The First-tier Tribunal recently upheld a fine levied on a claims management company (CMC) by the Claims Management Regulator for data breaches relating to mis-sold payment protection insurance (PPI) claims.
The £91,000 fine was imposed on Hall and Hanley Limited (H&H) by the CMR under the previous regulatory regime for CMCs. Regulatory functions have since been taken over by the Financial Conduct Authority (FCA), which conducted the tribunal.
Earlier this year, the CMR found that H&H sent marketing text messages concerning PPI claims to consumers’ mobile telephone numbers without taking sufficient steps to check whether affected consumers had consented to receiving such messages.
In addition, when reviewing a sample of 16 of H&H’s client files, the CMR found that, in eight of the files, clients’ signatures on claim documentation (including letters of authority) had been copied without authorisation.
“The failure by Hall and Hanley to take previous advice and warnings from the former claims management regulator and the firm’s repeated use of consumer data and customer signatures without their consent are clear examples of a firm falling short of the standards we expect,” said Mark Steward, executive director of enforcement and market oversight at the FCA. “The decision by the Tribunal to uphold the findings of the CMR is another important message to industry that firms must conduct all business with integrity and due care, skill, and diligence.”