Financial Services Authority building
The FSA aims to "pierce the corporate veil" at retail banks

FSA threatens executives with fines

Senior management to be held accountable for security lapses at banks

Written by Tom Young

Computing, 09 Oct 2008

Board-level executives found responsible for information security lapses in retail banks are to be personally fined as part of a new drive to “pierce the corporate veil”.

The Financial Services Authority (FSA) is concerned that corporate fines are not incentive enough for banks to take adequate measures to protect customers’ information and wants to drive best practice by ensuring executives personally oversee security programmes.

The move is a key part of ensuring security compliance, according to Bill Sillett, manager of the retail department at the FSA.

“Protecting personal data is essential to reduce the level of financial crime,” he said. “This is a big shift in how we operate. There will be more fines for senior individuals in the future.”

The FSA regulates banks’ compliance with the Data Protection Act and the Financial Services and Markets Act, both of which contain legal obligations for banks to safeguard customers’ financial information.

The regulator is concerned that banks place too much emphasis on IT security as part of a cost-benefit risk analysis.

“With some large firms even if we fine them £20m it won’t have much of an impact ­ we hope targeting senior management will help solve that problem,” said Sillett.

The FSA has not yet levied any major fines on individuals, but will commit more resources to doing so in such cases in the future.

Sillett said the level of senior management to be targeted will depend on the case, but the FSA wants to avoid executives palming off overall security responsibilities onto the IT department.

Chief executives, compliance officers and board-level IT directors could all be held responsible.

The obligation of senior management for data protection issues is not a completely novel idea, according to Stewart Room, barrister with law firm Field Fisher Waterhouse.

“Directors and senior management are liable if a firm doesn’t comply with an enforcement notice from the Information Commissioner’s Office,” he said. “Regulators need to make sure they inflict real pain to ensure compliance.”

  • Have your say
  • Send to a friend
  • Print this
  • Share

reader comments

related articles

Richard Thomas

Privacy watchdog to get new powers

Office will be given ability to spot check central government 22 Apr 2008

 
Information Commissioner's Office

Privacy watchdog reprimands another NHS trust

ICO takes action against primary care trust for losing patients' personal details 13 Feb 2009

Great Western Wine Company

Shoe firm steps right into packaging fine

Environment Agency crackdown on firms that flout recycling and packaging rules continues with £30,000 fine 13 Jan 2010

£500000 penalty for serious data losses

Starting from April 2010, the Information Commissioner’s Office (ICO) will be able to order organisations to pay up to half a million pounds as a penalty for serious breaches of the Data Protection Act 13 Jan 2010

related whitepapers

today's top stories

Software

Police hunt for moles with security software

Lancashire Constabulary to monitor data input of 7,000 staff in bid to prevent intelligence leaks 09 Feb 2010

Hardware

PaperlinX outsources IT and comms to Bull and BT

Paper company spends €22m on five-year deal for desktop management, helpdesk and datacentre services 05 Feb 2010

Management

Social tools take KM to a new level

Technology expert David Tebbutt explains how – and why – organisations should integrate social networking tools into their knowledge management strategy 02 Feb 2010

Management

EDS court defeat puts vendors on their guard

BSkyB’s victory in a long-running court case against EDS has serious implications for the IT industry 02 Feb 2010

Security

Law firm monitors web traffic violations

Bucks declining global security appliance sales with unified threat management (UTM) platform deployment 01 Feb 2010

> More news

Advertisement

Subscribe

Security: The New Face of Intrusion Prevention
An outline of traditional IPS functionality, modern developments and how IPS can be deployed easily.

UK businesses’ attitudes to Cloud Computing revealed

Features results from a survey of over 200 Computing readers.

Advertisement

Keep up to date with the latest products, services and technologies from the world's leading IT companies; ITHound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

Latest poll

Internet Explorer 6

Internet Explorer 6

Following recent concerns about the security of Internet Explorer 6 are you planning to phase it out?

View poll results

> More polls

Latest audio and video articles

Tony McAlisterVideo

Video Q&A: Tony McAlister, CTO, Betfair - Part one

On changing the skills development strategy at the online gambling firm - part one of a two-part video interview 05 Nov 2009

Video

Nokia shows upcoming handset technologies

Mobile phone features of tomorrow take the stage 21 Oct 2009

> More audio and video

Latest in-depth articles

Analysis

Police hunt for moles with security software

Lancashire Constabulary to monitor data input of 7,000 staff in bid to prevent intelligence leaks 09 Feb 2010

Businessman with eye patch, dagger and tie round head, sitting at laptopFeatures

Are you sure you're not a pirate?

It is alarmingly easy for an IT leader to unwittingly exceed the scope of a software licence, and the chances of being caught out have never been greater, as technology lawyers Mark Weston and Paul Gershlick explain 09 Feb 2010

> More in depth articles

Primary Navigation