The National Data Protection Commission (NDPC) has imposed a substantial fine of N555.8 million on Fidelity Bank for violations related to breaches of customer data.
The announcement was made by the NDPC’s National Commissioner, Vincent Olatunji, during a Validation Workshop on the Nigeria Data Protection Act General Application and Implementation Directive held on Wednesday in Abuja.
According to Olatunji, the fine was levied due to the bank’s breach of the Nigeria Data Protection Regulation (NDPR), 2019, and the Nigeria Data Protection (NDP) Act, 2023.
The penalty, which amounts to 0.1 percent of Fidelity Bank’s annual gross revenue for 2023, is the highest ever imposed by the commission. Olatunji highlighted that the bank’s non-cooperation and perceived arrogance during the investigation aggravated the fine.
Olatunji emphasized the importance of data protection compliance and warned that non-compliance would be met with penalties. He stated that the commission typically considers the severity of the breach, the number of affected data subjects, and the level of cooperation from the organization when determining fines.
“Since we started, the major penalty we issued was yesterday on Fidelity Bank. For the violation of the NDP Act, 2023, and the NDPR, 2019, we issued a fine of N555.8 million, and they have to pay,” Olatunji said.
He added that the bank must pay the fine within 14 days of receiving the notice.
Further details on the situation and the bank’s response are expected to emerge.