The
threat of regulatory action is the top concern for UK financial
services firms should they
lose data, according to research from Ernst & Young.
Ernst & Young's report said 72% of
the 29 UK financial services firms polled saw regulatory action or
sanctions as the biggest danger from data loss, ahead of damage to
reputation and brand (66%).
Ken Allan, partner in Ernst & Young's technology and
security risk services department, said, "The sizeable penalties
imposed by the Financial Services Authority on a number of
financial institutions have clearly hit home. Financial
institutions are acutely aware of the impact that sanctions and
regulatory action can have on their business and in turn their
reputation."
Regulatory compliance has caused almost 25% of the UK financial
institutions polled to report a significant increase in information
security costs this year. More than 33% reported a significant rise
in costs over the past three years.
The survey shows that 38% have spent between 20% and 50% of
their annual information security budget in the last financial year
complying with regulation. Most UK financial institutions are set
to maintain or increase their investment in the next financial
year.
Data loss: how to minimise risk, liability and reputational damage
>>
Data breaches: the legal aftermath >>