![](https://566448.40t4n.group/wp-content/uploads/2025/01/Dr-Machengete.jpg)
BANKS have been challenged to comply with the Cyber Data Protection Act (CDPA) and other related security statutes to effectively guard against customers’ personal information and regain their trust.
Participants at the second edition of the Postal and Telecommunications Regulatory Authority of Zimbabwe (Potraz) Data Privacy Symposium that is underway in Victoria Falls expressed concern over safety of their data in financial institutions.
They felt that while banks had invested in outward security where clients have to jealously guard against sharing their personal details to third parties, banks had not done enough to security-proof their systems as most information, mostly to fraudsters and card cloners leak from within.
Potraz director general, Dr Gift Machengete, urged banks to have an inward looking strategy saying customers were sceptical about the safety of their personal data in banks hence the financial institutions should make sure they protect them.
He was speaking during a question and answer session following a panel discussion on: “Putting the Customer First: Challenges and Opportunities for the Banking Industry in the Age of Data Protection”.
The session was moderated by Advocate Komborerai Manenji while the panel of data protection officers and bankers included Ms Violet Bayiwa who is head of compliance at Steward Bank, Mr Collins Mutambira, the head of compliance FBC, Ms Moira Chipandu, head of compliance at NMB and Ms Farirai Machawira from CABS.
The panelists concurred on the need for banks to comply with the Cyber Data Protection Act but at the same time serving the client needs.
“Banks should balance between protecting data and delivering service to customers.
“The banking landscape is ever evolving and new technologies are coming up with alternative banking systems. So, as banks we must comply with the CDPA.
“Yes we can talk about the cost of compliance but there is also a cost for non-compliance,” said Mr Mutambira.
He said failure to comply could attract financial penalties, legal and reputational risks, especially if banks do not keep data in a private manner.
Ms Muchawira said compliance would build trust.
“We stand on what we know as data protection officers and we need to appreciate why we need to enhance privacy.
We need customers’ trust now. It is very important for us to familiarise with the legislation and be prepared to train at a higher level for compliance.
“Banks should embrace customer human rights,” she said.
Ms Chipandu concurred saying trust is key because all banks subscribe to consumer protection.
“Banks need to constantly protect customers and constantly communicate with them because data subjects need to be updated through effective communication,” she said.
“We need to be innovative in terms of how we put across our information.”
Another data protection officer, Ms Bayiwa said there is a need to understand the laws of the land and ensure information is protected.
She said everyone has a right to control personal information and banks should also play a part.
Banks collect personal data when people open personal banking accounts and through the “Know Your Customer service.”
There was consensus on the need to raise awareness and educate both employees and clients on data protection.
Those from the banking sector said they sign a declaration of confidentiality, which is renewed annually highlighting new trends. They said most banks now verify identity documents through direct connection with the Civil Registry Office.
Risks in the banking sector, which clients are afraid of include card cloning and identity theft.
A representative from the Central Bank said there was room for improvement urging banks to embrace new systems such as Zeepay that allow validation of data.
He reiterated the need for all banks to comply and balance between compliance and service and not to inconvenience customers.
The symposium, which started on Tuesday is being attended by the data protection ecosystem including policy makers, regulators, business, academics, researchers, bankers, security services and others in the information communication technology departments of organisations. — Victoria Falls Bureau