Regulatory Fines & Penalties

blue padlocks with one red open padlock

July 7, 2021

Today, many businesses rely on third party platforms to help with card payments and accounts settlement, leaving them vulnerable to attack from malicious actors.

In this month’s Cyber Blog from MGAM, we look at how the MGAM Cyber Policy could provide support when you need it most.

What happened?

The Insured operates as financial advisors. 

Over a weekend, the Insured discovered that a large number of files were deleted. 

Upon further investigation, it was determined that bad actor(s) gained access to the Insured’s system and remained in their system, undetected, for 2 months and were only detected when they deleted the files. 

The Insured then received reports from clients who had been subjects of identity theft.

Where is this covered?

Regulatory Fines, Penalties and Costs is an insured event under the Insuring Clauses of the MGAM Cyber policy.

Coverage intent

Where a regulator brings an investigation against you alleging a breach of privacy regulations or the failure to protect any personal data or confidential information, the policy will pay the costs incurred in defending such an action as well as any resultant fines and penalties you are legally liable to pay.

What was the outcome of the claim?

A panel IT vendor was appointed by the Insured to perform an urgent forensic investigation of the Insured’s systems and a panel law firm advised the Insured of their notification requirements. 

Credit monitoring and ID theft protection was also offered to affected clients of the Insured by a panel vendor.

A financial regulator initiated an investigation into the notified incident and the panel law firm continued to advise the Insured with their responses.  A small number of the Insured’s employees have received Official Notices to appear at an examination, with the panel law firm continuing to advise.

The estimated costs in remediation costs and investigating and defending the regulatory action are GBP35,000.