Comparison Overview

NatWest Group

VS

Santander

NatWest Group

175 Glasgow Road, Edinburgh, Scotland, GB, EH12 9BH
Last Update: 2026-04-02
View Profile
Between 800 and 849
https://jobs.natwestgroup.com/

We’re the bank that turns possibilities into progress. We understand our customers, their worlds, and what matters to them. We help them see the opportunities and navigate a rapidly changing world. And we’re simplifying our business so that we can anticipate our customers’ needs and react to them quickly. Our business is UK centred and covers retail, commercial and private banking customers, with more offshore and further afield. Our services bring together our people’s incredible specialist knowledge with a sense of innovation, and carefully designed technology-driven journeys. As one of the leading supporters of UK business, we’re using enterprise as a force for change. We’re focusing on the people and communities who have traditionally faced the highest barriers to entry and figuring out ways to remove them. That includes learning and education, whether directed at young people or building financial confidence in adults. And by fostering a leading learning culture in our business, our people also prosper.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 43,784
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Santander

Avenida de Cantabria S/N, Boadilla del Monte, 28660, ES
Last Update: 2026-03-31
Between 750 and 799
https://www.santander.com

Banco Santander (SAN SM, STD US, BNC LN) is a leading commercial bank, founded in 1857 and headquartered in Spain and one of the largest banks in the world by market capitalization. The group’s activities are consolidated into five global businesses: Retail & Commercial Banking, Digital Consumer Bank, Corporate & Investment Banking (CIB), Wealth Management & Insurance and Payments (PagoNxt and Cards). This operating model allows the bank to better leverage its unique combination of global scale and local leadership. Santander aims to be the best open financial services platform providing services to individuals, SMEs, corporates, financial institutions and governments. The bank’s purpose is to help people and businesses prosper in a simple, personal and fair way. Santander is building a more responsible bank and has made a number of commitments to support this objective, including raising €220 billion in green financing between 2019 and 2030. In the first quarter of 2024, Banco Santander had €1.3 trillion in total funds, 166 million customers, 8,400 branches and 211,000 employees.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 141,634
Subsidiaries: 24
12-month incidents
1
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/natwest-group.jpeg
NatWest Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/banco-santander.jpeg
Santander
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
NatWest Group
100%
Compliance Rate
0/4 Standards Verified
Santander
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

No incidents recorded for NatWest Group in 2026.

Incidents vs Banking Industry Average (This Year)

Santander has 50.0% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incident History — NatWest Group (X = Date, Y = Severity)

NatWest Group cyber incidents detection timeline including parent company and subsidiaries

Incident History — Santander (X = Date, Y = Severity)

Santander cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/natwest-group.jpeg
NatWest Group
Incidents

No Incident

https://images.rankiteo.com/companyimages/banco-santander.jpeg
Santander
Incidents

Date Detected: 2/2026
Type:Breach
Attack Vector: Stolen credentials, Infostealer malware
Motivation: Financial gain
Blog: Blog

Date Detected: 11/2024
Type:Breach
Blog: Blog

FAQ

NatWest Group company demonstrates a stronger AI Cybersecurity Score compared to Santander company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Santander company has historically faced a number of disclosed cyber incidents, whereas NatWest Group company has not reported any.

In the current year, Santander company has reported more cyber incidents than NatWest Group company.

Neither Santander company nor NatWest Group company has reported experiencing a ransomware attack publicly.

Santander company has disclosed at least one data breach, while NatWest Group company has not reported such incidents publicly.

Neither Santander company nor NatWest Group company has reported experiencing targeted cyberattacks publicly.

Neither NatWest Group company nor Santander company has reported experiencing or disclosing vulnerabilities publicly.

Neither NatWest Group nor Santander holds any compliance certifications.

Neither company holds any compliance certifications.

Santander company has more subsidiaries worldwide compared to NatWest Group company.

Santander company employs more people globally than NatWest Group company, reflecting its scale as a Banking.

Neither NatWest Group nor Santander holds SOC 2 Type 1 certification.

Neither NatWest Group nor Santander holds SOC 2 Type 2 certification.

Neither NatWest Group nor Santander holds ISO 27001 certification.

Neither NatWest Group nor Santander holds PCI DSS certification.

Neither NatWest Group nor Santander holds HIPAA certification.

Neither NatWest Group nor Santander holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References