Nationwide fined £980,000 for information security lapses
LOSSES & LAWSUITS
Following the theft of a laptop computer from a Nationwide employee's home last year, the FSA launched an investigation into the building society's information security procedures, and found them to be inadequate, potentially exposing customers to an increased risk of financial crime. More worryingly, the FSA investigation discovered Nationwide was not aware the laptop contained confidential customer information, and that the building society did not start an investigation until three weeks after the theft.
"Nationwide is the UK's largest building society and holds confidential information for more than 11 million customers," says Margaret Cole, director of enforcement at the FSA. "Nationwide's customers were entitled to rely on it to take reasonable steps to make sure their personal information was secure. Firms' internal controls are fundamental in ensuring customers' details remain as secure as they can be and, as technology evolves, they must keep their systems and controls up-to-date to prevent lapses in security. The FSA took swift enforcement action in this case to send a clear, strong message to all firms about the importance of information security."
Nationwide co-operated fully with the FSA and by agreeing to settle at an early stage, it qualified for a 30% discount, without which the fine would have been £1.4 million.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Regulation
SVB opens floodgates on liquidity buffers debate
European regulator says HQLAs should be booked at fair value, but not everyone agrees
SEC cyber rules risk creating web of confusion and costs
Proposals would require breach notifications, public disclosures and annual cyber assessments
Indonesia readies close-out netting after passing P2SK Law
Bankruptcy law changes remove close-out netting obstacles
Top 10 operational risks: The umpire strikes back
Tougher regulatory enforcement, new consumer rules and rise of ESG are ringing alarm bells
Behnam comments fan JSCC hopes for US client clearing
Japan clearing exec welcomes CFTC chair’s pledge to keep discussing OTC clearing status for non-US houses
SVB wouldn’t happen in Europe, says Deutsche CIB head
Campelli also thinks Credit Suisse’s bailed-in AT1 bonds acted as originally intended
How Finma milked Credit Suisse’s CoCos to close UBS deal
An unusual clause in Swiss AT1 bonds allowed them to be written off, but could others follow suit?
