The Nigeria Data Protection Commission (NDPC) has commenced an investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank, and other entities.
In a statement issued on Sunday, Mr. Babatunde Bamigboye, Head of Legal, Enforcement & Regulations at the NDPC, confirmed that a formal Notice of Investigation was served on April 1, 2026, in line with statutory procedure. He noted that relevant parties have begun providing information to assist the probe.
According to the Commission, the investigation will examine the categories of personal data involved, the nature and scope of the alleged breach, risks posed to data subjects, and mitigation measures undertaken where breaches are established.
Dr. Vincent Olatunji, National Commissioner and CEO of the NDPC, further directed that organisations operating digital payment systems without adequate safeguards, as required under the Nigeria Data Protection Act, 2023 (NDP Act), will be reviewed as part of broader regulatory efforts to strengthen the integrity of Nigeria’s digital payment ecosystem.
The NDPC reiterated that the inquiry is aimed at protecting users’ personal data and ensuring compliance across the fintech and banking sectors. This marks another high‑profile regulatory action by the Commission, following its February 2026 inquiry into Temu, a global e‑commerce platform, over alleged violations of the NDP Act. Preliminary findings in that matter suggested Temu processes the personal data of approximately 12.7 million Nigerians.
The Commission emphasized that its actions reflect a commitment to accountability, transparency, and enforcement of ethical standards in Nigeria’s rapidly expanding digital economy.
… NDPC Probes Alleged Data Breach Involving Remita, Sterling Bank and Others … Naijaonpoint.
