Buy-now-pay-later (BNPL) quadradecacorn Klarna has officially found itself in the Swedish financial watchdog’s crosshairs following an epic privacy blunder. The news comes as the fintech attempts to wash away a reputation of putting users’ financial wellbeing at risk.
Finansinspektionen has formally opened an investigation into the $45.6bn fintech in regards to a cybersecurity incident that enabled 9,500 users to see other users’ account details when they logged into the app.
“[Finansinspektionen] will investigate whether Klarna has violated bank secrecy in connection with an IT incident in May where the bank’s customers were able to access information about each other for a limited time,” the financial markets regulator said in a statement.
The new Klarna investigation will add to an ongoing probe into Klarna’s compliance efforts in terms of its cybersecurity and data privacy structures. The original investigation launched in April 2021.
Klarna told Reuters the probe “was very much expected as part of our regular dialogue with the Swedish FSA and as always we approach this with full cooperation and transparency.”
“Trust is at the very core of Klarna and banking,” Sebastian Siemiatkowski, CEO and founder of Klarna, wrote about the incident. “This is why we are sad and frustrated to inform you of a self-inflicted incident, that for 31 min affected not more than 9,500 of our app users. The bug led to random user data being exposed to the wrong user when accessing our user interfaces. It is important to note that the access to data has been entirely random and not showing any data containing card or bank details (obfuscated data was visible).”
The data security kerfuffle occurred just hours after rumours about a new funding round began to make the rounds. At the time it was unclear if the bug would throw a monkey wrench into the process. However, it turns out it didn’t. In June, Klarna secured a $45.6bn valuation on the back of a $639m SoftBank-led investment round.
Finansinspektionen’s Klarna Investigation comes after its general director, Erik Thedéen, underscored how the fintech is subject to the Swedish financial markets regulator’s second-highest level of scrutiny.
Thedéen said the markets watchdog will scrutinise Klarna’s reliance on venture capital, investigating if it means the fintech doesn’t reach the level of rigour expected from a bank.
Klarna has, on its part, been hard at work lately trying to make the case that it is a trustworthy financial services company after the BNPL sector at large faced criticism for potentially hurling customers into overwhelming debt.
In the UK, a spokesperson has told Verdict that the company’s default rate “is well below 1% which is much better than credit cards and demonstrates that people use our products sustainably.”
In Sweden, Klarna recently launched the site Wikipink in an attempt to refocus the debt debate, arguing that traditional credit companies are more to blame for ruining lives than what ecommerce companies like Klarna are.
The BNPL sector is growing tremendously at the moment. Recent GlobalData thematic research estimates that the worldwide BNPL sector will be worth $166bn by 2023. Other significant players in the industry include Afterpay, PayPal and Zilch.