The National Data Protection Commission (NDPC) has imposed a hefty fine of N555.8 million on Fidelity Bank for violating its customers’ data privacy.
This was announced by the NDPC’s National Commissioner, Vincent Olatunji, during a Validation Workshop on the Nigeria Data Protection Act General Application and Implementation Directive held on Wednesday in Abuja.
Fidelity Bank was found to have breached the Nigeria Data Protection Regulation (NDPR) of 2019 and the Nigeria Data Protection (NDP) Act of 2023. The fine, which amounts to 0.1 percent of the bank’s annual gross revenue for 2023, is the largest ever issued by the NDPC.
Olatunji explained that the penalty was aggravated due to the bank’s lack of cooperation and dismissive attitude during the investigation. He emphasized the importance of data protection compliance, noting that penalties for non-compliance can range from N10 million to up to two percent of an organization’s gross earnings.
“Since we began enforcing data protection regulations, this is the most significant penalty we’ve issued,” Olatunji stated. “Fidelity Bank’s violations were serious, and despite working with them since April 2023 to address these issues, their arrogance ultimately led us to impose the full penalty.”
The NDPC has given Fidelity Bank 14 days to pay the fine upon receiving the notice. This action underscores the commission’s commitment to enforcing data protection laws and holding organizations accountable for safeguarding customer data.
