Lloyds apologizes for sending statements of customer retail investors

Unlock the digestive of free editor

Roula Khalaf, the FT editor, chooses her favorite stories in this weekly newsletter.

Lloyds Banking Group has apologized after mistakenly sent a client hundreds of information pages about other client investments.

His business consumer for retail, Lloyds Bank Direct Investment, received a package sent to his home address through first -class post in December which contained banking statements showing names, addresses and portfolio movements of a dozen other clients.

The package also contained information about its portfolio. Most documents traced the investment movements of others over time, and included a portfolio worth more than £ 5m.

The apology from Lloyds came after the client who received the package filed a complaint to the bank for data violation.

In an email to the client, a representative of a Lloyds’ leeds branch said the incident had occurred due to “human error”.

“Before we send our quarterly statements, we make an internal statement to ensure accuracy.

“Unfortunately, when the package was taken to our office, a staff member opened it and found your statement at the top.

The representative also said that a violation of the UK data protection rules “has been set up to fully investigate this incident.” Personal data violations that complement the reporting threshold must be notified at the Office of the Information Commissioner, the Supervisor of Intimacy in the United Kingdom, without unfair delay, and within 72 hours of the violation.

The customer who received the package also reported the data violation to the ICO. Lloyds did not confirm if he had reported the violation.

In the same email, Lloyds offered to pay the £ £ 300 client in compensation for the “disturbance and concern” caused, which he said would be “in the full and final solution” of the complaint.

Lloyds told Financial Times: “We take our data protection responsibilities seriously and regret that a client also received statements by some other clients in the post due to human error.

“Our process was changed in December last year when this happened to make sure this does not happen again.”

A person familiar with Lloyds’ approach said the affected customers were being contacted to inform them that their data had been violated. Lloyds did not confirm whether he had proactively contacted them before FT contact the bank for violations.

The ICO has the power to investigate complaints, rebuke companies and issue a fine.

In 2013, it issued a fine of £ 75,000 for the bank owned by Scotland Lloyds after discovering that the lender had repeatedly sent faxes that included client details for the wrong recipients.

Unlike data involving information about characteristics, including race, ethnic origin, genetics, religion and sexual orientation, financial data is not automatically classified as sensitive data or “special categories” according to the UK data protection rules.