17 October 2017
visit www.response.ncr.com

EU banks could face fines totalling €4.7 billion in the first three years under GDPR

15 June 2017  |  11201 views  |  0 Security

European financial institutions could face fines totalling €4.7 billion in the first three years under the new General Data Protection Regulation (GDPR), according to a study by Consult Hyperion.

The report, commissioned by security outfit AllClear ID, estimates that financial institutions may experience 384 data breaches during the timeframe, with fines as high as €260m per breach.

The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is €10m or 2% of global annual turnover.

Consult Hyperion stresses that the €4.7 billion figure is a conservative forecast, as it excludes compensation claims, costs associated with lost customers, damaged reputations and senior executive resignations.

“The highest risk item in the GDPR is the 72-hour breach notification requirement, and banks are not mitigating this,” says Tim Richards, principal consultant, Consult Hyperion. “Data breaches are an unfortunate fact of life for financial institutions, and our analysis suggests that there have been no fewer than 27 data breach incidents among European Tier 1 banks in the last decade, with some banks as multiple offenders, potentially liable for fines at the 4% level. This indicates an 8% chance that any Tier 1 bank will suffer a data breach in any given year.”

He says that new European regulations such as PSD2, ePR and AMLD4/5 are likely to compound the issue by opening additional liabilities.

With less than a year before GDPR goes live the report advises banks to take urgent action by drafting in the expertise to deal with breach-specific issues and to handle the volume of queries generated when data loss is publicised.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Financial sector breaches skyrocket in 2016

Financial sector breaches skyrocket in 2016

28 April 2017  |  10666 views  |  0 comments | 20 tweets | 33 linkedin
New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

17 October 2016  |  21825 views  |  4 comments | 32 tweets | 40 linkedin
Morgan Stanley hit with $1m SEC fine over customer data hack

Morgan Stanley hit with $1m SEC fine over customer data hack

09 June 2016  |  6305 views  |  1 comments | 10 tweets | 9 linkedin
BBA defends banks over data breach report rise

BBA defends banks over data breach report rise

03 June 2015  |  8037 views  |  0 comments | 4 tweets | 3 linkedin
EU data protection overhaul to impose new burdens on banks

EU data protection overhaul to impose new burdens on banks

24 January 2012  |  9281 views  |  1 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.capgemini.comvisit www.temenos.com

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
14917 views comments | 12 tweets | 4 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8194 views comments | 15 tweets | 21 linkedin
hands typing furiouslyHow artificial intelligence can deliver a...
7559 views 0 | 7 tweets | 9 linkedin
satelliteGates Foundation backs Ripple collaboratio...
6876 views comments | 13 tweets | 7 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
6162 views comments | 8 tweets | 16 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job