Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Top Stories

Posted By Gbaf News

Posted on May 26, 2017

GDPR: IS FINANCIAL SERVICES READY/NEW LAWS FORM STRUCTURED & COMP BASIS FOR BEST PRACTICE DATA MANAGEMENT

12 month countdown to GDPR

With just 12 months left before the European Union’s (EU’s) General Data Protection Regulation (GDPR) becomes law, preparations are top of mind for marketing, compliance and governance teams in the financial and professional services sector.
The regulation, which covers data protection, as well as eye-watering penalties for non-compliance, means making sure your organisation is compliant.  How far is the financial services sector ready for GDPR and what are some of the difficulties that lay ahead?

  • In terms of data protection and data security measures, Financial Services organisations are mainly GDPR-ready as the industry has already had to go far beyond the regulatory standards that are currently in place. And it’s much the same story for banks too, with most organisations having data security to the ninth degree
  • A key difference between how the industry currently operates and how it will have to comply with GDPR is the way you gain consent from customers – which is more a legality issue than about protection.   For example, theneed for opt-ins, rather than opt-outs means that everyone being sent information (although maybe a much reduced number) will be interested in your content – a real positive for all concerned
  • One of the main difficulties with GDPR is a customer’s ‘right to be forgotten’, which is slightly complex and contentious. There must be a way of removing customer data from systems wholly and completely, when asked, which is difficult as applications have not been built with this in mind, as it was never a requirement before.  However, conflicting obligations makes this process difficult, with the directive saying customers have a ‘right to be forgotten’, but as a business you need to keep records for seven years, for audit purposes.  It will be interesting to see which one wins out
  • Liability is an important consideration, and depends who you’re actually storing data for (consumers or businesses) and where those businesses are based, i.e. UK or elsewhere in Europe
  • And what about post-Brexit?  Financial services firms in the UK will need to compete with the rest of Europe.  So, the UK Government must confirm that it will continue to use GDPR as standard and that its own laws are as stringent, or more so, than those laid down in GDPR

Although some of the GDPR requirements may seem onerous, there are many positives that should result from these regulatory changes, with new requirements forming a structured and comprehensive basis for best practice data management:  There will be far less ‘wastage’ in marketing as a result of the need to ‘opt-in’ rather than ‘opt-out’; and firms that produce engaging content and relevant material will steal a march on less disciplined competitors.

Putting individual responsibility at the heart of firms’ conduct
Last month, the FCA released its business plan for 2017/2018, with accountability and governance in the financial services sector being a key priority – putting individual responsibility at the heart of firms’ conduct, making managers and senior staff more accountable for the ethical stance & governance of their firm 

The key aims of the Senior Managers & Certification Regime (SM&CR) are to strengthen individual accountability at the most senior levels of relevant firms and improve their standards of conduct at all levels.  We expect firms and their senior managers to apply the spirit, as well as the letter of the regime…The SM&CR provides clarity for both firms and regulators about each senior manager’s responsibilities.  We will continue to use firms’ responsibilities maps and individual senior managers’ statements of responsibilities throughout the regulatory lifecycle…These tools will further help us to identify and assess key senior individuals’ management and governance arrangements…We will consult on the accountability regime for all FSMA firms in 2017, and complete our preparation to implement the regime from 2018…(Source: FCA Business Plan 2017/2018) 

“FCA research, since the regime’s introduction has shown that although there’s been strong progress in terms of firms adopting a culture of individual accountability there’s still evidence of overlapping or unclear allocation of responsibilities. At some firms, responsibility is shared among staff at different levels of management, obscuring who is genuinely responsible. Firms are on the right track but it’s an ongoing journey.  The shift in the regulator’s approach from prescribed rules to an expectation of good governance is fundamental, together with the need for cultural compliance and a strong emphasis on in-built ethics, rather than draconian oversight and penalties.  Evidence shows that companies viewing regulatory compliance as a tick box exercise are most at risk of falling foul of the FCA requirements.   Building-in a culture of compliance, where managers take responsibility and where ‘doing the right thing is the default’, will stand companies in good stead.”

Recommended for you

  • Bridging Distances: The 2025 Global Telecom Award

  • Inflation Dynamics and Economic Cycles in the European Union

  • Economic Growth and Development Trends in African Countries