-Fidelity Bank Has 14 Days To Pay The Fine
News Highlight:
- The NDPC has fined Fidelity Bank Plc N555,800,000, which is 0.1% of the Bank’s annual gross revenue for 2023.
- The fine was a result of violations of the Nigeria Data Protection Act, 2023, and the Nigeria Data Protection Regulation, 2019.
The Nigeria Data Protection Commission (NDPC) has ordered Fidelity Bank Plc to pay a sum of N555,800,000 (Five Hundred and Fifty-Five-Million-Eight Hundred-Thousand naira) only being 0.1% of the Bank’s annual gross revenue in 2023.
Digital TimesNG reports that the fine resulting from investigations into violations of the Nigeria Data Protection Act, 2023, and the Nigeria Data Protection Regulation, 2019, is to be paid within 14 days of receipt of the Notice.
The NDPC said on Wednesday in a statement signed by Babatunde Bamigboye, the Commission’s Head of Legal, Enforcement and Regulations that the investigation into the data processing activities of Fidelity Bank PLC was triggered by a complaint from a data subject whose personal data was collected without lawful basis for the purposes of opening an account for the data subject.
Bamigboye said that this complaint was lodged with the Commission in April 2023.
According to him, “The Commission reviewed the data processing platforms of Fidelity Bank and found that in certain critical cases, the Bank processes personal data without the informed consent of data subjects.
“Data processing tools such as cookies and banking apps were deployed in violation of the NDP Act. Its banking App at the material time had been downloaded over one million times.”
He said that apart from internal non-compliance, the Bank relies on some non-compliant third-party data processors, adding that the law not only encourages an organization to be compliant, but it also mandates its relevant vendors, agents or contractors, among others to be accountable when handling personal data of individuals.
“It is to be noted that the initial decision of the Commission was issued in July 2023 and a directive to pay a remedial fee was issued in December 2023, and over 10 correspondences were exchanged.
“The Commission issued repeated warnings to no avail. The Commission gave several opportunities for full accountability for over one year – taking into account the need to encourage compliance as a culture. However, Fidelity Bank did not provide the requisite, satisfactory remedial plan,” Bamigboye noted in the statement.
Meanwhile, the National Commissioner and CEO of the Nigeria Data Protection Commission, Dr. Vincent Olatunji, has enjoined Data Controllers and Data Processors to eschew acts that may undermine trust and confidence in Nigeria’s capacity to protect data-driven decisions and transactions.
Dr. Olatunji noted that without demonstrable assurance of accountability in the exchange of goods and services, economic growth would be gravely hampered, stressing however, that through compliance with laws that protect the freedoms of individuals, their lives, and livelihoods, Nigeria will witness more and more momentum for sustainable development.