FSA fines HSBC insurance businesses £3 million for data security failings
HSBC is fined by the UK regulator over information security systems and controls failings in its insurance businesses
LONDON - The Financial Services Authority (FSA) has fined three firms from within the HSBC banking group more than £3 million for having inadequate systems and controls to protect their customers' confidential data.
The UK regulator says the failure to protect information from being lost or stolen contributed to customer data being lost in the mail on two occasions. HSBC Life UK was fined £1.6 million, HSBC Actuaries and Consultants was fined £875,000 and HSBC Insurance Brokers was fined a further £700,000.
During its investigation the FSA said it found large volumes of unencrypted or otherwise unprotected customer data was sent via post or courier to third parties. Other data was left vulnerable to loss or theft on open shelves or in unlocked filing cabinets. Internal members of staff were also found to be insufficiently briefed on the resultant risks of identity theft.
The three units were judged to have failed to put adequate procedures, systems or controls in place to manage financial crime risks, despite a warning in July 2007 from HSBC Group Insurance's compliance team. The following February, HSBC Life lost in the post an unencrypted CD containing the details of 180,000 policyholders.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Regulation
Hong Kong derivatives regime could drive more offshore booking
Industry warns new capital requirements for securities firms are higher than other jurisdictions
Will Iosco’s guidance solve pre-hedging puzzle?
Buy-siders doubt consent requirement will remove long-standing concerns
Responsible AI is about payoffs as much as principles
How one firm cut loan processing times and improved fraud detection without compromising on governance
Could one-off loan losses at US regional banks become systemic?
Investors bet Zions, Western Alliance are isolated problems, but credit risk managers are nervous
SEC poised to approve expansion of CME-FICC cross-margining
Agency’s new division heads moving swiftly on applications related to US Treasury clearing
ECB bank supervisors want top-down stress test that bites
Proposal would simplify capital structure with something similar to US stress capital buffer
Clearing houses warn Esma margin rules will stifle innovation
Changes in model confidence levels could still trip supervisory threshold even after relaxation in final RTS
BlackRock, Citadel Securities, Nasdaq mull tokenised equities’ impact on regulations
An SEC panel recently debated the ramifications of a future with tokenised equities
