Bank of Ireland starts first share buyback since 2004

Bank fined €463,000 by the Data Protection Commission over reporting errors on loans

Bank of Ireland said on Wednesday that it will buy back up to €50 million of its shares over the next seven weeks in its first stock repurchase programme since 2004, before the financial crash.

The group, led by chief executive Francesca McDonagh, said that it has hired UBS to carry out the share buying on its behalf. The programme will end no later than May 25th, with the maximum number of shares to be repurchases set at 50 million.

The bank said in late February, as it revealed full-year results, that it planned to spend €50 million buying back its own shares, in addition to a €50 million dividend, after the lender returned to profit last year as it released some of its Covid-19 loan loss provisions and costs declined.

The bank reported a net profit of €1.05 billion for 2021, compared to a loss of €707 million for 2020. The planned return of dividends, subject to shareholder approval, comes after two years of non-payments to shareholders as banks conserved capital during the pandemic amid an effective ban from regulators on payouts.

Data fine

News of the buyback comes as it has emerged that Bank of Ireland was fined €463,000 by the Data Protection Commission, after an investigation found 47,000 customer accounts was accidentally altered in such a way it could have damaged their credit ratings and prevented them getting loans.

The DPC found Bank of Ireland breached a number of articles of the General Data Protection Regulation (GDPR), which is the EU’s law on data protection and privacy, in relation to inaccurate information the bank sent to the Central Credit Register.

Between November 9th 2018, and June 27th 2019, the DPC received 22 breach notifications from Bank of Ireland in relation to the “corruption of information” the bank was sending to the Central Credit Register. In total, 19 of these incidents met the definition of “personal data breach” under GDPR.

In some cases, incorrect data was added to a customer’s file to indicate they were “in financial distress” when they weren’t.

“The initial breach notification said one individual was affected but it ultimately transpired approximately 47,000 data subjects were affected by this breach,” the DPC said.

It took BOI over a year and a half from the date of first becoming aware of the breach to provide the DPC with a final update on the number of individuals affected, the regulator added. Some 27,400 mortgage accounts were affected by the error.