | Birr 100m paid-up (payment instrument issuers) | Prohibited for transactions |
| Rwanda | BNR; CMA (virtual assets) | BNR Regulation 70/2024 on PSPs | Set by BNR per PSP category | In transition VA law drafted; CMA to license |
| Uganda | Bank of Uganda | NPS Act 2020 + Regulations 2021 | UGX 100m (funds transfer) / UGX 250m+ (e-money), tiered | Unregulated BoU consulting on framework |
| Tanzania | Bank of Tanzania | NPS Act 2015 + E-Money Regs 2015 | TZS 2bn+ for e-money issuers; new EMI licenses limited to MNOs | Restricted BoT cautions; not legal tender |
| Senegal | BCEAO (WAEMU) | 2025 Banking Law; Instruction 001-01-2024 | Set by BCEAO per PI / EMI category | Unregulated at WAEMU level |
⟵ Swipe sideways to see the full table
Capital figures are statutory minimums at the lowest qualifying tier as of June 2026. Regulators adjust them. Confirm with the regulator before you file.
Country by country
Nigeria
Africa’s largest fintech market runs on a strict, category-based licensing model.
The Central Bank of Nigeria sorts payments licenses into four buckets: Switching and Processing, Mobile Money Operations, Payment Solution Services, and a regulatory sandbox. Pick the bucket that matches what you do. A Payment Solution Service Provider (PSSP) can run gateways and merchant collections but cannot hold customer funds. Only a Mobile Money Operator can issue wallets. Holding funds on a PSSP license is a violation that can cost you the license.
Kenya
East Africa’s fintech hub now has one of the continent’s most complete rulebooks.
The Central Bank of Kenya authorizes payment service providers and e-money issuers under the National Payment System Act and its 2014 regulations. Digital lenders fall under the Digital Credit Provider regime, which pulled hundreds of previously unregulated apps into CBK supervision and now sits within the broader non-deposit-taking credit framework. The Data Protection Act 2019 applies to every fintech handling personal data, with registration through the ODPC.
South Africa
The continent’s most institutionally mature regime is mid-rebuild, and the changes favor fintechs.
South Africa runs a Twin Peaks model: the Prudential Authority handles soundness, the FSCA handles conduct, and the SARB oversees the national payment system. Historically, non-banks needed a bank sponsor to clear and settle payments. That is ending. The SARB’s Payments Ecosystem Modernisation programme will open the national payment system to licensed non-banks in the second half of 2026, with a draft activity-based authorisation framework out for comment until June 15, 2026.
Ghana
A tiered licensing ladder lets you start small, plus a brand-new virtual asset law.
The Payment Systems and Services Act 2019 (Act 987) governs payments. The Bank of Ghana issues licenses in tiers, so an early-stage startup can enter at the Standard PSP level with no capital requirement and climb as it grows. Dedicated Electronic Money Issuers sit at the top of the ladder. The Data Protection Act 2012 (Act 843) requires registration with the Data Protection Commission.
Egypt
Two regulators split the market, and one of them just hit pause on new entrants.
Egypt divides fintech by perimeter. The Central Bank of Egypt regulates banking, payments, wallets, and aggregators under Banking Law 194 of 2020. The Financial Regulatory Authority regulates non-bank financial services, including consumer finance, microfinance, leasing, and factoring, under Fintech Law 5 of 2022. Each side runs its own sandbox: the CBE’s banking sandbox (since 2019) and the FRA’s CORBEH sandbox. The Personal Data Protection Law 151 of 2020 applies across both.
Ethiopia
A newly opened market with strict new rules and a 100 million birr entry ticket.
Ethiopia opened payments to foreign investors through the National Payment System (Amendment) Proclamation 1282/2023, and the sector is moving fast. The National Bank of Ethiopia licenses payment instrument issuers and payment system operators. Directive ONPS/10/2025, effective May 12, 2025, rewrote the rules: higher capital, mandatory wallet-to-wallet interoperability through the national switch, and required integration with the Ethiopian Instant Payment System (EIPS). Crypto transactions remain banned.
Rwanda
A small market with big regulatory ambition and a fast, structured licensing path.
The National Bank of Rwanda (BNR) licenses payment service providers under Regulation 70/2024, which forced all existing PSPs to recategorize their licenses by September 18, 2024 or face revocation. The BNR runs an active regulatory sandbox and has licensed regional players such as Pesapal. Rwanda’s Law 058/2021 on personal data protection applies, supervised by the National Cyber Security Authority. The national fintech strategy targets Kigali as a regional financial hub.
