• Welcome to the LegalBeagles Consumer and Legal Forum.
    Please Register to get the most out of the forum. Registration is free and only needs a username and email address.
    REGISTER
    Please do not post your full name, reference numbers or any identifiable details on the forum.

FCA and ICO publishes joint update on GDPR

Collapse
Loading...
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • FCA and ICO publishes joint update on GDPR

    The Financial Conduct Authority (FCA) and the Information Commissioners Office (ICO) has today published an update on the EU General Data Protection Regulation (GDPR).

    https://www.fca.org.uk/news/statemen...nt-update-gdpr

    The EU General Data Protection Regulation (GDPR) will apply in the UK from 25 May 2018. It is an essential step forward in enhancing the privacy and security of personal data. The GDPR will be regulated and enforced in the UK by the Information Commissioner’s Office (ICO). Financial services firms will need to consider how the GDPR will apply to them, and ensure that they are ready to comply with the regulations from May 2018.
    Complying with some of the FCA’s rules requires financial services firms to process personal data. Firms have asked us about their ability to comply with both the GDPR and rules made by the FCA. We believe the GDPR does not impose requirements which are incompatible with the rules in the FCA Handbook. Indeed, there are a number of requirements that are common to the GDPR and the financial regulatory regime detailed in the Handbook.
    Compliance with GDPR is now a board level responsibility, and firms must be able to produce evidence to demonstrate the steps that they have taken to comply. The requirement to treat customers fairly is also central to both data protection law and the current financial services regulatory framework. When the FCA makes rules, we take into account how our requirements will affect the privacy interests of individuals such as firms’ customers and employees, and are open and transparent on why we have made rules in the way that we have.
    However, we recognise that there are still ongoing discussions to ensure specific details of the GDPR can be implemented consistently within the wider regulatory landscape.
    The FCA and ICO are working closely together in preparation for the GDPR, and recently jointly hosted a GDPR Roundtable with firms and industry bodies to listen to industry concerns. One example of how we are working together is innovation, where the ICO is providing tailored input to the FCA’s Innovation Hub.
    Since 2014, the FCA and ICO have had a Memorandum of Understanding in place, laying out our formal relationship and demonstrating our commitment to co-operation and co-ordination in our activities. Over the coming months, we will review the memorandum of understanding to ensure it is still fit to address future collaboration.
    While the ICO will regulate the GDPR, complying with the GDPR requirements is also something the FCA will consider under their rules, for example, the requirements in the Senior Management Arrangements, Systems and Controls (SYSC) module. As part of their obligations under SYSC, firms should establish, maintain and improve appropriate technology and cyber resilience systems and controls.
    The FCA and ICO will continue to collaborate in the coming months to address concerns firms raise and support firms’ preparations for the introduction of the GDPR in May 2018.


    Tags: None

View our Terms and Conditions

LegalBeagles Group uses cookies to enhance your browsing experience and to create a secure and effective website. By using this website, you are consenting to such use.To find out more and learn how to manage cookies please read our Cookie and Privacy Policy.

If you would like to opt in, or out, of receiving news and marketing from LegalBeagles Group Ltd you can amend your settings at any time here.


If you would like to cancel your registration please Contact Us. We will delete your user details on request, however, any previously posted user content will remain on the site with your username removed and 'Guest' inserted.
Working...
X