The Information Commissioner’s Office (ICO) handed out a record number of fines to companies in January, with financial services firms accounting for almost half of them, suggesting that pressure is being ramped up ahead of the incoming General Data Protection Regulation (GDPR).
Nine separate companies were given penalties by the independent authority in the first month of the year – the highest for any one month, according to analysis by The SMS Works. Fines were issued for all of the main types of offences that the ICO oversees, including email spam, SMS spam, nuisance calls and data protection breaches, the research revealed.
Search and compare product listings for insurance against Damages and Fines from specialty market providers here
“The ICO say they won’t hand out huge fines on day one after GDPR kicks in, but January has been a record-breaking month for fines,” Henry Cazalet, director of The SMS Works, told Insurance Business.
“As well as the highest number of fines given in any month, the total in monetary penalties reached a new high of £1.7 million. For context, a total of £4.9 million was raised in the whole of 2017.
“This new record represents an increase of 312% above the average monthly figure for 2017.”
Financial services firms received 44% of the fines dished out in January – potentially troubling news for the already-worried insurance sector ahead of the GDPR’s arrival on May 25, 2018.
Earlier this month, insurer Ecclesiastical found that 77% of UK brokers believe the new EU regulation will have a negative impact on them, with business efficiency, profitability, growth and customer relationships all identified as areas of concern.
Global law firm Clyde & Co has also warned that many businesses within the insurance sector will likely miss the General Data Protection Regulation (GDPR) compliance deadline due to a lack of adequate preparation.
“The fines data should act as a wake-up call to all companies and organisations that process and handle consumer data,” Cazalet said.
“The clock is ticking and companies that haven’t done so already, need to urgently address data security before the deadline.”