FSA fines Nationwide £1m for security failings

During an investigation following the theft of a laptop computer from a Nationwide employee’s home in 2006, the FSA reported that the Society was potentially exposing its customers to an increased risk of financial crime as it did not have adequate information security procedures and controls in place.

Margaret Cole, director of enforcement at the FSA, said: “Nationwide is the UK’s largest building society and holds confidential information for over 11 million customers. Its customers were entitled to rely upon it to take reasonable steps to make sure their personal information was secure.

“Firms’ internal controls are fundamental in ensuring customers’ details remain as secure as possible and, as technology evolves, firms must keep their systems and controls up-to-date to prevent lapses in security.”

Nationwide has commissioned a comprehensive review of its procedures following the investigation.

Philip Williamson, Nationwide’s chief executive, said: “We have extensive security procedures in place, but in this isolated incident our systems of control were found wanting. We have made changes to fill the gap and improve our procedures.

“Towards the end of last year I sent a letter to all our members telling them about this matter and apologising for any concern it may have caused them. I would like to reiterate that apology to our members and assure them that we have taken action to tighten our already high security procedures.”

An MI source, added: “It just shows how vulnerable we all are when we carry around clients’ details and with scanned passports and bank statements on our laptops.”