i-law

Compliance Monitor

Tesco Bank fined £16.4m for “largely avoidable” cyber attack

By Neasa MacErlean

Mistakes committed by the Financial Crime Operations Team at Tesco Bank during the November 2016 cyber-attack compounded deficiencies in its debit card design and financial crime controls – prompting a £16.4 million fine from the regulator. The breach was serious enough to warrant a £33,562,400 penalty, but the FCA granted an initial 30 per cent discount for Tesco Bank’s high level of cooperation, halting a large proportion of unauthorised transactions and comprehensive redress programme, plus the usual 30 per cent reduction for early settlement.

The rest of this document is only available to i-law.com online subscribers.

If you are already a subscriber, click Log In button.

Copyright © 2025 Maritime Insights & Intelligence Limited. Maritime Insights & Intelligence Limited is registered in England and Wales with company number 13831625 and address 5th Floor, 10 St Bride Street, London, EC4A 4AD, United Kingdom. Lloyd's List Intelligence is a trading name of Maritime Insights & Intelligence Limited.

Lloyd's is the registered trademark of the Society Incorporated by the Lloyd's Act 1871 by the name of Lloyd's.