The UK Financial Services Authority has fined Norwich Union Life, GBP1.26 million for not having effective systems and controls in place to protect customers' confidential information and manage its financial crime risks.

These failings resulted in a number of actual and attempted frauds against Norwich Union Life’s customers. During its investigation, the Financial Services Authority (FSA) found that Norwich Union Life had failed to properly assess the risks posed to its business by financial crime, including fraudsters seeking to obtain customers’ confidential information.

Norwich Union Life also failed to address the issues, highlighted by the frauds, in an appropriate and timely manner even after they were identified by its own compliance department. The failings happened at a time of increasing awareness across the UK about the importance of information security.

Norwich Union Life has agreed to settle at the early stage of the FSA’s investigation and qualified for a 30% discount under the FSA’s executive settlement procedure – without the discount, the fine would have been GBP1.8 million.

Margaret Cole, director of enforcement at FSA, said: Norwich Union Life let down its customers by not taking reasonable steps to keep their personal and financial information safe and secure. It is vital that firms have robust systems and controls in place to make sure that customers’ details do not fall into the wrong hands. Firms must also frequently review their controls to tackle the growing threat of identity theft.