The LLB Group not only thinks digitally, it also gives intensive consideration to the new risks that digitalisation brings with it. For example, personal data – and therefore access to services – are increasingly stored and interlinked in cyberspace. The constant modification of our security infrastructure, as well as monitoring and analysis systems, together with the training of our staff, forms the essential basis for the comprehensive protection of the information we are entrusted with.
Fraud detection system
In full awareness of how vitally important the security of systems and data is, we have designed the future software architecture accordingly. Using autonomous systems, we strictly separate public from personal data. At the same time, we deploy photoTAN authentification, which ensures the highest level of security. Working together with a technology partner, we have in addition developed a very broad-based fraud detection system to counteract internal and external threats.
Information processing systems, which ensure confidentiality, availability and integrity, provide protection against threats and dangers, help prevent damage and minimise risks. The LLB Group’s data centre has one of the highest security standards in the world (see chapter “Responsibilities for society and the environment”).
Dealing responsibly with client data and information is an integral part of LLB’s corporate culture. The Group Information Security Department formulates, implements and maintains our information security programme. The principles and guidelines on which this is based are stipulated in directives that are binding throughout the Group.
Increasingly stringent legal provisions provide guidelines for data protection. In 2016, the Group Information Security Department received no alerts from the persons responsible for data security in the Group companies. We are bound by the laws and the regulatory provisions in Liechtenstein, Switzerland and Austria, as well as the specific regulations and circumstances in our target markets.
In 2016, the LLB Group introduced the latest Swiss standards for dealing with risks in connection with electronic client data. This included the documentation and classification of client identifying data (CID), the cataloguing of data storage locations and data access, as well as risk controlling by means of a structured process. Switzerland is currently preparing a revision of the data protection law, which will bring it into line with EU legislation.
In the European Union the EU data protection basic regulation came into force on 24 May 2016. This must be applied by 25 May 2018. Thanks mainly to the new transparency and information obligations for companies, substantially stronger protection will be provided. LLB will implement the necessary organisational and technical measures, prepare group-wide rulings and train its staff accordingly.