A number of UK banks have been found to be in breach of the country's Data Protection Act (DPA) following complaints about the disposal of customer information.
The Information Commissioner's Office (ICO) has named 12 financial institutions that have left personal information in rubbish bins outside their premises.
An ICO spokeswoman said: "Carelessly disposing of customer information does leave customers open to ID fraud."
She added all 12 organisations have now signed an undertaking to comply with the principles of the DPA.
Deputy information commissioner, David Smith, said it is unacceptable for banks and other organisations to be so careless and it's vital they take security seriously.
He added in a statement: "If they do not, they not only risk further action from the Information Commissioner but also risk losing the trust of their customers."
The 12 organisations named are Alliance & Leicester, Barclays, Clydesdale Bank, The Co-operative Bank, HBOS, HFC Bank, Nationwide Building Society, Natwest, the Post Office, Royal Bank of Scotland, Scarborough Building Society and United National Bank.
The ICO used evidence gathered from a variety of sources including a recent BBC Watchdog documentary and customer enquiries.
