The UK’s Financial Conduct Authority (FCA) has fined Equifax a smidge over $13.6 million for severe failings that put millions of consumers at risk of financial crime. From a report: The regulator branded the entire debacle “entirely preventable” — from Equifax’s failure to promptly notify regulators to the way in which it misled the public over the severity of a security breach back in 2017. The original fine should have been greater; the true sum was $19,428,836 but the company received a 30 percent discount for agreeing to the penalty early into the proceedings. It also received a 15 percent credit for good behavior during the investigation.
After first opening the investigation in 2017, the FCA’s fine comes after the ICO wasted less time imposing a penalty of $609,092 in 2018. “Cybersecurity and data protection are of growing importance to the security and stability of financial services,” said Jessica Rusu, FCA chief data, information, and intelligence officer. “Firms not only have a technical responsibility to ensure resiliency, but also an ethical responsibility in the processing of consumer information. The Consumer Duty makes it clear that firms must raise their standards.”
