The Impact on Business of the UKs ID Fraud Epidemic
The Impact on Business of the UK’s ID Fraud Epidemic A shocking one in six Britons (16.6%) claim to have experienced some form of identity fraud in the past year, according to a new survey from data value management specialist DQM Group. The study asked respondents if they had experienced credit card or identity fraud in 2007 and then aggregated the results into categories according to gender, age, and regional location. If you are a young professional male living in London, then you are one of the most likely victims.Whilst this is bad news for those concerned, it is much worse for businesses that are connected. They can be hit by:- heavy fines and bad PR in the case of companies that have negligently lost data- the substantial cost of resolving the cases including, perhaps, losing valuable stock- potentially substantial loss of business and brand damage from customers and prospects who may well have experienced considerable hassle from a lack of process to resolve ID Fraud cases quickly and easily.Christine Andrews, Director, DQM Group, commented: “These worrying rates of reported ID fraud underline the need not just for consumers, but also the businesses and public sector organisations that hold their personal details, to be much more vigilant about their data security standards. It’s not just about receiving substantial fines such as the near £1m imposed on Nationwide Building Society from the FSA, but the far greater cost is the damage to brands and vale of customer data – the two most precious assets a company has.“We trust public and private sector organisations with our personal details and expect them to keep this data secure. But several high profile cases last year highlighted the lack of adequate measures in place to protect against data theft, loss and misuse.“Security is being addressed almost exclusively from the point of view of stopping data leaving the organisation and getting into the wrong hands. All organisations should now have in place detailed processes to protect against data theft or loss, however, very few actually undertake regular compliance auditing of these processes or of third parties such as data bureau who manage their valuable data. Recent events have shown time and again that data is stolen and does get lost, so it is equally important that organisations should consider what to do once a data breach has occurred. It is critical for organisations to be able to track, using unique ‘seed names’, whether criminal abuse is happening, so that measures to protect customers and citizens can be escalated immediately. Such tracking mechanisms, and effective central monitoring to identify unauthorised use of records, are only in place in a minority of organisations.”