By 
Fidelity Bank has strongly denied the allegations of data privacy violations and disputed the N555.8 million fine imposed by the Nigerian Data Protection Commission (NDPC). The bank insists that it has adhered to the highest ethical standards and fully complied with data protection laws.
In a statement released on Wednesday, Meksley Nwagboh, the Divisional Head of Brand and Communications at Fidelity Bank, emphasized that the bank “conducted itself with the utmost integrity, ensuring full compliance with all relevant data protection regulations.”
The NDPC announced the fine on Wednesday, stating that it was imposed due to the bank’s alleged violation of data privacy laws. Vincent Olatunji, the National Commissioner of the NDPC, remarked that the bank’s “arrogance ultimately led us to impose the full penalty.”
Fidelity Bank, however, contested the claim, clarifying that an internal investigation was conducted following the alleged data breach. The bank explained that an online account opening request was received, but the account never became operational due to incomplete documentation. The bank further stated, “We carried out due diligence by immediately blocking the account and subsequently closing it when the required documents were not provided.”
The bank detailed the timeline of the events, noting that on April 30th, 2023, it received a notice of investigation from the Nigerian Data Protection Agency (NDPA), now the NDPC. The investigation was triggered by a complaint from an individual whose details were allegedly used to open an account without their consent.
In response, Fidelity Bank launched an internal investigation and discovered that the account opening request was submitted online, and the associated email address was promptly notified. In accordance with the bank’s Data Protection policy, accounts opened online without complete documentation are restricted from being operational and are closed after 30 days if the necessary documents are not provided.
The bank confirmed that the account in question was immediately placed on a ‘Post No Debit’ status, pending the submission of outstanding documents for verification. As these documents were never provided, the account was eventually closed.
Fidelity Bank also highlighted its cooperation with the NDPC, stating that on May 2nd, 2023, the bank responded to the commission, asserting that no data breach had occurred and that the account opening process was never completed. Despite this, the NDPC proceeded with imposing the penalty.
The bank noted that during a Pre-Action meeting with the NDPC on July 7th, 2023, it reiterated its position and provided evidence to support its claim. However, the NDPC concluded that the fine would still be imposed. On December 5th, 2023, Fidelity Bank received a letter from the NDPC demanding a payment of N250 million within 21 days, which was later increased to N555.8 million in a subsequent letter received on August 20th, 2024.
Fidelity Bank has expressed its intent to continue engaging with the NDPC, maintaining that it has not breached any data protection laws or regulations. The bank remains firm in its stance that the account in question was never operational, and all necessary precautions were taken to prevent any data breach.
Comments