The National Data Protection Commission (NDPC) has imposed a record fine of N555.8 million on Fidelity Bank Plc for violating customer data privacy regulations.
This fine is the largest ever issued by the NDPC and represents 0.1 percent of the bank’s annual gross revenue for 2023.
Vincent Olatunji, the NDPC’s National Commissioner, disclosed the fine during a Validation Workshop on the Nigeria Data Protection Act’s General Application and Implementation Directive.
READ ALSO: Diezani’s associate acquitted of $1.6bn fraud
Olatunji stated that Fidelity Bank had breached both the Nigeria Data Protection Regulation (NDPR) of 2019 and the Nigeria Data Protection (NDP) Act of 2023.
Olatunji elaborated on the circumstances, noting, “The penalty was aggravated due to the bank’s lack of cooperation and dismissive attitude during the investigation.”
He highlighted the critical nature of data protection compliance and explained that penalties for non-compliance could range from N10 million to up to two percent of an organization’s gross earnings.
He further remarked, “Since we began enforcing data protection regulations, this is the most significant penalty we’ve issued. Fidelity Bank’s violations were serious, and despite working with them since April 2023 to address these issues, their arrogance ultimately led us to impose the full penalty.”
The Commission has given Fidelity Bank 14 days to pay the fine upon receiving the notice. This sanction reflects the NDPC’s commitment to upholding data protection laws and holding organizations accountable for protecting customer data.
