FSA says ID fraud underestimated

By Jennifer Hill

LONDON (Reuters) - Financial services companies must change their attitude to security to curb the rise in identity fraud, the City watchdog said on Thursday.

The Financial Services Authority (FSA) issued the warning following a review of data security systems and controls at 39 firms including banks, building societies, insurance companies and financial advisers.

Although it found examples of good practice across the industry, it said firms underestimated the risk of data loss and fraud to their businesses -- especially to their customers.

One company has been referred to the FSA's enforcement division.

The call comes just days after Information Commissioner Richard Thomas said British companies and government departments had suffered an "inexcusable number" of security breaches since the loss of millions of personal details last year.

Thomas said he had been told of 94 data breaches since November, with two-thirds from the public sector and the rest from the private sector. Half of the commercial breaches were from financial institutions.

Prime Minister Gordon Brown ordered an urgent review after the tax authority HM Revenue and Customs (HMRC) said it had lost data on 25 million people, exposing them to the risk of identity theft and fraud.

The FSA said that, on occasions of significant data loss, firms seemed more concerned about adverse media coverage than on being open and transparent with their customers.  Continued...