The UK Financial Services Authority (FSA) announced that it has fined HSBC almost £3.2 million in respect of data security breaches by three of the banks' units. HSBC Life UK Limited was fined £1,610,000, HSBC Actuaries and Consultants Limited was fined £875,000 and HSBC Insurance Brokers Limited was fined £700,000. The three firms are wholly owned subsidiaries of the HSBC Group of companies.

This is the largest fine ever imposed by the UK's financial regulator for data breach violations. The fine would have been higher but it was discounted by 30% because HSBC agreed to settle early during the FSA's investigation.

The FSA imposed the fine pursuant to section 206 of the Financial Services and Markets Act 2000 (the Act) in respect of breaches of Principle 3 of the FSA’s Principles for Businesses. Principle 3 of the FSA’s Principles for Businesses states that:“A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems.”

Please see full update for more information.