The Information Commissioner’s Office (ICO) has issued a fine under a law brought in to stop scammers defrauding people out of their pensions.
Swansea company CPS Advisory Ltd was fined £130,000 for making more than 100,000 unauthorised direct marketing calls to people about their pensions.
The law changed in 2019 to limit who can call people about their pensions.
Andy Curry, ICO Head of Investigations, said:
“Unwanted pension calls can cause real distress and even significant financial hardship to often vulnerable people, who can end up losing their hard-earned pension pot to scammers.
“This company clearly flouted the law when they should have known better. Businesses making direct marketing calls are responsible for understanding their responsibilities under the legislation, ignorance is no excuse.”
Under the new law, companies can only make live calls to people about their occupational or personal pensions if:
- the caller is authorised by the Financial Conduct Authority (FCA), or is the trustee or manager of an occupational or personal pension scheme, and
- the recipient of the call consents to calls, or has an existing relationship with the caller.
The change to the Privacy and Electronic Communications Regulation (PECR) which covers marketing calls, phone and texts in January 2019, was to prevent people falling victim to scams, most of which are carried out through nuisance calls, and potentially losing their pensions.
The Economic Secretary to the Treasury, John Glen, said:
“Pensions cold calls are the most common method used to initiate pension scams, which can rob people of their hard-earned savings and ruin lives. That’s why we banned them. Today’s fine should act as a warning to others that pensions cold calling is unacceptable, and those found flouting the rules will be held to account.”
Under the PECR, businesses and their officers can face a fine of up to £500,000 from the ICO.
During its investigation, the ICO found that between 11 January 2019 and 30 April 2019, the company had made 106,987 calls to people without lawful authority.
The ICO found that the company was not a trustee or manager of a pensions scheme, was not authorised by the FCA and the evidence that it provided did not satisfy the ICO that valid consent had been obtained.
The Information Commissioner decided that this represented “a significant intrusion into the privacy of the recipients of such calls”.
- The Information Commissioner’s Office upholds information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
- The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003.