28 June 2017
download the report now

EU banks could face fines totalling €4.7 billion in the first three years under GDPR

15 June 2017  |  9020 views  |  0 Security

European financial institutions could face fines totalling €4.7 billion in the first three years under the new General Data Protection Regulation (GDPR), according to a study by Consult Hyperion.

The report, commissioned by security outfit AllClear ID, estimates that financial institutions may experience 384 data breaches during the timeframe, with fines as high as €260m per breach.

The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is €10m or 2% of global annual turnover.

Consult Hyperion stresses that the €4.7 billion figure is a conservative forecast, as it excludes compensation claims, costs associated with lost customers, damaged reputations and senior executive resignations.

“The highest risk item in the GDPR is the 72-hour breach notification requirement, and banks are not mitigating this,” says Tim Richards, principal consultant, Consult Hyperion. “Data breaches are an unfortunate fact of life for financial institutions, and our analysis suggests that there have been no fewer than 27 data breach incidents among European Tier 1 banks in the last decade, with some banks as multiple offenders, potentially liable for fines at the 4% level. This indicates an 8% chance that any Tier 1 bank will suffer a data breach in any given year.”

He says that new European regulations such as PSD2, ePR and AMLD4/5 are likely to compound the issue by opening additional liabilities.

With less than a year before GDPR goes live the report advises banks to take urgent action by drafting in the expertise to deal with breach-specific issues and to handle the volume of queries generated when data loss is publicised.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Financial sector breaches skyrocket in 2016

Financial sector breaches skyrocket in 2016

28 April 2017  |  9797 views  |  0 comments | 20 tweets | 33 linkedin
New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

17 October 2016  |  19135 views  |  4 comments | 32 tweets | 40 linkedin
Morgan Stanley hit with $1m SEC fine over customer data hack

Morgan Stanley hit with $1m SEC fine over customer data hack

09 June 2016  |  6093 views  |  1 comments | 10 tweets | 9 linkedin
BBA defends banks over data breach report rise

BBA defends banks over data breach report rise

03 June 2015  |  7913 views  |  0 comments | 4 tweets | 3 linkedin
EU data protection overhaul to impose new burdens on banks

EU data protection overhaul to impose new burdens on banks

24 January 2012  |  9165 views  |  1 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit wavestone-advisors.co.ukdownload the report nowvisit www.response.ncr.com

Top topics

Most viewed Most shared
ECB preps eurozone-wide instant payments serviceECB preps eurozone-wide instant payments s...
9207 views comments | 19 tweets | 37 linkedin
ABN Amro tests wearable tech for contactless paymentsABN Amro tests wearable tech for contactle...
8768 views comments | 10 tweets | 6 linkedin
hands typing furiouslyThe EU and blockchain: taking the lead?
7567 views 0 | 8 tweets | 7 linkedin
Asia still top dog for payments innovation but Europe gaining groundAsia still top dog for payments innovation...
7500 views comments | 10 tweets | 9 linkedin
Mastercard eyes opportunities to profit from sharing economyMastercard eyes opportunities to profit fr...
7014 views comments | 6 tweets | 6 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job