Uganda
Clear license categories, low entry capital, but a multi-regulator obstacle course.
The National Payment Systems Act 2020 and its 2021 Regulations created three license types: payment system operator, payment service provider, and payment instrument issuer. You can combine categories in one application. Entry capital is among the lowest in the region. The catch is sequencing: you need NITA-U certification for your software before you file with the Bank of Uganda, registration with the Financial Intelligence Authority under the Anti-Money Laundering Act, and a registered data protection officer under the Data Protection and Privacy Act 2019.
Tanzania
A large mobile money market with one hard constraint on new wallet issuers.
The Bank of Tanzania licenses payment systems under the National Payment Systems Act 2015, the Electronic Money Regulations 2015, and the Payment Systems Licensing and Approval Regulations 2015. E-money issuers need TZS 2 billion or more in paid-up capital and must hold customer funds in trust with a licensed bank. The binding constraint: a December 2020 circular restricts new electronic money licenses to licensed mobile network operators. Non-MNO fintechs enter as PSPs or partner with an MNO. The Personal Data Protection Act 2022 adds registration and compliance duties.
Senegal
One license regime for eight countries, applied one country at a time.
Senegal sits in the West African Economic and Monetary Union, so the regional central bank, BCEAO, licenses fintechs under Instruction 001-01-2024 and the 2025 Banking Law. You need a Payment Institution license for payment services or an Electronic Money Institution license to issue wallets. The 2025 Banking Law makes prior authorization explicit: no one may present themselves as a payment institution, e-money issuer, or fintech without approval and listing on the official register. Licenses are national; operating across WAEMU means applying in each member state. Senegal’s 2008 data protection law, enforced by the CDP, applies, and AML follows WAEMU-wide rules.
The founder’s market-entry checklist
Seven steps before you launch in any African market
The pattern repeats across all 10 countries. Run this sequence and you avoid the most common failure modes.
- Map your activity to a license category first. “Payments” is not a category. Gateway, wallet issuance, switching, remittance, and lending each carry different licenses, capital, and restrictions.
- Check whether you may hold customer funds. This single question separates license tiers in Nigeria, Ghana, Uganda, and Tanzania. Getting it wrong risks revocation.
- Budget for capital plus time. Floors range from zero (Ghana Standard PSP) to roughly USD 1.3m equivalent (Nigeria MMO). Approval takes 2 to 10 months. Raise accordingly.
- Stack the secondary registrations. Data protection registration, AML/FIU registration, and IT certification are separate processes with separate regulators in most markets. Uganda requires all three before or alongside your central bank filing.
- Treat crypto as a licensed activity, not a gray zone. Nigeria, Kenya, Ghana, and South Africa now license VASPs. Egypt and Ethiopia prohibit it. The era of operating unlicensed exchanges quietly is over.
- Use sandboxes for anything novel. Ghana, Egypt, Rwanda, Tanzania, and Nigeria all run them. A sandbox slot buys regulatory goodwill and a defined path to a full license.
- Re-check the rules every quarter. Four of the 10 markets changed core rules in the last 12 months. Subscribe to regulator circulars or a monitoring service. Stale compliance maps sink expansion plans.
What to watch through 2026
Three threads run through every market above. First, virtual asset regulation is converging on FATF standards: licensing, Travel Rule, and dual oversight between central banks and capital market authorities. Kenya, Ghana, and Nigeria set the template; Rwanda and Uganda follow next.
Second, payment systems are opening. South Africa’s non-bank access in H2 2026 is the headline, but Ethiopia’s interoperability mandate and instant payment integration push the same direction. Direct access to national rails reduces your dependence on bank sponsors and cuts settlement costs.
Third, capital floors are rising. Ethiopia multiplied its requirement to Birr 100 million. Egypt’s FRA is importing Basel III to non-banks. Expect other regulators to follow as sectors mature. Thin-capital business models face consolidation pressure.
The winners in this cycle will treat regulation as product strategy. A license is distribution: it unlocks bank partnerships, enterprise clients, and cross-border corridors that unlicensed competitors cannot touch.
Looking for core banking, digital banking or a payment platform technology provider?
Tell us what you are building and where. We will match you with the right technology.
Email your requirements → or write to info@finhive.africa