PETER OBI.

Legal

Audit & assurance

Effective 29 April 2026 · Version 1.0

1. Appointment of the external auditor

The Authorising Principal will appoint an independent professional services firm registered with the Financial Reporting Council of Nigeria as the external auditor of the Campaign. The auditor:

  • Will be appointed for an initial term of one (1) year, renewable annually;
  • Reports to the Audit Committee;
  • Is independent of the Campaign and may not provide non-audit services beyond agreed-upon-procedures and tax compliance;
  • Has full and unrestricted access to all Campaign records, personnel, and systems;
  • Is rotated as the partner-in-charge at least every five (5) years.

2. Scope of the annual audit

The annual audit covers the financial statements of the Campaign for the relevant financial year. The auditor is engaged to express an opinion on whether the financial statements:

  • Give a true and fair view of inflows, outflows, and the position at the year-end;
  • Are prepared in accordance with IFRS and applicable Nigerian standards;
  • Are free of material misstatement, whether due to fraud or error.

3. Agreed-upon-procedures (AUPs) on quarterly data

At least one quarter per year, the auditor performs an agreed-upon-procedures engagement on the quarterly transparency report. The procedures, agreed in advance with the Audit Committee, typically include:

  1. Reconciliation of the inflow ledger with the records of NowPayments and selected on-chain explorers, on a sample basis;
  2. Recalculation of refund and non-acceptance figures;
  3. Review of vendor onboarding for a sample of new vendors above the disclosure threshold;
  4. Review of compliance with the contribution caps under the Electoral Act 2022;
  5. Inspection of conflict-of-interest declarations and recusal records.

The auditor's AUP report is published alongside the quarterly transparency report.

4. Internal controls and self-assessment

The Compliance Office maintains a controls register that maps every donation, disbursement, and vendor process to a specific control, owner, and frequency of test. At least once per quarter, the Compliance Office self-assesses every control, and the Audit Committee reviews the results.

Material control weaknesses are disclosed to the Audit Committee within seven (7) days of identification, with a remediation plan and target date.

5. Security audit

Independently of the financial audit, the Site and the Donation Platform are subject to:

  • A penetration test at least once per year by a qualified, independent third-party tester;
  • A vulnerability scan at least monthly;
  • A review of the IPN signature verification, idempotency, and rate-limit logic by an independent engineer at least once per year;
  • Continuous logging review by the Compliance Office.

A summary of the most recent penetration test and any high-severity findings (with remediation status) is published in the next quarterly transparency report.

6. Regulator engagement

Where the auditor identifies any matter that, in its professional judgement, is required to be reported to a regulator (for example, suspected money laundering reportable to the NFIU, or material misstatement reportable to the Financial Reporting Council of Nigeria), the Authorising Principal will not seek to delay or obstruct the report. The Authorising Principal may, in parallel, take legal advice and exercise any rights available to him under the relevant law.

7. Donor audit rights

Donors do not have audit rights against the Campaign in their personal capacity, save as may be granted by INEC or by a court of competent jurisdiction. The Campaign's position is that the appropriate forum for verifying the use of campaign funds is the external auditor's opinion and the published transparency reports.

8. Contact

For questions about audit, write to contact@peterobi.supportwith “Audit” in the subject line.