British regulator FCA addresses questions on data rules, GDPR
08 Feb 2018

The Financial Conduct Authority (FCA) and Information Commissioner’s Office (ICO) have published a brief update on the upcoming EU General Data Protection Regulation (GDPR), addressing some issues raised by firms.

GDPR comes into effect in the United Kingdom on 25 May this year, however, firms apparently still need clarity about the new rules.

An Ipsos Mori January 2018 survey on GDPR showed about 38 per cent of businesses, and 44 per cent of charities, say they have heard about it.

Among those aware of GDPR, ‘just over a quarter of businesses and of charities made changes to their operations in response to GDPR’s introduction.’

Addressing questions about whether companies will be able to comply with both the GDPR and FCA rules, the watchdog said GDPR does not impose rules which are incompatible with those of its Handbook, but instead, the two have a number of requirements in common.

“While the ICO will regulate the GDPR, complying with the GDPR requirements is also something the FCA will consider under their rules, for example, the requirements in the Senior Management Arrangements, Systems and Controls (SYSC) module,” the FCA said, “as part of their obligations under SYSC, firms should establish, maintain and improve appropriate technology and cyber resilience systems and controls.”

Firms must also be able to produce evidence to demonstrate the steps that they have taken to comply, the FCA explained.

It also said that it would review a Memorandum of Understanding it has with the ICO, to ensure the agreement is still fit to address future collaboration.

“The FCA and ICO are working closely together in preparation for the GDPR, and recently jointly hosted a GDPR Roundtable with firms and industry bodies to listen to industry concerns. One example of how we are working together is innovation, where the ICO is providing tailored input to the FCA’s Innovation Hub,” said an FCA statement on Thursday.

Both organisations said they will seek to continue to jointly address concerns firms raise and support firms’ preparations for the introduction of GDPR.

Read more:

UK anti-money laundering (AML) – hot topics for 2018

EU Fifth Anti-Money Laundering Directive: Can banks handle it?

EU official ‘justifies’ decision to remove half of countries from blacklist

You can claim CPD minutes for reading this article, by signing up to our CPD Wallet

FREE CPD Wallet
Must Read

Understanding EU anti-money laundering law: EU 4AMLD, EU 5AMLD, EU 6AMLD

In recent years the European Union has looked to its flex its legislative muscle and come up with an array of laws aimed at cracking down on money laundering and terrorism financing. Key to its package are its various directives, which impact national laws, banking operations and various other… Read More

Banking: Curbing employee fraud and corruption with an effective KYE program

The banking system’s vulnerability to fraud, corruption and money laundering is once again a focal point of debate in the wake of recent disclosures by the Central Bank of Nigeria that major losses have been recorded by banks from armed robbery cases and other criminal activities amounting to N12bn… Read More