The UK Financial Services Authority (FSA) has fined Zurich Insurance UK £2.275 million ($3.98 million) for losing client data.

Zurich lost the personal details of 46,000 general insurance customers including their bank account and credit card information, insured assets and security arrangements.

The UK insurer had outsourced some data processing to its associated South African business, which subsequently lost an unencrypted back-up tape of client details.

And while Zurich was paying the fine, a spokesman confirmed to insuranceNEWS.com.au that it had a second problem with its UK data processing centre.

“The incident, which happened some months ago, involved an unfortunate mis-mailing of a very small number of renewal packs being sent to customers rather than to their broker,” a Zurich UK spokesman said.

“It was about 30 [packs] from a daily print run of 13,000 which are done hundreds of times a year.”

The spokesman says the packs went out without the broker covering letter and contained only basic customer details and no financial information.

“We’ve spoken to all the brokers and are communicating to those customers involved,” she said.

The fine for the South African incident is a record for a UK financial services company involved in losing data, a FSA spokesman told insuranceNEWS.com.au.

However, Zurich did get a 30% discount on the fine for co-operating with the authorities. Otherwise it would have had to pay £3.25 million ($5.69 million).

FSA Director of Enforcement and Financial Crime Margaret Cole says Zurich failed badly managing its customer data.

“It failed to oversee the outsourcing arrangement effectively and did not have full control over the data being processed by Zurich SA,” she said.

“To make matters worse, Zurich UK was oblivious to the data loss incident until a year later.”

Zurich Insurance UK CEO Stephen Lewis says the company has commissioned a review by KPMG of its data-handling and security procedures.