Fidelity Bank has disputed data breach allegations levelled against it by the Nigerian Data Protection Commission (NDPC).
In a statement on Wednesday, a spokesman for the bank, Meksley Nwagboh, said no data law was violated to warrant the imposition of a N555.8m by the commission.
The NDPC had alleged that the bank violated some customers’ data and imposed a fine on the financial institution.
The commission said Fidelity Bank breached the Nigeria Data Protection Regulation (NDPR) of 2019 and the Nigeria Data Protection (NDP) Act of 2023.
The commission also blamed the bank’s lack of cooperation during an investigation before arrival at the penalty.
However, the bank said it conducted itself to the highest ethical standards by ensuring full compliance with extant laws on data protection.
“As a Bank, we remain in discussions with the NDPC over an amicable resolution to this matter,” Nwagboh said in a statement.
Fidelity Bank gave a breakdown of its dealings with the NDPC on the matter thus:
“On April 30th, 2023, we received a notice of investigation from the Nigerian Data Protection Agency (NDPA), now the Nigerian Data Protection Commission (NDPC). The investigation was in respect of a complaint from [name has been withheld to protect the identity of the complainant] who claimed that [name withheld] details were used to open an account in the bank without [name withheld] consent.
“Based on this notice, we conducted an internal investigation into the circumstances around the claim and discovered as follows:
o An account opening request was received online in the name of [name withheld], and an email was sent to the email address attached to the request informing them about this.
“In compliance with our Data Protection policy, accounts created online without full documentation are not allowed to be operational and are closed after 30 days if the outstanding documents are not provided to authenticate the identity of the person seeking to open the account.
“In compliance with our data protection laws, the account was not allowed to be operational as the passport photograph and BVN were not provided.
“However, despite our explanation and evidence provided to support our claim, the agency informed us that they had reached a conclusion to impose a penalty on the bank.
“On 5th December of 2023, we got a letter from NDPC demanding we pay a ‘remedial fee’ of N250 million within 21 days.
“We immediately commenced another round of engagements with the Commission as we were convinced, we had not breached any extant law or regulation.
“While discussions were still ongoing with the NDPC, we received another letter on the 20th of August demanding that we now pay N555.8m naira.”
