I only wish you were right.....
they're "affiliates" to a major overseeing group, who effectively act as proxies for the FSAs oversight. Its that group who are insistent - and I've been through their paperwork, its totally unambiguous. Total hard drive enncryption of every physical drive - even the recovery partitions (obviously thats not going to be possible on many, but thats what they want)
And as for the backups, that can only be with a company thats undergone full due diligence. Irrespective of whether the data is encrypypted