Financial institutions must make sure their offshore outsource suppliers are free of criminal gangs working in them.
The call comes in the wake of a Sun newspaper investigation that has revealed that customer details, including bank accounts, passport numbers, mobile numbers and even medical records, can be bought from poorly paid Indian call centre workers for small amounts of cash.
The paper reported that its investigator was able to buy financial details of 1,000 people for only £3 a time.
There are fears that such freely available details could be used by criminals to clone credit cards, buy goods over the internet or clear out customers’ bank accounts.
National Outsourcing Association (NOA) chairman Martyn Hart said, “What the Sun investigation reveals is that Indian employees are no less errant than employees in the
“What banks and offshore companies must do is ensure that they have the right security procedures in place to defend against fraudulent employees, and that offshore operations are managed carefully.
“There is always an element of risk where sensitive data is stored, and companies must do their utmost to reduce this risk and provide the tightest security procedures possible."
Donal Casey, a consultant at Diagonal Security, a division of IT services group Morse, said, “It’s shocking to see that one individual could get their hands on such complete, confidential information.
“Quite simply, this should not be possible. Banks have multiple layers of security, and they should be tracking and auditing who within both their organisation and the outsourcer has access to and is using confidential customer data.
"This should enable them to spot any suspicious behaviour. It shouldn’t be possible for one individual to collect this level of detail on thousands of customers. Something clearly has gone wrong in this instance."