Bank of Ireland fined €1.6m for failing to report cyber fraud

Bank of Ireland has been fined €1.6 million after failing to report an incident of cyber fraud to Gardaí in September 2014.

€106,000 was paid into an account after the bank took instructions from a fraudster impersonating a client.

Bank of Ireland only informed Gardaí of the incident a year later after being told to do so by the Central Bank.

A Central Bank investigation noted serious deficiencies in how Bank of Ireland handled third party payments and their lack of transparency about the incident misled their inquiry.

In a statement, Bank of Ireland said it regrets the circumstances of the incident and their delayed response in reporting it.

"This issue relates to a fraud incident with a customer which occurred in 2014. Bank of Ireland regrets the circumstances of this incident and the weaknesses in internal controls and procedures that it highlighted.

"As soon as the Bank became aware of the issue we ensured that the customer involved was fully reimbursed.

Relevant authorities

The bank said they regret the approach they took to the investigation and stated that all relevant information should have been disclosed to the Central Bank of Ireland from the outset.

They also addressed the need for stronger controls and policies to be put in place so that something similar does not happen in the future.

Regarding this they said: "Bank of Ireland Private Banking Ltd has been fully integrated into the Bank of Ireland Group in 2017 to further enhance the protection for customers.

"In addition, the Bank has significantly enhanced training for all colleagues on fraud prevention and customer protection. The Bank’s senior management understands the fundamental importance of professional, open and transparent engagement with all regulatory authorities."

Most Read in Business