Nationwide fined £980,000 for information security lapses
LONDON - The UK Financial Services Authority (FSA) has fined Nationwide building society £980,000, for failing to have effective systems and controls in place to manage its information security risks.
Following the theft of a laptop computer from a Nationwide employee's home last year, the FSA launched an investigation into the building society's information security procedures, and found them to be inadequate, potentially exposing customers to an increased risk of financial crime. More worryingly, the FSA investigation discovered Nationwide was not aware the laptop contained confidential customer information, and that the building society did not start an investigation until three weeks after the theft.
"Nationwide is the UK's largest building society and holds confidential information for more than 11 million customers," says Margaret Cole, director of enforcement at the FSA. "Nationwide's customers were entitled to rely on it to take reasonable steps to make sure their personal information was secure. Firms' internal controls are fundamental in ensuring customers' details remain as secure as they can be and, as technology evolves, they must keep their systems and controls up-to-date to prevent lapses in security. The FSA took swift enforcement action in this case to send a clear, strong message to all firms about the importance of information security."
Nationwide co-operated fully with the FSA and by agreeing to settle at an early stage, it qualified for a 30% discount, without which the fine would have been £1.4 million.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Regulation
Change fatigue could dim EBA’s credit risk simplicity drive
Revisions may be kept to a minimum as short-term implementation burden weighs on banks
Foreign banks can swerve US Basel op risk capital charges
New proposal offers category III and IV banks op-out from regime, but intragroup trades penalised
BoE’s Bailey expects global consensus on FRTB internal models
Isda AGM: UK is reviewing proposals from US and EU regulators before finalising its IMA rules
DRW chief slams ‘ridiculous’ OCC stablecoin rule
Isda AGM: Wilson warns week-long redemption freeze would deter use of Genius Act coins as cash leg of tokenised repo
Dealers push for more revisions to Basel III endgame
Isda AGM: Goldman, JP Morgan bankers want changes on cross-product netting, CVA and default risk charges
StanChart: UK, EU should copy US ‘commercial’ Basel III
Isda AGM: Exec warns divergent Basel III rules will push trading into less-regulated entities
NBFI oversight ‘no longer adequate’, say BdF economists
Researchers call for stronger supervision of non-bank sector ‘before risks actually materialise’
Why Brexit still stirs up trouble for cross-border business
As EU erects another obstacle, banks consider ways around it – or exit strategies
