KDPA s.40 grants the right to have personal data erased. The Suite implements this as anonymisation in place — every PII column is overwritten with cryptographic null and the member ID is replaced by a hash, but the transaction ledger is preserved because POCAMLA mandates 7 years.
Right-to-erasure wizard runs from the member form.
What the erasure wizard actually does
Field
Before
After
name
Jane Wambui
MEMBER-9c4a8e7b
id_number
12345678
(null)
phone, mobile
+254 712 345 678
(null)
email
jane@example.com
(null)
date_of_birth
1985-04-12
(null)
address fields
House 12, Eldoret
(null)
photo, signature
BLOB
(deleted)
biometric template
BLOB
(deleted)
next_of_kin
Peter Wambui
(null)
transaction history
intact
intact (linked to hash, no PII visible)
Preconditions before erasure runs
No active loans (member must clear or write off all loans first)
No outstanding balance (positive or negative) on any savings account
No open AML investigation, suspicious activity report, or court order
Member has signed the erasure request (or it came through iBANK with OTP)
DPO has reviewed and counter-signed
Compliance has confirmed no statutory hold (e.g., active CTR window)
The erasure wizard
Member files request via iBANK or DPO opens a case