Mr. Babatunde Bamigboye, head of Legal, Enforcement and Regulations Lead at the NDPB announced the development in a statement made available to News Direct on Tuesday.
The statement said, “Nigeria Data Protection Bureau (the Bureau) has commenced investigations into reports of breach of data privacy involving two major data controllers in Nigeria, namely, Wema Bank PLC and KC Gaming Networks (Bet9ja). This is in line with Section 37 of the 1999 Constitution and the provisions of Nigeria Data Protection Regulation (NDPR) 2019 – particularly Articles 2.1(2)-(3), 2.6 and Article 4 of the NDPR.
“It will be recalled that sometime in May 2022, some customers of Wema Bank PLC complained of breach of their rights to data privacy and protection by the bank. This data processing, according to the complaints against the bank, involves using their personal data to open accounts. The bureau is also investigating report of breach of data privacy at KC Gaming Networks. The breach in this case involved alleged external attack on the KC Gaming Networks.
“At this stage, the objectives of these investigations as directed by the national commissioner/CEO of the bureau, Dr. Vincent Olatunji, are to determine the impact of the breaches on the affected data subjects and the remedial actions taken by the concerned data controllers. The bureau assures members of the general public that it would ensure proper accountability of the data controllers in the ongoing investigations.”
News Direct had reported that several customers of Wema Bank accused the financial institution of conducting illegal banking practice in the country.
They said they discovered that the bank and its agents had been opening unauthorised accounts for customers with information or data in the bank’s possession.
According to them, the financial institution, led by Ademola Adebise, has allegedly been opening accounts for some Nigerians on its digital banking platform, ALAT, without their knowledge or consent in a bid to celebrate its 5th anniversary.
In a chat with News Direct on Friday, a journalist (names withheld) who had hitherto not had an account Wema, said that despite not operating any account with the bank, the lender opened an account on his behalf with information sourced from his BVN.
“I don’t have any account with Wema Bank but I was shocked when I began to receive messages from them via the email linked to my BVN, informing me that my account was safe with them.
“I have contacted the bank to report the development but to no avail. They have continued to send same mail.
“This means someone is using my details for banking transactions. It’s fraud and I shall seek legal redress,” he said.
Following the report, the Consumer Protection Commission (FCCPC) queried the bank over the development.
In a tweet posted on its official handle on Friday, the commission said the situation was becoming widespread and should not be ‘secretly tackled’.
“Can Wema Bank comment publicly on the message that consumers without Wema Bank accounts are receiving across the country, allegedly from the bank? This situation is widespread and cannot be a DM issue anymore. Wema Bank has to come clean,” the tweet from the commission read.