Safaricom - 2020 Sustainable Business Report

39 INTRODUCTION OUR BUSINESS OUR MATERIAL TOPICS OUR STAKEHOLDERS CONCLUDING REMARKS Building regulatory resilience We are committed to making a positive contribution to our industry and Kenyan society as a whole by operating within the boundaries of a fast-evolving regulatory environment. Our commitment to remain compliant calls for us to continuously expand our ecosystem engagement and build lasting influence with a growing number of stakeholders. Several external economic, political and regulatory issues continue to shape and shift the regulatory landscape for Safaricom. The impact of these external forces directly impacts our ability to sustainably meet our business objectives, and provides definition in the way we hope to do business in the future. To ensure that we remain compliant with regulatory requirements, we regularly assess our processes against all applicable laws and regulations on an ongoing basis. We also engage with our regulators proactively on all issues through a variety of channels (please see the Stakeholders section on page 56 of this report for further information regarding these important relationships. Quality of Service (QoS) compliance register FY20 FY19 FY18 FY17 No. of fines for non-compliance 0 0 0 1 Cost of fines for non-compliance (KSh million) 0 0 0 294 Non-monetary sanctions for non-compliance 0 0 0 0 Legal actions lodged for anti-competitive behaviour 0 0 0 0 Data Protection Act A key highlight of the year was the introduction of new legislation around customer privacy. As a fundamental human right, privacy has become a key focus areas as technologies continue to evolve and demand for personalised data soars. Safaricom is committed to ensure that all customer data remains protected from misuse, and the company has adopted its own robust means of ensuring that global standards of data protection were proactively implemented. The Data Protection Act of 2019 was signed into law by the President of the Republic of Kenya in November 2019. The Act has introduced a set of customer privacy and personal information protection laws and established the Office of the Data Protection Commissioner to oversee and manage the rights of data subjects and obligations of data controllers and processors. While the Act is still in its implementation phase and a new Data Protection Commissioner is in the process of being appointed, the Act represents a significant, positive step forward for the country. By legislating clarity and certainty regarding the collection and use of personal information, the Act will foster an environment of trust that allows innovation and progress to flourish. Safaricom participated extensively in the engagement sessions during the public participation phase and we are satisfied that our views have been reflected in the enacted laws. We have also created a Data Protection department to review our processes and policies and ensure that we are compliant with all regulations in this regard (please see the Risk Management section on page 34 of this report for further detail regarding the department and its activities). As part of our ongoing commitment to the SDGs, we continue to work with our regulators to provide universal and affordable access to all (SDG 9) reducing the digital divide (SDG 10). As a company we are also committed to ensuring that we are 100 per cent compliant with all applicable regulations and legislation (SDG 12).