Thursday , November 7 2024

Customer data leaks could spell doom for local banks

Juma Kisaame ( L ) and, Justine Bagyenda ( R )

BoU issued financial consumer protection guidelines in 2011 stating that financial institutions should not disclose customers’ information to third parties except in times under a court order or consent from the customer.

The guidelines also state that it is the duty of the financial institution to ensure that information relating to customersis secretly guarded.

But it seems no provisions in the Financial Institutions Act and other related laws are in place to enforce the guidelines.

Suing banks?

Richard Kimera, the team leader at the Consumer Education Trust told The Independent that though disclosing customer’s information is unethical and unprofessional, the trend could see banks sued for invasion of privacy and disclosure of their bank information especially to the information that is seen to compromise a customer’s privacy.

He says financial institutions should act and operate in a professional manner so as to win trust from their consumers.

“Banks can’t say that they protect the money more than the information,” he says. In neighbouring Kenya, the government through the Information, Communication and Technology Ministry, Cabinet Secretary Joe Mucheru has fronted the Data Protection Bill 2018 seeking to impose heavy fines and jail terms to employees and government agencies who leak private customer information to third parties.

Advertisement

Once the bill becomes law, according to Business Daily, the government proposes a five-year jail term or a fine of up to KShs5million or both in connection to incidents of leaking of customer information. This law, however, exempts government agencies sharing customers’ information.

The law, which among others targets banks and media groups, also proposes sweeping new rights for people to know how their data is used, and to decide whether it is shared or deleted by businesses.

The proposed law, seen as borrowing heavily from the West where data privacy concerns have seen firms sued by consumers including Facebook and Google, incurring heavy losses, will also see creation of the Office of the Data Protection Commissioner whose mandate will be to establish and maintain a register of data controllers and data processors as well as exercise control on all data processing operations.

Though the new chairperson of the Uganda Bankers Association, Patrick Mweheire, could not be reached for a comment, the Association had earlier expressed concerns over the negative publicity that was arising from these incidents.

The Association said negative publicity could undermine confidence in the industry and cause panic to the public—a development that could hurt the economy.

The Association said the industry has over the last couple of years witnessed overall growth with month end deposit balances averaging Shs20trillion from Shs14.7trillion in 2015, with liquidity instruments (cash or near cash) above  Shs7trillion and bank accounts now close to 11 million up from 6 million in 2015 due to increased customer confidence.

Leave a Reply

Your email address will not be published. Required fields are marked *