18 February 2018
visit www.ebaday.com

FSA fines Norwich Union Life £1.26m for slack security

17 December 2007  |  10997 views  |  0 anonymous figure in front of stock exchange

The UK's Financial Services Authority has fined insurer Norwich Union £1.26 million for failing to protect confidential customer data - including bank account information - from fraudsters.

The City watchdog says Norwich Union's life assurance unit did not have effective systems and controls in place to protect customers' confidential information and manage financial crime risks. These failings resulted in a number of actual and attempted frauds against policyholders.

Slack call centre security allowed fraudsters to use publicly available information - including names and dates of birth - to impersonate customers and obtain sensitive customer data, says the FSA. In some cases criminals were able to ask for confidential customer records, such as addresses and bank account details, to be altered.

The fraudsters then used the information gleaned to request the surrender of 74 customers' policies totalling £3.3 million in 2006.

The FSA says its investigation found that Norwich Union Life failed to properly assess the risks posed by financial crime and as a result, its customers were more likely to fall victim to identity theft.

Furthermore, the insurer failed to address the issues properly, even when it had been alerted to the problem by its own compliance department.

"Norwich Union Life let down its customers by not taking reasonable steps to keep their personal and financial information safe and secure," says Margaret Cole, director of enforcement, FSA. "It is vital that firms have robust systems and controls in place to make sure that customers' details do not fall into the wrong hands. Firms must also frequently review their controls to tackle the growing threat of identity theft."

In a statement, Mark Hodges, chief executive of Norwich Union Life, says: "We have extensive procedures in place to protect our customers but in this instance weaknesses were exploited and we were the target of organised fraud."

"Whilst the number of customers affected is very small compared to the number of policies we manage overall, any breach in customer confidentiality is clearly unacceptable," he adds.

Hodges says the firm has "thoroughly reviewed" systems and controls following the FSA's investigation.

Norwich Union Life is the latest in a number of financial service providers that the FSA has fined for failing to protect confidential customer data. In the past two years the watchdog has slapped fines BNPP Private bank, Capita Financial Administrators and Nationwide Building Society for failings relating to information security lapses and fraud.

Details of the latest fine comes as UK Chancellor prepares to face questions from MPs about the loss of personal data on 25 million child benefit claimants was lost by HM Revenue and Customs (HMRC) last month. Darling will outline the preliminary findings of a review into the security breach.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Data watchdog calls on firms to step up fight against ID fraud

Data watchdog calls on firms to step up fight against ID fraud

11 December 2007  |  5934 views  |  0 comments
UK's Revenue and Customs loses 25 million customer records

UK's Revenue and Customs loses 25 million customer records

20 November 2007  |  11105 views  |  0 comments
Standard Life customer data lost in transit

Standard Life customer data lost in transit

06 November 2007  |  6649 views  |  0 comments
Loans.co.uk suffers security breach

Loans.co.uk suffers security breach

13 September 2007  |  5451 views  |  0 comments
Lords presses UK government to introduce bank data security law

Lords presses UK government to introduce bank data security law

10 August 2007  |  8243 views  |  0 comments
UK data protection watchdog slams firms for security breaches

UK data protection watchdog slams firms for security breaches

11 July 2007  |  7493 views  |  0 comments
Banks censured for dumping customer data in bins

Banks censured for dumping customer data in bins

13 March 2007  |  12511 views  |  0 comments
FSA fines Nationwide for security breach

FSA fines Nationwide for security breach

14 February 2007  |  12902 views  |  0 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
Visit www.vasco.comvisit http://info.nice.comvisit www.swift.com/your-needs/instant-payments

Who is commenting?

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
10469 views comments | 16 tweets | 11 linkedin
Aussie real-time payments platform goes liveAussie real-time payments platform goes li...
8257 views comments | 15 tweets | 41 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
7745 views 10 comments | 21 tweets | 26 linkedin
hands typing furiouslyHow can Blockchain Help with AML KYC
7618 views 3 | 9 tweets | 4 linkedin

Featured job

Competitive base + commission
London, UK

Find your next job