20 January 2018
visit http://response.ncr.com

EU banks could face fines totalling €4.7 billion in the first three years under GDPR

15 June 2017  |  11481 views  |  0 Security

European financial institutions could face fines totalling €4.7 billion in the first three years under the new General Data Protection Regulation (GDPR), according to a study by Consult Hyperion.

The report, commissioned by security outfit AllClear ID, estimates that financial institutions may experience 384 data breaches during the timeframe, with fines as high as €260m per breach.

The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is €10m or 2% of global annual turnover.

Consult Hyperion stresses that the €4.7 billion figure is a conservative forecast, as it excludes compensation claims, costs associated with lost customers, damaged reputations and senior executive resignations.

“The highest risk item in the GDPR is the 72-hour breach notification requirement, and banks are not mitigating this,” says Tim Richards, principal consultant, Consult Hyperion. “Data breaches are an unfortunate fact of life for financial institutions, and our analysis suggests that there have been no fewer than 27 data breach incidents among European Tier 1 banks in the last decade, with some banks as multiple offenders, potentially liable for fines at the 4% level. This indicates an 8% chance that any Tier 1 bank will suffer a data breach in any given year.”

He says that new European regulations such as PSD2, ePR and AMLD4/5 are likely to compound the issue by opening additional liabilities.

With less than a year before GDPR goes live the report advises banks to take urgent action by drafting in the expertise to deal with breach-specific issues and to handle the volume of queries generated when data loss is publicised.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Financial sector breaches skyrocket in 2016

Financial sector breaches skyrocket in 2016

28 April 2017  |  11130 views  |  0 comments | 20 tweets | 33 linkedin
New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

New EU rules could cost UK firms £122bn in cybersecurity fines - PCI SSC

17 October 2016  |  23673 views  |  4 comments | 32 tweets | 40 linkedin
Morgan Stanley hit with $1m SEC fine over customer data hack

Morgan Stanley hit with $1m SEC fine over customer data hack

09 June 2016  |  6406 views  |  1 comments | 10 tweets | 9 linkedin
BBA defends banks over data breach report rise

BBA defends banks over data breach report rise

03 June 2015  |  8088 views  |  0 comments | 4 tweets | 3 linkedin
EU data protection overhaul to impose new burdens on banks

EU data protection overhaul to impose new burdens on banks

24 January 2012  |  9335 views  |  1 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.ebaday.comvisit www.vasco.comvisit www.capgemini.com

Top topics

Most viewed Most shared
Europe begins Open Banking era in subdued styleEurope begins Open Banking era in subdued...
12237 views comments | 33 tweets | 38 linkedin
BofA leads on blockchain patentsBofA leads on blockchain patents
7547 views comments | 11 tweets | 12 linkedin
Standard Chartered establishes fintech innovation and investment unitStandard Chartered establishes fintech inn...
7420 views comments | 14 tweets | 14 linkedin
hands typing furiouslyFintech Adoption is About People, Not Tech
6650 views 1 | 6 tweets | 2 linkedin

Featured job

Competitive base + commission
New York City, NY - USA

Find your next job