HSBC fined £3m for losing data

22nd Jul 2009 13:11

HSBC has been fined more than £3m by the City watchdog after customers' confidential details went missing in the post twice.Three of the banking giant's businesses were in trouble. HSBC Life UK was fined £1.6m, HSBC Actuaries and Consultants Limited will have to pay £875,000 and HSBC Insurance Brokers £700,000.The Financial Services Authority (FSA) said HSBC did not have "adequate systems and controls" in place to protect their customers' confidential details from being lost or stolen.It found that the bank sent large amounts of unencrypted customer details via post or courier to third parties and left confidential information on open shelves.In April 2007, HSBC Actuaries lost an unencrypted floppy disk in the post that contained details of 1,917 pension scheme members and, despite warnings from its internal compliance department, HSBC Life lost an unencrypted CD with the details of 180,000 policy holders in the post in February the following year."These breaches are very disappointing," said Margaret Cole, director of enforcement at the FSA. "All three firms failed their customers by being careless with personal details which could have ended up in the hands of criminals." Without a 30% discount for settling early, HSBC would have had to shell out £4.5m. The trio have taken a number of remedial actions to address concerns raised by the FSA, including improving staff training and encrypting all electronic data in transit.