The UK’s Financial Services Authority is warning firms that they must do more to help prevent their customers falling victim to identity fraud and other types of financial crime.
The warning follows an FSA review of systems and controls for data security at 39 firms including banks, building societies, insurance companies and financial advisers. The FSA reports that there were examples of good practice across the industry however many firms still underestimate the risk of data loss and fraud to their businesses, and especially to their customers.
Firms’ failings include senior management at firms not recognizing the value of their customers’ data to fraudsters or that staff could pose a similar threat to data security as that posed by computer hackers and burglars. Also when significant data loss occurs, firms seem more concerned about adverse media coverage than on being open and transparent with their customers, the FSA observed. Following the review, one firm has been referred to enforcement, it added.
Speaking at the FSA’s annual conference on financial crime today, Philip Robinson, director of its Financial Crime and Intelligence Division, said, “It is worrying that despite increased public awareness of the impact that identity theft can have on customers, many firms are still not taking this risk seriously. Customers have a right to be confident that firms are doing everything reasonably possible to keep their personal and financial details safe. Some firms have made progress by adopting good practice while others need to do more in this area to ensure that they are treating their customers fairly.”
Robinson added that getting data security right is a key priority for the FSA and it expects the industry to raise its standards. The FSA is addressing data security risks with firms through ongoing supervision and is increasing its visits to small firms to review their systems and controls. It is also publishing a factsheet to help senior management at small firms understand their data security responsibilities.
UK firms warned to do more to protect clients’ personal data
- By: James Langton
- April 24, 2008 December 14, 2017
- 09:50