View more on these topics

FSA fines Zurich Insurance £2.3m

The FSA has fined the UK branch of Zurich Insurance £2.3m for failing to have adequate systems and controls in place to prevent the loss of customers’ confidential information.

The fine is the highest levied to date on a single firm for data security failings.

The failings came to light following the loss of 46,000 customers’ personal details, including identity details, and in some cases bank account and credit card information, details about insured assets and security arrangements.

The FSA says the loss could have led to serious financial detriment for customers and even exposed them to the risk of burglary.

Zurich UK says it has seen no evidence to suggest that the personal data was compromised or misused.

Zurich UK outsourced the processing of some of its general insurance customer data to Zurich Insurance Company South Africa Limited. In August 2008, Zurich SA lost an unencrypted back-up tape during a routine transfer to a data storage centre.

As there were no proper reporting lines in place Zurich UK did not learn of the incident until a year later.

The FSA says Zurich UK failed to take reasonable care to ensure it had effective systems and controls to manage the risks relating to the security of customer data resulting from the outsourcing arrangement.

The firm also failed to ensure that it had effective systems and controls to prevent the lost data being used for financial crime.  

As Zurich UK agreed to settle at an early stage of the investigation the firm qualified for a 30 per cent discount. Without this discount Zurich would have been fined £3.25m.

FSA director of enforcement and financial crime Margaret Cole says: “Zurich UK let its customers down badly. It failed to oversee the outsourcing arrangement effectively and did not have full control over the data being processed by Zurich SA. To make matters worse, Zurich UK was oblivious to the data loss incident until a year later.

“Firms across the financial sector would do well to look at the details of this case and learn from the mistakes that Zurich UK made.”

Recommended

It’s not plain sailing for protection

August is the only month of the year when both the FSA and Government cease the relentless flow of consultation and policy statements and external meetings wind down considerably. So, while in holiday mode, I will take a more light-hearted approach to this month’s article and tell you about a recent thought-provoking experience. I was […]

2

‘Keep Govt out of annuity advice’

The Government should steer clear of giving annuity advice through its Consumer Financial Education Body and free advice service unless it employs diploma-qualified advisers, according to Annuity Direct. The Government’s consultation paper on removing compulsory annuitisation by age 75, published in July, calls for views on how bodies such as the CFEB can help individuals […]

13

Revenue income validation scheme set for autumn start

HM Revenue & Customs has confirmed it is in advanced talks with the Council of Mortgage Lenders about introducing a scheme that allows lenders to verify income. Money Marketing understands it could be launched as soon as three months’ time. The previous Labour Government announced plans to set up a formal scheme in its March […]

Artemis Global Income: Making sense of global markets

The rally in cyclical ‘value’ stocks paused for breath in February, as investors took a more cautious tone and switched their attention back to defensive areas. In this article, Jacob de Tusch-Lec, manager of the Artemis Global Income Fund, explains how he has positioned the portfolio, given the many economic, geopolitical and policy risks that […]

Newsletter

News and expert analysis straight to your inbox

Sign up

Comments

There are 16 comments at the moment, we would love to hear your opinion too.

  1. So how many pieces of fine art can you buy for £2.2m

  2. Incompetent Regulators Awards Team 24th August 2010 at 11:00 am

    Pot calling the kettle black.

    What about the 17 or so laptops the FSA lost 2/3 years ago. Where are personal fines for the FSA staff?

  3. As usual everything is FINE at the FSA!!!

  4. Do as I tell you not as we have done!!!!!

  5. I really wish you guys would stop sniping at the FSA. They do a wonderful job, provide value for money and have taken great steps forward towards achieving their goals.

    My clients are constantly telling me how more secure they feel knowing they have a strong regulator working on their behalf and think they earn every penny of their salary and bonuses.

  6. The announcement of Zurich’s fine from the FSA demonstrates that any organisation that either requires users to log on, or retains customer’s confidential information should ensure that they have suitable systems in place to prevent data leakage.

