NDPC Probes 1,369 Firms Over Violations

Jumoke Salako02 mins
NDPC Probes 1,369 Firms Over Violations

Nigeria’s data protection regulator has launched a sweeping sector-wide investigation into 1,369 domestic firms. The Nigeria Data Protection Commission suspects the targeted entities of systemic non-compliance with statutory privacy laws. The massive enforcement operation puts several prominent digital banks, insurance brokers, and gaming firms under intense regulatory scrutiny. It represents the largest coordinated crackdown on corporate data handling in the country’s history. Millions of citizens face severe identity and financial exposure due to these corporate lapses.

The multi-industry audit focuses heavily on the country’s rapidly expanding financial services sector. Out of the flagged entities, 1,233 are banking institutions, pension managers, and insurance companies. Prominent financial technology brands like Moniepoint and Pocket by PiggyVest must now defend their internal data architectures. The commission gave all affected corporations a strict 21-day window to prove compliance. This aggressive push follows an earlier, severe 766 million naira fine levied against Multichoice Nigeria for similar privacy infractions.

Regulators demand immediate verification of critical statutory requirements from the corporate offenders. Each firm must present formal evidence of filing their mandatory 2024 compliance audit returns. They must also prove the formal appointment of a qualified Data Protection Officer. Furthermore, the commission requires a comprehensive breakdown of the technical safeguards used to secure customer data. Companies failing to satisfy the inquiry face catastrophic penalties. The law permits fines of up to two per cent of a firm’s gross annual revenue.

The scale of the investigation highlights severe systemic vulnerabilities within national digital infrastructure. Threat actors increasingly deploy highly sophisticated, cross-platform tactics to exfiltrate bulk public information. This regulatory dragnet coincides with fresh investigations into separate breaches at the Corporate Affairs Commission, Remita, and Sterling Bank. The frequent compromise of interconnected corporate registries and payment gateways poses a massive risk to economic stability. The regulator warns that corporate negligence actively invites predatory international hacking syndicates into the domestic market.

Independent industry analysts express deep skepticism regarding the watchdog’s actual enforcement capacity. The commission currently lacks the specialized manpower to thoroughly review over one thousand complex corporate submissions simultaneously. This operational bottleneck makes the rigid 21-day deadline look highly impractical to technology experts. Nevertheless, the public naming of major corporate entities signals a sharp departure from previous, quieter regulatory methods. The administration intends to use aggressive enforcement to shock corporate Nigeria into taking customer privacy seriously.

Related posts:

  1. Nigeria’s Data Watchdog Opens Investigation Into Temu Over Alleged Data Violations
  2. Over 60 Nations, Including Nigeria, Target Deepfake Proliferation
  3. Global Report Warns Of Rapid Rise In AI-Driven Identity Fraud
  4. NDPC Shuts Network Following 1,500 Cyberattack Attempts
  5. Telecom Firms Spend N2.5tn on Network Upgrades
  6. Anthropic Valuation Surges to $965bn Overtaking OpenAI