The Nigeria Data Protection Commission (NDPC) has flagged 1,369 local firms for violating the Nigeria Data Protection Act (NDPA) 2023.
The probe covered critical industries including banking, insurance, pensions, gaming, and insurance brokerage, according to a statement signed by NDPC’s Head of Legal, Enforcement and Regulations, Babatunde Bamigboye.
He confirmed that the organisations have been issued compliance notices.
ALSO READ
The breakdown includes 795 financial institutions, 392 insurance brokers, 35 insurance firms, 10 pension operators, and 136 gaming companies. Each must submit evidence of compliance within 21 days or face sanctions.
The Commission stressed that compliance requirements include filing 2024 audit returns, appointing a Data Protection Officer, detailing security measures, and registering as a major data controller or processor.
Bamigboye said the move aligns with NDPC’s constitutional mandate to safeguard data rights while ensuring Nigeria’s trusted participation in regional and global markets.
He added that responsible handling of personal data is central to strengthening the digital economy and building confidence in Nigeria’s regulatory environment.