    Not only have Zurich been fined a large amount of money, but they have potentially damaged their reputation far beyond this charge. It is irrelevant that the information, according to Zurich, was not misused, the point is it should never have been leaked. There are services available which prevent such leakages, and industries such as banking in particular should have the appropriate precautions in place. As a Managed Security Services company (www.msc247.com), we work with a number of the UK’s leading Building Societies to ensure that their customers’ information is wholly protected.

  7. Seriously – where does all this fine money go????

    Flood relief, Homeless Children, NSpcc, RSPCA

    Has anyone asked where this goes under a Freedom Of Information request?

  8. Jennifer Nicholls 24th August 2010 at 12:55 pm

    A bank I was at a few years ago used to have One laptop a month stolen. The engineers comforted me by telling me it happens all the time. Client info was not encrypted.

  9. It’s for this year’s £20m+ bonus pot, silly (so the FSA won’t end this year £14m overdrawn with the very banks it’s supposed to but manifestly fails to regulate).

  10. “Seriously – where does all this fine money go????” It goes to offset the next year’s levy in that fee block; that’s not a new thing.

  11. To Chris Neil
    Can you send me some of that stuff you are on-we need it here!

  12. Where does the money raised by fines go ? It all finishes up in government coffers in one department or another. It doesn’t matter if its speeding fines, FSA fines, OFWAT, OFCOM, the wrong bin fines – you name it, the government collects it. Fines, in all their guises, are simply money-spinners for the government.

    Moreover, ZIFA will simply raise its charges/premiums to cover the cost and its Joe public that will pay its fine.

    And as for the FSA fining Zurich for data protection failings – the FSA itself, HMRC, MoD, NHS and numerous other government agencies have all proven themselves totally useless at protecting sensitive information. The government and its FSA henchmen should put its own house in order before pointing the finger elsewhere.

  13. Hmmmmm Bonus pot, next years levy in the fee block, fine art.

    My Dear old Dad used to say “when you smell muck in the air you can reckon that the muck spreaders have been out”.

    Does this mean that the more IFA’s that get fined the less we all have to pay for next years levy??

    Your all right I guess – so so silly because I just can’t believe it.

  14. FSA Hypocrisy Rules - Not OK! 24th August 2010 at 5:30 pm

    The FSA failed to BCC the personal e-mail address detail of in excess of 500 IFA firms in a mail shot but thats OK! The FSA lose lapstops containing confidential information but thats OK. Can we please have an FSA fine that results in an offset against our fees. I’m afraid the industry wide contempt for this Stasi regulator is such that a fine likes this shouts hypocrisy. Regulator go regulate yourself!

  15. How could this fine be used - some simple suggesti 24th August 2010 at 5:47 pm

    Could it be used to fill the black hole in their fat cat final salary deficit?

    Maybe used to hire out HMS Belfast?

    Maybe used to cover £500 taxi fare for aftern dinner speaker

    Maybe used to pay for expensive brochures inviting IFA to attend seminars in London at £200 – £300 per head?

    Maybe used to pay expensive external fat cat consultants

    Maybe used to pay for educating the public in financial matters after all the state has failed to get the majority to read and write so perhaps the FSA can do even better by are funding an independent audio ipod version advocating the use of the banks

    Maybe used to invent the next misselling scandal or fund a nationwide campaign to invite complaints

    Maybe used for their fine art collection or award winning Mezzanine Flooring at Canary Ivory Tower.

    Maybe used to pay off a Golden Goodbye for gross incompetence or may even be used to pay the same a consultancy fee to advise on gross incompetence after their Golden Goodbye.

  16. But who actually pays this fine ?

    It is of the customers of Zurich, not any director not any executive director not even Tony Blair.

    So in the end the only people who are disadvantaged in any way are the very same people whose details were lost in the first place what a fantastic system.

Leave a comment