Stockbroking Subsidiary Fined £77,000 for Inadequate Security

2008-06-18 09:00

Merchant Securities Group Limited is the first stockbroking firm to be fined by the FSA for inadequate security procedures. Merchant Securities is a London based stockbroking firm with about 850 retail and institutional customers. Although the firm has never experienced a security breach, the FSA found flaws in how the firm handles their data security. These flaws were discovered by the FSA during a visit in September 2007, and could put customers at risk for identity theft.

The FSA (Financial Services Authority) discovered that the stockbroking firm identified customers via telephone through voice recognition and through light personal conversation, and had no formal procedures in place to ensure who the caller was. The FSA also discovered that customer's account numbers and names were sent out in routine letters, and that unencrypted back-up tapes of customer data had been stored overnight at a staff member's home.

The Director of Enforcement at the FSA, Margaret Cole, stated "It is unacceptable that despite increased awareness of data security issues, a firm should be so careless about its systems for protecting customers' personal details. We will not wait until information has been lost or stolen before taking action against a firm. The level of the fine for a firm of this size should serve as a warning to others to take data security seriously."

The FSA posted a Press Release on their Website addressing this issue, you can read the Press Release here.

Merchant Securities has since entered into an agreement with the FSA, and has fully cooperated and listened to the FSA'a concerns. The stockbroking firm has released a statement regarding the issue and states, "Changes implemented since October 2007 mean that MSGL is confident that the shortcomings in its systems and controls identified by the FSA have been fully resolved." The full Company Statement can be read here.