The Bank of Industry (BoI) has been awarded the ISO/IEC 27701:2019 certification for Privacy Information Management Systems (PIMS).

The certification, issued by the British Standards Institution (BSI), a globally recognised authority in auditing and certification, extends the bank’s existing ISO/IEC 27001:2022 certification, which was first obtained in 2019.

ISO/IEC 27701:2019 is the leading international privacy standard and aligns with the General Data Protection Regulation (GDPR), Nigeria Data Protection Regulation (NDPR) and other global privacy requirements.

By attaining this certification, BoI has demonstrated that it operates a structured framework to manage, process, and safeguard sensitive data relating to customers, employees and third parties.

The framework enforces strong privacy controls, integrates privacy management into information security practices, and defines clear roles and responsibilities for data protection.

BoI is the first Development Finance Institution (DFI) and second bank in Nigeria to achieve the ISO/IEC 27701:2019 certification. This milestone reflects the Bank’s commitment to global best practices in privacy and security.

Speaking on the achievement, Dr Olasupo Olusi, Managing Director/Chief Executive Officer of BOI, stated: “This certification represents a proactive commitment to privacy management. It reinforces trust in our ability to protect the data of customers, partners, and stakeholders while meeting the highest international standards.”

The scope of the certification covers the full lifecycle of Personally Identifiable Information (PII), including collection, storage, processing, sharing, and disposal. As both a PII Controller and Processor, BoI has embedded comprehensive privacy controls across its physical and digital infrastructure.