U.K. Bank Fined $1.9 Million For Losing Laptop - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

U.K. Bank Fined $1.9 Million For Losing Laptop

The Nationwide Building Society was fined in connection with the theft of a laptop from an employee's home last year.

A major financial institution in the United Kingdom was slapped with a nearly $2 million fine for failing to adequately protect customer information.

The Financial Services Authority fined the Nationwide Building Society £980,000 for failing to have effective systems and controls to manage its information security risks. The fine is directly connected to last year's theft of a Nationwide laptop from an employee's home.

Nationwide is a financial institution owned and run by its members. It's reportedly the U.K.'s fourth largest mortgage lender and second largest savings provider. The FSA is an independent organization that oversees the financial services industry in the United Kingdom.

The financial institution hasn't said how many customers' information was on the stolen laptop. Banking executives have said that the bank would contact its 11 million members to educate them on what security steps they should take to protect themselves.

During its investigation, the FSA found that the building society didn't have adequate information security procedures and controls in place, potentially exposing its customers to an increased risk of financial crime, according to a release on its Web site.

The FSA also reported that Nationwide wasn't aware that the laptop contained confidential customer information and didn't start an investigation until three weeks after the theft.

"Nationwide is the U.K.'s largest building society and holds confidential information for over 11 million customers," said Margaret Cole, director of enforcement at the FSA, in a written statement. "Nationwide's customers were entitled to rely upon it to take reasonable steps to make sure their personal information was secure. Firms' internal controls are fundamental in ensuring customers' details remain as secure as they can be and, as technology evolves, firms must keep their systems and controls up-to-date to prevent lapses in security."

The FSA also notes on its site that Nationwide cooperated fully in the investigation and has undertaken a "number of actions" to address their failure, including taking additional measures to increase security around accounts; informing customers of the loss of information; affirming its existing policy to reimburse any customer that has suffered financial loss as a result of this incident; and commissioning a comprehensive review of its information security procedures and controls.

By agreeing to settle at an early stage of the FSA's investigation, Nationwide qualified for a 30% discount under the FSA's executive settlement procedures; without the discount, the fine would have been £1.4 million.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
News
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Commentary
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll