The patchwork of breach notification laws that now exist in 47 US states, provide a great deal of exposure for financial institutions. These laws prioritize the security of financial information, and in the event of a data breach, require costly internal investigations, significant expenses on outside vendors, and ultimately, notification to the public. In addition to these state laws, banks and other financial institutions have many unique data protection obligations under the Graham Leach Bliley Act, the Fair Credit Reporting Act and the regulatory expectations of the Federal Trade Commission. Credit unions must also follow the data security requirements imposed by the National Credit Union Administration.

The publicity and customer dissatisfaction that surround a data breach have spurred a wave of class action complaints against financial institutions big and small. Enterprising plaintiffs’ lawyers relying on a variety of privacy laws have filed complaints seeking billions of dollars in damages. The risk of crippling damages, and the sizeable costs of litigation, often push organisations to settle even in the absence of any clear harm to the plaintiffs.

State and federal regulators have made one point clear: a significant breach of customer information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether from the Federal Trade Commission or state attorneys general, the regulatory landscape for financial institutions carries an immense amount of risk.

In addition to covering your business, BBR also protects your partners though third party coverage.  Third party coverage includes:

• Third party information security and privacy coverage with up to $15M in limits in addition to the breach response coverage
• Regulatory defense and penalties
• Website and offline media liability
• PCI fines, penalties and assessments
• Cyber extortion
• First party business interruption and data protection with limits up to $15 million.

Beazley, a leading insurer of technology and information security risks, has developed Beazley Breach Response (BBR), a solution to privacy breaches and information security exposures tailored to the needs of financial institutions. BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected data breach incident effectively, efficiently, and in compliance with the law. Beazley understands the maze of data protection regulations faced by financial institutions; we have helped many financial institutions with data breaches related to network intrusions, lost and stolen laptops, inadvertent postings of customer social security numbers on web pages and rogue employees stealing customer information.