The Bank of Industry (BOI) has been awarded the ISO/IEC 27701:2019 certification for Privacy Information Management Systems (PIMS).
This certification, issued by the British Standards Institution (BSI), a globally recognised authority in auditing and certification, extends the bank’s existing ISO/IEC 27001:2022 certification, which was first obtained in 2019.
ISO/IEC 27701:2019 is an international privacy standard and aligns with the General Data Protection Regulation (GDPR), Nigeria Data Protection Regulation (NDPR), and other global privacy requirements. By attaining this certification, BOI has demonstrated that it operates a structured framework to manage, process, and safeguard sensitive data relating to customers, employees, and third parties.
The framework enforces strong privacy controls, integrates privacy management into information security practices, and defines clear roles and responsibilities for data protection.
BOI is the first Development Finance Institution (DFI) and second bank in Nigeria to achieve the ISO/IEC 27701:2019 certification. This milestone reflects the bank’s commitment to global best practices in privacy and security.
Speaking on the achievement, the managing director/chief executive officer (CEO) of BOI, Dr. Olasupo Olusi, stated, “This certification represents a proactive commitment to privacy management. It reinforces trust in our ability to protect the data of customers, partners, and stakeholders while meeting the highest international standards.”
He noted that the certification scope covers the full lifecycle of Personally Identifiable Information (PII), including collection, storage, processing, sharing, and disposal. As both a PII Controller and Processor, BOI has embedded comprehensive privacy controls across its physical and digital infrastructure.
This recognition enhances BOI’s credibility and positions it as a leader in privacy information management within Nigeria’s banking and development finance sector.
