Company "regrets" customer data breach

Commenting on the fines imposed today by the FSA on three HSBC firms, Clive Bannister, group managing director of HSBC Insurance said: "Keeping our customers’ data confidential and secure is vitally important to everyone at HSBC. We hold ourselves to the highest standards, but it is clear that in these instances we have fallen short, which we sincerely regret.

“While this is a serious matter, no customer reported any loss from these failures and we are doing everything possible to prevent a recurrence. We have implemented even more rigorous systems, better checks and more training for our people. We believe our customers can have confidence that we are doing everything we can to protect their privacy."

Bannister said the FSA had taken into account that HSBC had taken significant proactive action to address the problems that were identified. Some of these measures include:

  • immediate, proactive programmes established to contact all customers potentially affected by the breaches
  • more data protection awareness training for staff with 33,500 UK staff completing training
  • stronger processes to ensure all confidential data that is electronically transmitted or stored and transported on CDs and laptops is encrypted
  • restricting the ability to download data to portable devices
  • a major business wide data protection awareness campaign

HSBC Insurance Brokers’ chief executive Philip Gregory added: "“It is important to note that HSBC Insurance Brokers has not lost any customer data, nor has any customer been impacted by financial crime as a result of HSBC Insurance Brokers’ actions. HSBC Insurance Brokers co-operated fully during the investigation, and the FSA has positively recognised the considerable amount of proactive action that HSBC Insurance Brokers has taken to revise its procedures and controls. This fact has been documented in the FSA Notice.

"I can assure our customers that we take data security very seriously. As a result of the FSA investigation we have thoroughly reviewed our procedures and taken steps to implement more robust data security controls. We believe that our data security procedures are now appropriately rigorous, and we will continue to review and improve them on an ongoing basis.”

See story: HSBC Insurance Brokers fined 700000 by FSA