The Financial services Authority (FSA) fined Norwich Union (NU) £1.26M for failing to protect its customers against fraud. The fine is the largest ever issued by the FSA in relation to security lapses and fraud.
Norwich Union Life failed to take reasonable care to both assess where its financial crime risks lay and establish adequate procedures and controls to manage those risks and respond to the frauds in an appropriate and timely manner once they had become apparent.
How many policyholders were affected
- Over 632 policies were targeted by the fraudsters.
- There were 74 fraudulent surrenders amounting to approximately £3.3M in total.
Fraudsters obtained publicly available information on people who were directors of a business from Companies House, including their full names, addresses and date of birth. They phoned NU's call centres and used the data to answer security questions, alter addresses and bank account details, and surrender the policies.
Will the FSA also be fining HMRC for losing data belonging to 25 million people, and putting their personal security at risk for the next 20 years?