Nigerian data regulator probes Sterling Bank, Remita over breach allegations

Nigeria's National Data Protection Commission has opened an investigation into Sterling Bank and payment processor Remita following allegations of a significant data breach affecting customer information. The NDPC confirmed the probe amid reports that sensitive financial data may have been improperly accessed or exposed, though the scope and timeline of the incident remain under review. Sterling Bank, one of Nigeria's tier-2 commercial banks, and Remita, a widely used payment platform operated by SystemSpecs, are central to the country's digital financial infrastructure. The investigation highlights mounting regulatory pressure on African financial institutions to strengthen cybersecurity practices as digital banking adoption accelerates across the continent. Nigeria's data protection framework, significantly strengthened by the 2023 Data Protection Act, has empowered the NDPC to impose substantial penalties for violations. Industry analysts say the case will test enforcement capabilities and could establish precedents for accountability in cross-platform data incidents involving banks and their technology partners. Both Sterling Bank and Remita have not issued detailed public statements on the investigation's specific allegations.