FSA fines HSBC insurance businesses £3 million for data security failings
HSBC is fined by the UK regulator over information security systems and controls failings in its insurance businesses
LONDON - The Financial Services Authority (FSA) has fined three firms from within the HSBC banking group more than £3 million for having inadequate systems and controls to protect their customers' confidential data.
The UK regulator says the failure to protect information from being lost or stolen contributed to customer data being lost in the mail on two occasions. HSBC Life UK was fined £1.6 million, HSBC Actuaries and Consultants was fined £875,000 and HSBC Insurance Brokers was fined a further £700,000.
During its investigation the FSA said it found large volumes of unencrypted or otherwise unprotected customer data was sent via post or courier to third parties. Other data was left vulnerable to loss or theft on open shelves or in unlocked filing cabinets. Internal members of staff were also found to be insufficiently briefed on the resultant risks of identity theft.
The three units were judged to have failed to put adequate procedures, systems or controls in place to manage financial crime risks, despite a warning in July 2007 from HSBC Group Insurance's compliance team. The following February, HSBC Life lost in the post an unencrypted CD containing the details of 180,000 policyholders.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Regulation
Foreign banks can swerve US Basel op risk capital charges
New proposal offers category III and IV banks op-out from regime, but intragroup trades penalised
BoE’s Bailey expects global consensus on FRTB internal models
Isda AGM: UK is reviewing proposals from US and EU regulators before finalising its IMA rules
DRW chief slams ‘ridiculous’ OCC stablecoin rule
Isda AGM: Wilson warns week-long redemption freeze would deter use of Genius Act coins as cash leg of tokenised repo
Dealers push for more revisions to Basel III endgame
Isda AGM: Goldman, JP Morgan bankers want changes on cross-product netting, CVA and default risk charges
StanChart: UK, EU should copy US ‘commercial’ Basel III
Isda AGM: Exec warns divergent Basel III rules will push trading into less-regulated entities
NBFI oversight ‘no longer adequate’, say BdF economists
Researchers call for stronger supervision of non-bank sector ‘before risks actually materialise’
Why Brexit still stirs up trouble for cross-border business
As EU erects another obstacle, banks consider ways around it – or exit strategies
Can US regulators keep Collins happy with one capital stack?
Legal experts say Basel III endgame redraft retains spirit if not letter of the floor
