Fintech

Kenya govt fines NCBA Bank for sending customer account statements to ex-wife

Oluwatosin Adeyemi December 7, 2024
Kenya govt fines NCBA Bank for sending customer account statements to ex-wife
       

The Office of the Data Protection Commissioner (ODPC) has fined NCBA Bank Kenya PLC hundreds of thousands of Kenyan shillings following Dr Bernard Shiaunda Aete's complaint that the bank was sending false and misleading loan statement information to a third party (his ex-wife) despite his repeated requests to remove her as an alternate contact.

The ODPC concluded that NCBA had broken the Data Protection Act by continuing to notify the ex-wife for eight months following his formal request for removal on April 4, 2023, violating his right to erasure and his right to object to data processing.

Read also: Premier Bank, Mastercard introduce Shari’ah-compliant card system in Kenya

The Commissioner mandated that NCBA pay KES 700,000 in compensation, which was divided into KES 200,000 for processing personal data unlawfully, KES 250,000 for violating the right to object, and KES 250,000 for violating the right to erasure.

Related Post:  Liquid Zambia, Zanaco partner to enhance access to digital banking

ODPC rejected the bank's defence 

The Commissioner rejected the bank's defence and directed it to make sure that any future information sent to the complainant regarding bank balances is accurate and current, despite NCBA's assertion that the ongoing notifications were caused by a technical glitch in their system's sync job between NQUEST and T24 platforms, which was ultimately fixed on January 16, 2024.

Recent enforcement proceedings against organisations for unauthorised use of personal data, including photos of kids without parental agreement, showcase the Office of the Data Protection Commissioner's (ODPC) dedication to protecting data privacy rights.

Related Post:  Cameroon sets August 2025 deadline for fintech firms to obtain licences

Financial institutions must understand that proactive steps are necessary to guarantee compliance with the Data Protection Act; technical mistakes alone are not enough to prevent data leaks.

Read also: M-PESA makes waves in Kenya with 34 million users milestone

About the Office of the Data Protection Commissioner 

Under the 2019 Data Protection Act, the Office of the Data Protection Commissioner was created as a data regulatory office.

To preserve individuals' privacy, the duty of the office is to regulate the processing of personal data and give data subjects the rights and remedies to prevent the processing of their personal data that does not comply with the Act.

Oluwatosin Adeyemi

I'm a passionate writer with proven years of experience.

Next Post

Telecommunication

Egypt launches eSIM: Telecom Egypt, Vodafone, Orange, and e& Egypt offer new service

Sat Dec 7 , 2024
       The four main telecom providers in Egypt—Telecom Egypt (WE), Orange Egypt, Vodafone Egypt, and e& Egypt—all began offering eSIM services […]
Egypt launches eSIM: Telecom Egypt, Vodafone, Orange, and e& Egypt offer new service

Related Posts

Top This week

Fintech Updates

Business Updates

Quick Links

Select Language

Click the Arrow beside your current Language below to Select a New one.

This will close in 10 seconds

techpression.com
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.