FG expands probe to include Sterling Bank, Remita, and Temu

Nigeria’s data protection regulator is widening its crackdown on digital privacy violations, with investigations now extending beyond loan apps to major platforms like Sterling Bank, Remita, and Temu.

The National Commissioner of the Nigeria Data Protection Commission, Vincent Olatunji, disclosed this during a media chat in Abuja, framing it as part of a broader push to rein in widespread misuse of Nigerians’ personal data, especially by fast-growing digital lenders.

At the centre of the probe are so-called “loan sharks”, instant loan platforms that promise quick cash but often demand intrusive access to users’ phones. According to Olatunji, many of these platforms go far beyond acceptable data use, harvesting contact lists, sharing personal images without consent, and sending threatening messages to borrowers’ friends and family in attempts to recover debts.

That pattern, he suggested, is not just unethical, it’s illegal.

While enforcement actions against loan apps have been ongoing, the inclusion of larger platforms signals a shift. It suggests regulators are now looking at the broader digital ecosystem, where banks, fintech infrastructure providers, and global apps all handle sensitive user data at scale.

For now, the NDPC says it is following due process, inviting companies, reviewing submissions, and allowing them to respond before making final determinations.

A deeper problem: convenience vs. consent

The investigation highlights a growing tension in Nigeria’s digital economy: users want speed and access, but often trade away privacy without realising it.

Olatunji pointed out that many borrowers unknowingly grant sweeping permissions simply by skipping the fine print in loan agreements. Once access is granted, some lenders exploit it aggressively, weaponising personal data to pressure repayments.

“This is not peculiar to Nigeria,” he noted, describing it as a global issue tied to digital lending models.

Still, Nigeria’s regulatory framework is becoming more assertive. Agencies like the Federal Competition and Consumer Protection Commission, Central Bank of Nigeria, Nigerian Communications Commission, and National Information Technology Development Agency are increasingly coordinating oversight of digital lenders and data processors.

The NDPC insists that any loan platform operating in Nigeria must be properly licensed and comply with strict privacy standards.

As for the companies already under investigation, outcomes are still unfolding. The commission says it has decided in the case involving Sterling Bank, while Temu’s review is ongoing after the company requested more time.

For everyday users, the message is straightforward: read before you click, and understand exactly what access you’re giving away, because in Nigeria’s fast-moving digital economy, your data is often the real currency.

Similar read: Lafarge Ex-CEO and staff convicted of financing terror in Syria