The Nigeria Data Protection Commission has directed banks, insurers, pension managers, and gaming companies to submit evidence of compliance with the 2023 Data Protection Act within 21 days — www.naijnaira.com reports.
According to The Nation, the order followed the Commission’s investigation into institutions suspected of breaching their legal responsibilities under the Act.
Organisations received Compliance Notices requesting proof of 2024 audit filings, details of their Data Protection Officer, a summary of safeguards in place, and evidence of official registration.
“This exercise is to ensure that organisations are not only aware of their obligations under the NDP Act but are taking steps to comply,” said Babatunde Bamigboye, NDPC Head of Legal, Enforcement and Regulations.
The Commission warned that names of defaulting organisations will be published in national newspapers beginning August 25, 2025.
Sections 6(d), 32, 39 and 44 of the Act outline data controllers’ duties, while Sections 5, 6, 46 and 47 empower the NDPC to enforce compliance.
Sanctions may range from enforcement orders to fines or criminal prosecution for severe violations.
The Act, signed in 2023, was designed to protect Nigerians’ personal data and align national standards with global practices.
Article updated 3 weeks ago. Content is written and modified by multiple authors.
