Consult Hyperion forecasts banks to face fines totalling €4.7bn in first three years under GDPR


  • Financial institutions may experience 384 data breaches with fines as high as €260m per breach
  • European regulations such as PSD2, ePR and AMLD4/5 will compound the issue by opening additional liabilities
  • Report urges banks to focus on breach response readiness to mitigate this risk

London, UK, 15th June 2017: A new report from Consult Hyperion, commissioned by AllClear ID, forecasts that European financial institutions could face fines totalling €4.7 billion in the first three years under the new General Data Protection Regulation (GDPR). This forecast is conservative and excludes compensation claims, costs associated with lost customers, damaged reputations and senior executive resignations.

The report GDPR: Banks, Breaches and Billion Euro Fines forecasts the number of data breaches in the European financial services sector over the next three years and corresponding fines under GDPR.

Data Breach Forecast and GDPR Fines
Type of bank Total number of banks Forecast average fine (millions) Forecast breaches Estimated fines (millions)
Tier 1 32 260 2/3 666
Tier 2 75 48 6 288
Tier 3 5000 5 120 600
Total Year One = €1,554m
Total Over Three Years = €4,662m

Under GDPR financial penalties for a data breach are substantial. Institutions can receive fines of up to 2% of the previous year’s global annual revenues for a first offence and 4% for repeat offences where the regulator has previously ordered remedial action. There are also possible criminal penalties for executives deemed responsible.

GDPR’s 72-hour breach notification requirement means managing and responding to a data breach in an open and effective manner is critical. Regulators have significant discretion in the level of penalties they can levy, and are required to take planning, customer notification and mitigation into account in the decision.

“The highest risk item in the GDPR is the 72-hour breach notification requirement, and banks are not mitigating this,” said Tim Richards, Principal Consultant, Consult Hyperion. “Data breaches are an unfortunate fact of life for financial institutions, and our analysis suggests that there have been no fewer than 27 data breach incidents among European Tier 1 banks in the last decade, with some banks as multiple offenders, potentially liable for fines at the 4% level. This indicates an 8% chance that any Tier 1 bank will suffer a data breach in any given year. These figures, we believe, are conservative, and banks are not prepared for the consequences under GDPR.”

To compound the issue, new European regulations such as PSD2, ePR and AMLD4/5 will mandate institutions hold more data and make it available over open interfaces, just when data loss becomes especially dangerous.

With less than a year before GDPR goes live the report advises banks to take urgent action to meet GDPR and other legislative requirements to avoid financial and reputational loss.

The report offers pragmatic advice to financial institutions to mitigate the risk of a data breach and ensure compliance. Three key crucial elements are required – the expertise to deal with breach-specific issues including identity theft, the specialised manpower to handle the volume of queries generated when the breach is publicised, and the infrastructure for secure communication channels to notify customers.

“A poorly managed customer notification in the wake of a breach makes you look like a fool. Financial institutions are myopically focused on preventative measures, ignoring the importance of the resilience. History tells us that companies that have dealt with data breaches poorly have seen loss of customers, reduced earnings and board level resignations, while those with a prepared plan and a managed response have sidestepped these issues,” said Bo Holland, CEO, AllClear ID. “GDPR raises the stakes even higher. With only 72 hours to react, financial institutions that have not invested in response readiness will face the most serious fines and collateral business damage.”

The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is €10m or 2% of global annual turnover.

The full report can be downloaded here: https://www.allclearid.com/business/resource/banks-breaches-billion-euro-fines/


About AllClear ID
Founded in 2004, AllClear ID is the world leader in Customer Security, providing data breach advisory and response services to businesses that aim to protect their greatest asset: customers. As a trusted partner with more than 10 years of specialized experience in data breach response, AllClear ID has helped thousands of businesses prepare for, respond to, and recover from data breaches, including successfully managing the three largest and most complex breach responses in history. The award-winning AllClear ID team is recognised for its expertise, customer service, and guaranteed deployment of large scale response operations in as little as 72-hours.

AllClear ID has expanded to Europe following its acquisition of Norwegian mobile authentication specialist Encap Security. Their combined expertise helps European businesses comply with the new customer security requirements in GDPR and Payment Services Directive 2.

Find out more: https://www.allclearid.com/business/

About Consult Hyperion
Consult Hyperion is an independent strategic and technical consultancy based in the UK and US, specialising in secure electronic transactions. We help organisations around the world exploit new technology for secure electronic payments and identity transaction services from mobile payments and “chip and PIN” to contactless ticketing and federated identity. Our aim is to assist customers in reaching their goals in a timely and cost-effective way. We support the deployment of practical solutions using the most appropriate technologies and have globally recognised expertise at every step in the electronic transaction value chain, from authentication, access and networks, to transactional systems and applications.

Find out more: http://www.chyp.com

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

::::::::::::::::::::::::::::::::::6733:::::::::::::::::::::::::::::::::;;

:::::::::::::::::::::::::::::925:::::::::::::::::::::::::::::::

TRIO STEEL IS ONE OF THE MOST TRUSTED BRAND AND LEADING EXPORTER AND SUPPLIER OF CARBON STEEL, ALLOY STEEL & STAINLESS STEEL PIPES & PIPE FITTINGS MATERIAL. Triosteel is one of the leading Suppliers and Exporters of API 5L Pipe in Singapore. Triosteel also Exports to many countries like Indonesia, Iran, Saudi Arabia & many more. An API 5L pipe is manufactured by adhering to the specifications laid down by the International Organization for Standardization (ISO) 3183.

2780

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

2781

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

——————————————–

For the 2012 MLB period, we found an totals forecast Joao’s Renowned Over/Under João Zorro Gonçalves, Zcode Totals Pro, System of the time with progressions that have been successful over 98 98% ... We eventually perfected our over/under program ( Zcodesystemexclusive ), although it h-AS has brought years of investigation. Five Steps to Making a Winning MLB Method: 1. Execute appropriate cash management tools. 2. MLB rules that are comprehend. 3.Extensive testing back to make sure successful longterm results ...

——————————————–

There is always a challenge when you're dealing with the Foreign Exchange Market. That's just the nature of the beast. The best thing you can do is to learn about how the market operates as a whole so that you will be ready to meet these challenges. iq option penipu Never be misled by any profit gains in binary options. This is the number-one way traders end up losing their money and ultimately failing. Remember that the same things that make you laugh can make you cry in this market, and you can lose that $700.

——————————————–

Learning Polish has never been this fun and easy as with our podcasts Learn Polish with Polishpod101 Start today and become conversational in Polish in no time

——————————————–

The Best Website Agen Poker Resmi www.sakupoker.com Terpercaya come join

——————————————–

Do you need edmonton phone systems service ? Call complete communications today!

——————————————–

High-tech solutions for easy start-up of your IPTV/OTT-business

——————————————–

——————————————–

If you want to purchase not only one item, you have a chance to enjoy privileges. There is a sale’ tab on the site which offers a fantastic range of reduced counterfeit watches and accessories, such as sunglasses, cufflinks, watch straps and pens. Luxury Jewelry Replica At MCA.MN On Sale You get a 5% discount if you buy two pieces, this discount increases to 10% if you buy 4 pieces or more. There is free international shipping on all orders on this site. We also offer customers a free return anytime with a 100% money back guarantee.

——————————————–