Risk.net

FSA fines HSBC insurance businesses £3 million for data security failings

  • David Benyon
  • LinkedIn  
  • Save this article
  • Print this page  

LONDON - The Financial Services Authority (FSA) has fined three firms from within the HSBC banking group more than £3 million for having inadequate systems and controls to protect their customers' confidential data.

The UK regulator says the failure to protect information from being lost or stolen contributed to customer data being lost in the mail on two occasions. HSBC Life UK was fined £1.6 million, HSBC Actuaries and Consultants was fined £875,000 and HSBC Insurance Brokers was fined a further £700,000.

During its investigation the FSA said it found large volumes of unencrypted or otherwise unprotected customer data was sent via post or courier to third parties. Other data was left vulnerable to loss or theft on open shelves or in unlocked filing cabinets. Internal members of staff were also found to be insufficiently briefed on the resultant risks of identity theft.

The three units were judged to have failed to put adequate procedures, systems or controls in place to manage financial crime risks, despite a warning in July 2007 from HSBC Group Insurance's compliance team. The following February, HSBC Life lost in the post an unencrypted CD containing the details of 180,000 policyholders.
  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

Copyright Infopro Digital Limited. All rights reserved.

You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/

If you would like to purchase additional rights please email [email protected]

Copyright Infopro Digital Limited. All rights reserved.

You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/

If you would like to purchase additional rights please email [email protected]

More on Regulation

Risk Management

Most read on Risk.net

  1. Derivatives pricing starts feeling the heat of climate change
  2. Archegos report details margin failings at Credit Suisse
  3. People moves: Credit Suisse taps Goldman for new CRO, and more
  4. Federal tough legacy fix gives nod to alternative rates
  5. Building forward-looking scenarios: why you’re doing it wrong

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: