First it was the Information Commissioner’s Office which had to fess up to a string of data breaches, now City regulator the Financial Conduct Authority is being forced to hang its head in shame after admitting its own record is hardly spotless.
Not that it has made this confession off its own back; it has taken a Freedom of Information request to wheedle it out.
The most serious breach saw the regulator accidentally publish the personal details of 2,000 City workers, and was one of a number of incidents which would have incurred stiff fines from the FCA if they had been perpetrated by any of the organisations it governs.
The lapses were revealed in an FoI request by The Times newspaper. In March 2015, files related to regulatory action being taken against a firm were lost on FCA premises. Only five months later, more ‘enforcement-related papers’ were lost outside the regulator’s offices by an external contractor. The documents were not recovered in either case. It also sent personal details of a City worker to the wrong company, The Times reports.
The FCA claimed that each case has been cleared by the Information Commissioner’s Office. It added: “None of the breaches identified resulted in any detriment to either firms or individuals.”
However, section 352 of the Financial Services & Markets Act 2000 makes such unauthorised disclosure by FCA staff a criminal offence.
Red faces at ICO as it fesses up to 14 data breaches
Big issues to tackle in 2017: red alert on legislation
FCA examines insurance industry’s use of big data
Insurers off the hook as FCA rules out big data probe
ICO admits internal data breach