NAIJA NEWS
Fidelity Bank has been fined ₦555.8 million by the National Data Protection Commission (NDPC) for multiple breaches involving its customers’ data, making it the largest fine ever issued by the commission.
This was revealed by the National Commissioner of the NDPC, Vincent Olatunji, during the Validation Workshop on the Nigeria Data Protection Act General Application and Implementation Directive held in Abuja on Wednesday.
Olatunji explained that Fidelity Bank was found in violation of the Nigeria Data Protection Act, 2023, and the Nigeria Data Protection Regulation (NDPR) of 2019.
The fine, which amounts to 0.1% of the bank’s annual gross revenue in 2023, was imposed as a consequence of the data breach.
The commissioner noted that the severity of the fine was exacerbated by the bank’s lack of cooperation and perceived arrogance during the commission’s investigation.
He emphasized that this penalty sends a strong message about the importance of protecting customers’ data in Nigeria’s evolving digital landscape.
Olatunji said, “Data protection compliance is important and we have stated that non-compliance will be punished. We have penalties that range from ₦10m or up to two per cent of gross earnings for the previous year.
“But our approach has been creating awareness and letting people know what we are supposed to be doing and most of the breaches we try to look at the level of breach, impact, and the number of data subjects affected and the level of cooperation by the organisation involved on the remuneration fee.
“Since we started, the major penalty we issued was yesterday (Tuesday) on fidelity bank. For the violation of the NDP Act, 2023, and the NDPR, 2019, we issued a fine of ₦555.8m and they have to pay. We have observed serious breaches and we have been working with them, investigating the issue since April 2023.
