UK banks deny planning database of sacked staff

Are British financial institutions considering sharing information about employees who were dismissed for abusing data?

The British Bankers Association (BBA) has hit back at reports that it is developing a database to share details of staff that have been fired for misuse of data.

It was reported on Monday that the BBA plans to follow in the footsteps of the Bits Consortium — a group of 100 large US-based financial organisations — which is developing a database to store with details of staff dismissed for offences such as exposing customer data or knowingly causing financial loss.

The information could be used to prevent individuals from re-offending elsewhere, the Bits Consortium said last week.

But speaking to ZDNet UK on Monday, the BBA insisted it has no plans to develop such a system.

"We are not looking to develop a database, we are looking at all options to counter e-fraud and review the recruitment process," a spokesman for the company said.

Technology news magazine IT Week reported this week that the BBA had said that "discussions are under way to share [details] of employees who have left due to any kind of dismissal".

The BBA did reveal that it is currently in discussions with its members about different ways to tackle e-fraud and is looking at an overhaul of its recruitment process to cut down on data misuse at work. "I'm not sure where these reports have come from but they're not accurate," he added.

IT Week said on Tuesday that it was standing by the story, rejecting the suggestion that the quote was incorrect.

The database being developed by the Bits Consortium will list information on employees at financial institutions who were fired because they compromised customer data or knowingly caused financial losses, the group said.

This blacklist comes at a time when financial institutions are coming under growing attack from organised criminals, some of whom launch phishing attacks to try and persuade customers to reveal their account details.

The Federal Financial Institutions Examination Council recommended earlier this month that banks introduce multiple-factor authentication by the end of 2006, in an attempt to fight phishing. Lloyds TSB said last month that it is trialling such a device.

Reports of insiders attacking financial services systems are on the increase. In a 2004 Deloitte survey of IT security in the industry, 35 percent of companies said they had come under an attack from an internal source — up from 14 percent in 2003.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All