The National Data Protection Commission (NDPC) has imposed a significant fine of N555.8 million on Fidelity Bank for breaches of its customers’ data, marking the largest penalty issued by the commission to date.
The fine was announced by the National Commissioner, Vincent Olatunji, during a Validation Workshop on the Nigeria Data Protection Act General Application and Implementation Directive held in Abuja.
ATTENTION: Click “HERE” to join our WhatsApp group and receive News updates directly on your WhatsApp!
The penalty was levied after the commission found that Fidelity Bank had violated the Nigeria Data Protection (NDP) Act of 2023 and the Nigeria Data Protection Regulation (NDPR) of 2019. The fine represents 0.1% of the bank’s annual gross revenue for 2023, a calculation based on the severity of the data breach and the bank’s non-cooperation during the investigation.
Olatunji emphasized the importance of data protection compliance, stating that the NDPC is committed to enforcing penalties for non-compliance. He noted that the commission typically considers factors such as the extent of the breach, the number of individuals affected, and the level of cooperation from the organization involved when determining fines.
READ ALSO: FCCPC Fines Meta $220 Million for Data Privacy Violations
“Since we started, the major penalty we issued was yesterday on Fidelity Bank,” Olatunji stated. He added that the commission had been working with the bank since April 2023 to investigate the breaches, but the bank’s uncooperative attitude and perceived arrogance led to the decision to impose the full penalty.
Fidelity Bank has been given 14 days to pay the fine, which serves as a stern reminder to other organizations about the importance of adhering to data protection laws in Nigeria. The NDPC’s action signals a growing emphasis on data privacy and security in the country, with stricter enforcement measures likely to follow for any future violations.
More details to follow…