Regulatory approaches to cross-border IoT and M2M connectivity continue to diverge across Africa, particularly in relation to permanent roaming, authorisation regimes and SIM registration obligations.

Global connectivity still relies heavily on SIM cards roaming across borders to connect devices deployed worldwide. As regulatory frameworks continue to evolve, Cullen International’s latest analysis examines how these developments affect connectivity models based on roaming architectures, while noting that many of the same rules also apply to deployments using local SIM profiles.

Our latest analysis covers seven African markets: Algeria, Egypt, Kenya, Morocco, Nigeria, South Africa and Tunisia. The analysis shows that, while some countries remain relatively open to roaming-based IoT models, others increasingly anchor market access to domestic licensing and identity verification requirements.

Key takeaways

Permanent roaming remains permitted in several of the surveyed markets. Algeria, Morocco, South Africa and Tunisia allow the long-term use of foreign SIM cards through bilateral roaming arrangements without a dedicated regulatory regime. Egypt and Kenya permit permanent roaming but subject deployments to regulatory approval and licensing conditions. In Nigeria, strict SIM registration rules linked to the national identity framework effectively prevent the use of foreign-issued SIM cards for permanent roaming deployments.

Authorisation requirements continue to depend on how IoT services are structured. Most countries treat IoT connectivity and public internet access as regulated telecommunications services that require authorisation or licensing. By contrast, purely ancillary IoT services, such as data platforms or analytics, may fall outside telecommunications licensing in some jurisdictions.

SIM registration obligations apply across all of the surveyed countries. IoT and M2M SIM cards are generally subject to the same subscriber identification requirements as consumer SIM cards, although the scope of identity verification, the categories of subscriber data to be collected and the applicable retention periods vary significantly between jurisdictions.

Regulatory developments in 2025

Several countries introduced or reinforced regulatory measures affecting IoT connectivity in 2025.

Kenya adopted new SIM registration regulations, Nigeria strengthened the linkage between SIM registration and the national identity framework, and Egypt operates an approval-based framework for IoT connectivity and roaming.

These developments illustrate how regulators increasingly rely on identity verification frameworks and approval procedures to monitor and control IoT connectivity deployments.

Why it matters

For global IoT providers, regulatory compliance in Africa increasingly depends on the interaction between roaming models, telecommunications licensing frameworks and national SIM registration regimes.

Even where permanent roaming is formally permitted, providers must assess whether local licensing requirements, numbering policies or subscriber identification rules make offshore deployment models difficult to sustain in practice. As a result, regulatory compliance is becoming a central factor in how multinational IoT connectivity services are designed and deployed.

Scope

Region: Africa
Countries covered: 7
Policy area: Internet of Things
Last updated: March 2026

For full access to our research, click 'Access full content' – or 'Request access' if you are not yet a subscriber to our IoT service.

Interested in other regions? Check these out:

• Americas