Data security is an issue for us all

The case of Nationwide and the stolen laptop stuffed full of client details for which it was recently fined by the Financial Services Authority probably raised a few smiles. There was some satisfaction in seeing a mighty company such as Nationwide brought low.

But it’s a timely reminder that none of us can afford to be complacent when it comes to the security of client data, whether we be lenders or intermediaries.

The spotlight is on treating customers fairly but it easy to forget that not only does the Financial Services Authority’s initiative consist of fair treatment at point-of-sale but also extends to the welfare of clients throughout the business relationship – and that includes the safety of information.

Among wider concerns about the security of client information, the growth of identity fraud is making sure that this will remain a hot topic. According to some sources, identity fraud is the fastest growing and most lucrative of crimes and the ease with which data can be transferred from office computers to laptops and other forms of portable media is already registering as a concern at the FSA and other regulatory bodies. The fine handed down to the Nationwide for failing to have effective systems and controls in place in terms of its customer information must serve as a wake-up call, and no doubt that was what was intended.

Part of the problem for brokers is understanding how much of the data they hold is required for accurate record-keeping and how much should be deleted as far as data protection legislation is concerned.

Before anyone runs away with the idea that this issue does not concern brokers and lenders in the secured loans market, they should think again. Not only is this an issue that affects everyone but the handling and security of client information should be as much a priority for secured loans practitioners as it is for FSA-regulated mortgage intermediaries.

Many advisers in the field of secured loans are already compulsorily regulated and will no doubt have taken note of the FSA’s stance. But for everyone else, I recommend that you look carefully at establishing a proper risk management system for looking after client information. Don’t wait for the retrospective purge that will come, whether compulsory regulation becomes a reality or not.