The Central Bank has fined Appian Asset Management a total of €443,000 and reprimanded it for significant breaches of regulations which resulted in the loss of a client’s funds due to cyber-fraud.
This is the first time the Central Bank has fined a company for the loss of client funds from cyber-fraud as a direct result of a firm’s “significant regulatory breaches and failures”.
The breaches across three regulatory regimes – client asset, anti-money laundering and fitness and probity – have been admitted by the company.
The Central Bank said Appian Asset Management’s regulatory failures left it exposed to a cyber-fraud by a third party which resulted in the loss of €650,000 from a client’s funds.
The client has since been fully reimbursed, it added.
Appian said the issue arose when in 2015 the email account of a client of the firm was hacked and used to give false instructions to Appian to transfer some of the client’s funds (€650,000) to third party accounts in the UK.
Appian itself discovered what had occurred and reported the matter to the Central Bank and the Gardaí, and replaced the funds in the client’s account.
Appian’s chief executive Patrick Lawless…
