The Nigeria Data Protection Commission (NDPC) has launched a probe into banks, insurance firms, pension companies, gaming operators and brokers suspected of breaching the Nigeria Data Protection Act (NDPA) 2023.
Head of Legal, Enforcement and Regulations at the NDPC, Babatunde Bamigboye, said on Monday in Abuja that compliance notices had already been issued to some organisations.
According to him, the affected firms must, within 21 days, show evidence of filing their 2024 NDPA compliance audit returns, appointing a Data Protection Officer, and putting in place adequate technical and organisational safeguards. They are also required to show proof of registration as data controllers or processors of “major importance.”
Bamigboye warned that any firm that fails to comply risks enforcement orders, administrative fines or even criminal prosecution.
He stressed that the NDPC would not relent in building a culture of accountability and trust in Nigeria’s data protection ecosystem while protecting citizens’ rights and strengthening the digital economy.
