UK financial sector taking unnecessary risk with regulators

A study has found that UK financial sector organisations are failing to heed warnings from regulators in regards to protecting confidential customer data.

When it comes to data management, over 70 per cent of respondents recognised that the protection of real customer data in the development and testing stage of new applications and services, for example online banking tools, is a primary concern.

Despite this, almost three quarters of respondents (74 per cent) admitted to a lack of confidence or uncertainty in their organisation’s capabilities when it comes to protecting customer information. Worse still, many admitted that their organisations are failing at the task, with more than a third having experienced data loss or theft.

Financial services companies are amongst the most highly regulated in the world, so it comes as no surprise that for one in three organisations, complying with requirements from the Financial Services Authority (FSA) is of the greatest concern.

The findings of the study highlight critical shortcomings when it comes to best practice in data management and how this is being applied in businesses, specifically around the development of new online applications. As a result, financial services organisations are exposing themselves to increased risk, with the potential to be hit by massive fines from regulatory bodies, as well as putting their reputation with customers firmly on the line.

For the majority of financial sector organisations (over 90 per cent), real data forms a critical element when it comes to testing new applications and services, as naturally businesses must ensure that any services they make available to their customer base are completely effective. Despite this, over a third (39 per cent) admitted that customer data has been lost or stolen, when being applied in the development and testing environments. The findings suggest that the threat of disciplinary action at the hands of regulatory bodies isn’t enough to prompt businesses into action.

There appears to be an overwhelming lack of confidence from IT professionals that their organisations have the right measures in place to ensure that customer data remains protected and the business remains out of the firing line from industry regulators.

To avoid the sting of a hefty fine from bodies such as the FSA, it’s essential that organisations clearly define their data management strategy, implement best practice and are observant when it comes to making sure that the same level of data management quality is delivered across the business at all times, whether as a part of live customer services, or in the development stages of new ones.

When asked about the potential consequences of lost or stolen customer data, 87 per cent of respondents who admitted to suffering a data breach said that it disrupted business operations. Over half experienced reputation loss as a direct impact, highlighting the potential damage that poor data management could have for the organisation, and for customers.

After going through the mill as a result of the global recession, reputation-wise many financial services organisations are just getting back on their feet. Customers are placing trust in them to manage a whole host of confidential information and they must be seen to be doing all they can to nurture and retain that trust.

If a customer were to find that their data had been lost whilst solely in the possession of an organisation in which they have put their trust, there are almost certainly going to be repercussions. For any company, customer relationships are the key to success. Being made an example of by industry regulatory bodies is one thing. But losing customer confidence, and as a result loyalty, because you have tripped up with poor data management is an unnecessary risk.

John Poulter is Senior Vice President, EMEA Sales, Informatica. John joined Informatica in September 2006 to spearhead the company's expansion in EMEA. John brings 11 years of senior sales and sales management experience. Prior to joining Informatica, John was VP Sales - Northern EMEA at Symantec, where he directed sales in the UK, Ireland, Nordics and Baltics.