![Risk.net](https://www.risk.net/sites/default/files/styles/print_logo/public/2018-09/print-logo.png?itok=1TpHrpuP)
FSA fines HSBC insurance businesses £3 million for data security failings
HSBC is fined by the UK regulator over information security systems and controls failings in its insurance businesses
LONDON - The Financial Services Authority (FSA) has fined three firms from within the HSBC banking group more than £3 million for having inadequate systems and controls to protect their customers' confidential data.
The UK regulator says the failure to protect information from being lost or stolen contributed to customer data being lost in the mail on two occasions. HSBC Life UK was fined £1.6 million, HSBC Actuaries and Consultants was fined £875,000 and HSBC Insurance Brokers was fined a further £700,000.
During its investigation the FSA said it found large volumes of unencrypted or otherwise unprotected customer data was sent via post or courier to third parties. Other data was left vulnerable to loss or theft on open shelves or in unlocked filing cabinets. Internal members of staff were also found to be insufficiently briefed on the resultant risks of identity theft.
The three units were judged to have failed to put adequate procedures, systems or controls in place to manage financial crime risks, despite a warning in July 2007 from HSBC Group Insurance's compliance team. The following February, HSBC Life lost in the post an unencrypted CD containing the details of 180,000 policyholders.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Regulation
Banks cry foul over shock decision from Basel Committee
Asset and liability management professionals question severity of criteria in revised IRRBB tests
Fresh EU push for single securities supervisor to compete with US
But MEP expresses ‘concern’ EU nations will stall revival of capital markets union
Discord deepens over fund-linked trades in FRTB
More banks use punitive approach to capital treatment under new trading book regime, irking regulators
AI, quantum computing and tokenisation set to transform finance – Menon
But significant barriers remain preventing the technologies from unlocking their full potential
Could the SEC revive the private fund adviser rule?
Industry experts deem a second life for the reviled rule unlikely
Vendors lack silver bullet for FRTB’s fund-linked issue
EU and UK legislators tried to ease capital charge by leaning on vendors, but problems persist
Does Basel’s internal loss multiplier add up?
As US agencies mull capital reforms, one regulator questions past losses as an indicator of future op risk
US Treasury official calls for SLR relief during market stress
Under Secretary Liang also urges scrutiny of “artificial incentives” for Treasury futures in 40-Act rules