KEMBAR78
Fintech and Data Protection | PDF | Finance & Money Management | Financial Technology
Scribd
Upload
89 views12 pages

Fintech and Data Protection

Through the Lens of Data Protection – Fintech and Privacy in Nigeria discusses the growth of fintech in Nigeria and issues around data protection. It notes that there are over 200 fintech companies in Nigeria generating $543 million in revenue by 2022. However, many Nigerian fintechs are not compliant with the Nigeria Data Protection Regulation of 2019, with opaque data practices and a lack of proper privacy policies. The Central Bank of Nigeria has also attempted to regulate data sharing between fintechs and banks, but faces legal challenges. Overall adoption of fintech is increasing in Nigeria but data protection audit reporting and compliance remains low.

Uploaded by

Spit Fire
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
89 views12 pages

Fintech and Data Protection

Through the Lens of Data Protection – Fintech and Privacy in Nigeria discusses the growth of fintech in Nigeria and issues around data protection. It notes that there are over 200 fintech companies in Nigeria generating $543 million in revenue by 2022. However, many Nigerian fintechs are not compliant with the Nigeria Data Protection Regulation of 2019, with opaque data practices and a lack of proper privacy policies. The Central Bank of Nigeria has also attempted to regulate data sharing between fintechs and banks, but faces legal challenges. Overall adoption of fintech is increasing in Nigeria but data protection audit reporting and compliance remains low.

Uploaded by

Spit Fire
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Through the Lens of

Data Protection –
Fintech and Privacy
in Nigeria

By Olumide Babalola
On the invitation of the European Union,
Council of Europe, and African Network of
Data Protection Authorities at a Workshop on
Fintech and Data Protection on Wednesday, 3
February 2021
• September 2020 - Over 200 fintech standalone
companies, plus a number of fintech solutions
offered by banks and mobile network.
https://www.mckinsey.com/featured-insights/middle-east-
and-africa/harnessing-nigerias-fintech-potential

• US$543m by 2022 in revenue, driven by increasing


Fintech in smartphone penetration and its unbanked
population. https://eiuperspectives.economist.com/fina

Nigeria: The ncial-services/state-play-fintech-


nigeria#:~:text=Nigerian%20fintechs%20are%20branchi
ng%20out,help%20merchants%2C%20businesses%20a

Numbers nd%20consumers.
• COVID-19 - Nigerian start-ups are capitalising on this
shift, raising $747m last year, according to Partech
African. https://www.thebanker.com/Transactions-
Technology/Nigeria-s- fintech-scene-booms-despite-
economic-woes
Estimated Data
Subjects:
• 62% of customers will use mobile
applications to access financial
services within the next 5 years. -
PWC 2017 FinTech Survey Report

• 50 million (estimated) fintech


customers.
https://gomedici.com/56-fintech-
companies-nigeria-extending-
access-to-financial-products-for-
inclusive-growth
Central Bank of Nigeria’s
Consumer Protection
Framework 2016 (Clause
Data 2.6.2(2)
Protection: • Express permission of
Regulator’s customer
• Confidentiality
attempt • Safeguard privacy
• Shared when required by
regulatory bodies
Regulator’s Sell Out
• August 2020 – Central Bank to
order banks to share customers
data with fintech

• Clause 2.6.2(3) Consumer


Protection Framework –
Consent ought to be obtained in
writing.

• Suit No. FHC/AB/76/2020 DRLI


v CBN (pending)
Regulator’s Damage control
• Central Bank’s Framework For Regulatory Sandbox Operations
(January 2021)
• Scope (the processes and procedures for analyzing, collecting,
updating, integrating, and storing of consumer data and
information.)
• Review breaches data security and confidential requirements
• Extra requirements related to the participants Fintech company
handling and protecting of consumer data
• Redress mechanism
Nigerian
Fintechs & Data
Protection
Opaque Data Protection
Practices.

Non-compliant with
Nigeria Data Protection
Regulation 2019
Privacy “Policy” is only for Online
Visitors
No description of data processed

No Information on Sharing with Third


Parties
No DPO

No DS Rights & Remedies

Software Apps X
• Regulation 4.1(7):

On annual basis, a Data Controller


Nigeria Data who processed the Personal Data of
more than 2000 Data Subjects in a
Protection period of 12 months shall, not later
than the 15th of March of the following
Regulation year, submit a summary of its data
protection audit to the Agency. The
data protection audit shall contain
information as specified in 4.1(5).
365 Data
Controllers
Financial
filed Data
Sector –
Protection
NDPR Compliance
36.3%
Audit
Performance
Report Low
(2019-2020) Fintechs –
compliance
with data
less than 5%
protection
obligations
Conclusion
Thank you!

You might also like