Fraudsters gained access to data director's policies.

Aviva-owned Norwich Union has overhauled its security systems following a major fraud case that targeted its own directors.

The UK’s largest insurer has introduced tougher screening questions to root out fraudsters following the case, which saw five people convicted and sentenced at Maidstone Crown Court last month for conspiracy to acquire criminal property. Two others are awaiting sentencing.

A Norwich Union spokesman said: “We’ve put in a more robust method for making sure the person we’re talking to is the person they say they are. The difficulty that you have is you don’t necessarily want to treat every customer who phones up as a potential fraudster.”

New measures include refusing to give out policy numbers over the phone.

The frauds were committed in 2006 against directors from across Norwich Union, including general insurance, as well as directors from other companies who held Norwich Union life and pensions policies. Seventy-four NU policies were fraudulently surrendered and over 500 other policies were placed at risk.

Fraudsters were able to make policy surrenders by getting personal details of directors including names, home addresses and dates of birth, from sources including Companies House, the official register of UK companies.

Fraudsters were able to use the publicly available information to impersonate customers and obtain sensitive customer details from Norwich Union call centres.

Norwich Union was fined £1.26m by the FSA in December for exposing customers to fraud. The £750,000 surrendered – £500,000 of which was paid into a Halifax account and £250,000 withdrawn – has been reimbursed..