Privacy watchdog, Nigeria Data Protection Bureau (NDPB), appears to have opened investigations into complaints by customers of Wema Bank alleging that their data have been used without their consent to open accounts via the ALAT app – the digital banking platform of the bank.
Wema Bank is being accused by some of its customers to have opened the digital accounts using their data without authorisation to enable the bank meet its “a million account in one day” target as part of its 5th anniversary.
Media reports are quoting Wema Bank in a mail claiming that the unauthorised accounts were opened for certain persons “to celebrate with us.” The actual number of unauthorised accounts opened is not known.
Under the Nigeria Data Protection Regulation (NDPR), the country’s principal data protection legislation, consent of a data subject is required before a data controller is allowed to use such data outside of the original intent.
Under the law and if found guilty, Wema Bank risks hefty fines.
Illegal use of customers data to open unauthorised accounts usually attract regulatory sanctions. In the United States, Wells Fargo was accused of opening 1.5 million accounts without authorisation via over 565,000 credit cards applied for, allegedly without customers consent. Authorities fined the bank $185 million for this infraction.