The State of Digital Governance in Nigeria
In an interview, Toye Apampa, the founder and CEO of Metaheuristic, discusses the state of digital governance in Nigeria. He highlights how Nigerian banks are more prepared to adopt artificial intelligence (AI) compared to other sectors, which lag behind due to weak data governance and inadequate foundational systems.
Apampa has spent the last fourteen years working in some of Britain’s most data-heavy organizations, including Lloyds, British Airways, Marks & Spencer, WorldRemit, and Rank Group. In these environments, data governance is not a luxury but a necessity. It ensures that regulators are kept at bay and that the business operates smoothly, whether it’s determining creditworthiness or ensuring that a gambling platform does not serve vulnerable customers.
Most of his conversations with senior executives revolved around one central question: can we trust the numbers we see? Underlying this was often the same problem—user data, transactional data, and marketing data were stored in different systems, making it difficult to create a unified view of the customer. When the time came to stitch this information together, the identifiers didn’t match, and sometimes the data wasn’t even present at the point of stitching.
This led to processing being rerun to correct legacy joins that had been feeding incorrect insights into boardrooms for months. By the time these issues were resolved, decisions had already been made. This is the reality of data governance at scale—it may not be glamorous, but it is the foundation on which all downstream decisions rest.
When looking at Nigeria through this lens, Apampa notes that while the frameworks are impressive, the implementation is lacking. The Nigeria Data Protection Act and the NITDA AI Code of Practice are well-drafted documents. The UNDP Digital Development Compass scores Nigeria’s Data and Privacy framework at 4.17 out of 5. However, the gap lies in the plumbing underneath the policy. While the laws exist, the operational capacity to comply with them is only at 2.5.
Readiness for AI Adoption in Africa
Apampa also discusses the readiness of African organizations for AI adoption beyond the hype. He emphasizes that readiness is often lower than the noise suggests. As a technologist, he points out that the work involved in preparing for AI is slow and unglamorous. It involves cataloging data, documenting its origin, and defining what a customer means across departments that have used different names for years.
None of this makes the news, yet it is crucial for building an AI model that can be trusted. The risk for many emerging markets is that the conversation about AI has arrived before the conversation about data foundations has finished. Boards are being asked to approve AI roadmaps before anyone in the business can confidently describe the data those roadmaps depend on.
The organizations that will win this decade are not the ones deploying the flashiest models; they are the ones quietly doing the foundational work first.
What AI Readiness Entails for a Business
AI readiness comes down to three key questions any business owner should be able to answer before spending a single naira on AI:
- Do you know what data you have? You need an actual inventory of where it lives and who owns it.
- Can you trust it? Is it clean, consistent, and documented, or is it a pile of spreadsheets that nobody has audited in years?
- Can you legally use it? Under the Nigeria Data Protection Act, “it was in our system already” is not a legal basis for AI processing.
Apampa has seen situations where senior executives realized mid-meeting that the insight on the screen was built on data joined incorrectly for months. Different systems, different user IDs, and gaps that nobody had flagged because the organization had grown faster than its governance. You cannot reliably train a model on data you cannot reliably stitch together.
This global struggle is why he built EventParity, a platform designed to automate the boring but essential governance work of mapping data flows and tracking compliance.
Nigeria’s Digital Transformation and Governance
Nigeria is advancing digital transformation, but governance structures are not keeping up. Digital transformation is something you can buy; governance is something you must build through people, process, and practice. When digital outpaces governance, you end up with shiny services sitting on shaky foundations.
Nigeria has a chance to avoid the catch-up trap that the UK went through. By integrating governance tools from day one, the country can leapfrog the legacy mistakes of the West. If the gap widens, Nigeria builds digital infrastructure it cannot ultimately defend.
Sectors Leading and Falling Behind in Digital Governance
Based on his tracker, Apampa identifies which sectors in Nigeria are set to lead in digital governance and which are likely to fall behind. The pattern usually follows the strength of the regulator. Banking, under the CBN, and telecommunications, under the NCC, are positioned to lead because they have been forced to build governance muscle for decades.
The lagging sectors are typically health and education. In these fields, data is frequently scattered across incompatible systems. When data doesn’t speak to other data, critical decisions in hospitals and schools are made on fragmented information.
The NHS in the UK serves as a cautionary tale. Different trusts run different software with limited integration, and the cost of fixing it has become so high that most departments put it off indefinitely. Patients suffer the consequences. Every new digital initiative inherits the legacy problem. Nigeria has the opportunity to avoid that trajectory, but only if data integration is built in from the start rather than bolted on a decade later.
Balancing Innovation and Risk in AI
Regulators must strike a balance between innovation and risk as AI advances. The biggest lesson from working in highly regulated UK sectors is that prescriptive regulation ages badly. Regulators should tell organizations what outcome they must achieve—protected data and explainable decisions—and let them determine the how.
Three things are vital: supervised environments where organizations can pilot new AI systems under a regulator’s watch, capacity-building to help institutions learn the tools of compliance, and inter-agency coordination to ensure that NITDA, the NDPC, and the NCC aren’t pulling businesses in different directions.
Common Data Governance Mistakes
Apampa highlights four common data governance mistakes organizations make:
- Treating data governance as an IT problem rather than an accountability problem. If only your junior engineer can explain your data, your structure is broken.
- Buying tools too early. Procuring a platform before defining your business terms just automates the confusion.
- Defaulting to centralization. Trying to pull all data into one giant lake is often a recipe for technical and political failure.
- Governance as an afterthought. Trying to fix governance after an AI model is live is like trying to install a foundation after the house is already built.
A Policy Reform for Nigeria’s Digital Future
If Apampa had to choose a single policy reform to speed up Nigeria’s digital future, it would be making data maturity a mandatory condition of public-sector AI procurement. Before any agency spends public funds on an AI system, it should be required to produce a standardized assessment of the data that system will rely on.
This creates an immediate economic incentive to invest in governance. It forces institutions to confront the state of their plumbing before they buy the taps. If Nigeria gets this right, the picture in ten years is one where a state ministry can deploy an AI model with confidence, knowing the data underneath it is defensible. If it gets it wrong, we end up with a decade of expensive pilots and a slow erosion of public trust. The difference is whether we do the unglamorous work of governance now or pay for it publicly later.
