In today's world, protection of client information is eqaully important as protection of client assets, but the awareness of information security of some financial institutions has remained low.
FSA recently fined Norwich Union Life (one of the UK's largest life insurance businesses) £1.26m for not having effective systems and controls in place to protect customers' confidential information and manage its financial crime risks. These failings resulted in a number of actual and attempted frauds against Norwich Union Life's customers, where fraudsters are allowed to use publicly available information including names and dates of birth to impersonate customers and obtain sensitive customer details from its call centres.
The fraudsters were also, in some cases able to ask for confidential customer records such as addresses and bank account details to be altered. Then they used the information to request the surrender of 74 customers' policies totalling £3.3 million in 2006.
Norwich Union Life also failed to address the issues, highlighted by the frauds, in an appropriate and timely manner even after they were identified by its own compliance department. The failings happened at a time of increasing awareness across the UK about the importance of information security.
Norwich Union Life has taken a number of remedial actions including co-operating with the police to identify and arrest the fraudsters and carrying out a review of its information security processes. It has also reinstated all fraudulently surrendered policies in full.
No comments:
Post a Comment