Central Bank Now Admits Ordering Banks to Collect Private Details on Clients

The confusion over who instructed banks to profile their clients by collecting personal information has finally been cleared, by the National Banks of Rwanda (BNR), whose senior officials had initially denied any involvement.

The Central bank Governor John Rwangombwa said Thursday that he had sanctioned the exercise due to security concerns and purposes of using big data for planning and informed policy-making.

Rwangombwa spoke after presenting the Monetary Policy and Financial Stability Statement at Kigali Convention Center. He said the program is meant to provide as much information to allow “making policies that are based on facts.”

Another delicate motivation of this policy was security – as a result of the recent terror incident in Kenya, where three of the major local banks come from; Equity Bank, Kenya Commercial Bank (KCB) and Commercial Bank of Africa (CBA).

On February 15, The Chronicles broke the story (READ HERE) about the collection of intrusive details on clients which had been launched by Equity Bank. We were told the directive came from the central bank.

However, Edward Karamuzi, the central bank’s director of banking supervision, refuted the information.

He said, “Collecting information is a responsibility of the banks. They may need to know as much information as possible about their clients to help them develop new products. But they have to explain to their clients why they want that information.”

Today, there was change of the narrative and from a different official. Peace M. Uwera, the Executive Director of Financial Stability at Central Bank said indeed the case in Kenya gave a profound reason why banks need to keep detail profiles of their clients.

She said the Kenyan scenario, where evidence emerged later that the terrorist attack had been financed by money from a client whose profile was unclear.

Key suspects withdrew large sums of money which were wire to South Africa and Somalia. In one intriguing case, a suspect got money from
Diamond Trust Bank without an account in the bank.

The commercial banks and the central bank were both reluctant to admit that the gathering of personal details had been a directive from their regulator, even though the move has convincing reasons.

Prospective and all existing ones are being handed papers titled ‘Customer Updating Information Form’ which they have to fill up.

The existing clients are also being sent SMS to show up to provide more details about themselves. Some clients have received phone calls from bank staff.

Under the previous arrangement, clients gave basic information to open an account including national ID and personal address.

Some of what the new form requires includes the social security number, social economic category or Ubudehe and how much you earn if employed.

The details being asked for are similar to those demanded by the Rwanda National ID issuing agency for you to get an ID.

Some clients are already expressing privacy fears at the unprecedented level of intrusion.

The fear for intrusion, it has emerged, might prompt clients to provide inaccurate information, of which if happens, will cause wrong decision making as opposed to the initial intent.

Central Bank’s Uwera said indeed the risk is obvious, but it is equally an advantage to conduct the exercise whatsoever.

She said some other tools will be employed to verify the information provided or at least analyze the existing information such as one’s income patterns and comparing it to one’s declared social status.

If at all the bank finds that the declared social status does not match with say, the revenue streams on one’s account, the client will be questioned or a basis for raising a red flag will be considered.

The Deputy Governor, Monique Nsanzabaganwa, for her part explained that this is an era of big data, where robust policy formulation requires extensive data.

Thus, she said, this exercise is meant to begin a process which will provide, at a later stage, a centralized data collection system, with the contribution of different institutions.

In not a so far period, the system will have all the data being collected to day and tools to collect more, efficiently.

Privacy concerns are not on the negotiation table.

The clients who spoke to The Chronicles expressed reservations over the program.

“They called me on the phone, asking I answer the questions on the form. I found some of the questions too sensitive. I cannot give out such personal information,” said Gilles Uwimpaye.

“How does the number of people I live with and care for concern them?”

Another Equity Bank client sees no problem with the new details. “Yes, they are asking so much personal information but it is not even necessary to fill it. For some personal information I told them ‘I don’t know’…,” he said.

Hours after The Chronicles released the February 15 story, we received numerous messages via Twitter from people who said they were clients of different banks and had all been asked to fill up the new details.