December 9, 2022

FSA fines reach shocking all time high. Here’s why

The public’s view of the Financial Service Authority is that their lack of control is at least partially responsible for the severity of the recent debt crisis. This may be one of the reasons the newly formed Financial Conduct Authority (FCA) is taking a more active role in managing regulated companies. As regulations catch up with technology in the health, social care, legal and financial fields, all now have within the compliance frameworks the requirement to demonstrate proper controls over the security and privacy of client data. And as computers are the lynchpin of communications, assets and information systems companies must demonstrate that client services will not be impaired due to ineffective business continuity and disaster recovery planning.

The regulatory authorities are also keen to demonstrate that they will act and fine those organisations that have failed customers as a consequence of poor compliance or alternatively, in extreme cases remove their licence to operate altogether.

With regard to financial institutions in particular, last week the Financial Conduct Authority, the newly formed offshoot of the FSA announced that in 2012/13 it levied a record £400m fines on financial organisations . These included fines around the now famous LIBOR rigging and unauthorised trading, but also concerning poor business management, record keeping and failure to comply with data regulation. The regulator also banned 24 individuals, publicly censured 12 firms, and cancelled a number of Part IV Permissions.

This represents a 450% increase on the year before and came on top of the arrival of the new Financial Conduct Authority (FCA) which has been created to tighten and enforce financial service regulation. 

As a consequence of tightened controls many regulated organisations are examining their data protection policies and infrastructure.  This process goes beyond core data backup and security to now include business continuity, disaster recovery and data archiving. As it is no longer good enough to backup data, but to prove you can access data and systems with very little downtime, many companies are now testing their ability to look after data and finding them wanting. Findings include:

  1. Tape backup takes too long and cannot be confined to taking place out of hours, disrupting normal operations,
  2. Backups that fail to restore when tested
  3. An inability to continue operations within an appropriate timeframe if there is a major systems or disk failure
  4. No realistic ability to retrieve archived data to meet statutory requirements of up to 7 years in some cases
  5. No contingency to continue business operations if there is a major disaster

Marcie Terman, CEO of DATAFORT, a specialist in data protection and regulation compliance commented “in the last few months we have had seen a significant rise in the number of new customers from organisations wanting to review and upgrade their existing data protection capability following visits from compliance officers or internal reviews.”


DATAFORT provides dependable and secure data protection services that offer enterprise-level functionality with a focus on security and reliability. Its software and services are used by thousands of organisations worldwide, ranging from SMBs through to large enterprises and local government departments. Every hour of every day someone, somewhere backs up with DATAFORT. The company was founded in 2000, is headquartered in Guildford, UK and has offices in London and New York. For further information please visit or call 0800 45 44 35.Guildford, UK and has offices in London and New York.

Press and analyst contacts:

Nabeel Qureshi
01483 872 052