Vertical Markets

UK banks must report breaches

by Mark Rowe

Banks providing personal current accounts and business current accounts will have to publish information that will help customers to compare the service – including how often the firm has had to report major operational and security incidents, the Financial Conduct Authority (FCA) says. By encouraging competition it is expected, the UK banking regulator says, that the new rules will mean providers will improve their service and performance.

Christopher Woolard, FCA Executive Director of Strategy and Competition, said: “We want to see current account providers competing hard for their customers’ business by offering better service, alongside competition on interest and charges. These rules will help people see how their bank compares to others so they can choose an account that suits their needs.

“We are pleased that the industry is seeking to develop information about their treatment of vulnerable customers. It is important that these customers are given help and support when making a decision about a bank account and this is an important step forward.”

Current account providers must publish the information on when and how services and helplines are available and numbers of operational and security incidents from August 15, 2018. For background visit the FCA website.

Comments

Lal Hussain, IT Director of Applications, at IT services firm Insight UK said: “We live in a world where cyberattacks are constantly evolving meaning organisations are continuously at risk. That’s why it is refreshing to see that UK banks will be required to publish data on how many complaints and critical security breaches they have. This marks an important step in ensuring organisations of all sizes remain responsible when it comes to protecting their customers both in terms of quality of service and the security of digital assets. In a world where trust is increasingly tested in the light of revelations such as the Equifax breach and the Uber fiasco, this will bring much needed transparency.

“Our own multi-sector research, however, did reveal that less than two-fifths of senior business leaders hope to achieve improved security when implementing IT solutions. What’s more, with our findings also revealing that half of business leaders pointed to data privacy as one of the top things customers value, it is clear the majority of businesses still aren’t aware of how seriously customers take data protection.

“In the world of ‘always-on’, every device is an entry point. Cyber security must be designed into every single project and business solution that is put forward to be signed off. As such, security which is transparent to customers will help to differentiate in the future. In the same way you don’t need to see police officers on every corner to be reassured that they are there, you understand the basic social contract which assures you security without it being thrust to the forefront at every occasion.”

And Sarah Armstrong-Smith, Head Continuity and Resilience at Fujitsu UK and Ireland, said: “What we’re witnessing now is the payments industry entering a period of intense structural change: for the first time, banks will be forced to publish data on how many complaints and security breaches they have received.

“With the number of threats continuing to increase exponentially, customer trust has never been so valuable or hard to come by and as such it has never been more important for banks to be open and honest about their security. It is paramount that the industry does not overlook, or get complacent about security or place it in the “too big to fix” category, and instead takes a proactive approach.

“An increasingly attack-prone environment means that investors, shareholders, customers and regulators will be keeping an even closer eye on how sensitive data is being handled. This also means that authorities and lawmakers have put data regulation at the forefront of their agenda – as seen from the enforcement of the General Data Protection Regulation.

“After all, banks depend on trustworthiness to attract and retain customers. The implications for this sector of serious data breaches, or of a perception of slackness in looking after data, can very quickly lead to customers fleeing to competitors.”

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing