Fidelity Bank, a Nigerian institution, has come under scrutiny after being accused of violating data privacy regulations. The controversy began when a customer claimed the bank used their personal information without consent to open an account. Following an investigation, the Nigerian Data Protection Commission (NDPC) issued a ₦555.8 million fine, stating that Fidelity Bank had processed personal data without obtaining proper consent, particularly through its mobile app. However, the bank has firmly denied these allegations, asserting that no breach occurred and that the account opening process was never completed due to missing documentation.
The NDPC maintains that Fidelity Bank breached data protection laws by using third-party data processors who were also not compliant with regulations. The commission stated that the bank failed to provide an adequate remedial plan, despite repeated warnings and over ten correspondences between July and December 2023. According to the NDPC, the breaches involved improper use of tools like cookies and processing customer data without informed consent. Fidelity Bank was also criticized for not ensuring that its vendors adhered to proper data privacy standards.
In response, Fidelity Bank has argued that its internal investigation found no evidence of a data breach and emphasized that it takes data privacy seriously. The bank stated that it blocked and closed the account in question when the required documentation was not provided, ensuring that it was never operational. Fidelity Bank also expressed a willingness to continue discussions with the NDPC to resolve the issue amicably while reiterating its commitment to protecting customer data.
The outcome of this dispute has significant implications for Nigeria’s banking sector, particularly as it relates to data privacy compliance. If Fidelity Bank is found guilty, it could face further penalties and reputational damage. The case may also serve as a precedent for how other financial institutions handle personal data, prompting them to tighten their data protection practices to avoid similar legal challenges. As Nigeria’s digital economy grows, ensuring compliance with data privacy regulations will become increasingly important for businesses.
Reference:
