Sweden’s FI closes cybersecurity investigation into Klarna
Sweden’s financial supervisory authority FI today announced the completion of its investigation into Klarna Bank AB in relation to an IT incident that occurred on 27 May 2021.
FI investigated whether Klarna had violated bank secrecy rules in connection with the IT incident. Due to the IT issues, for a limited time, the bank’s customers were able to access information about each other. The probe was added to an earlier investigation that FI is conducting into Klarna’s work with information and cyber security.
Bank secrecy is a central part of banks’ operations, the regulator explains. Bank customers must know that their information is secure and banks have a major task in always protecting the privacy of their customers.
On May 27, 2021, an IT incident occurred at Klarna where the bank’s customers could access information about each other for a limited period. FI had therefore decided to investigate whether the incident constitutes a breach of bank secrecy rules.
FI has found certain shortcomings in Klarna’s management of risks in the area. FI has also seen some shortcomings in fulfilling the so-called duty of confidentiality in connection with the incident.
In view of the nature and extent of the deficiencies and the measures Klarna has implemented to rectify the deficiencies, the regulator will not take any further measures as a result of the investigation. The case will be closed.