Risk management and controls

Risk management and controls guidance:

BREXIT: The UK is due to leave the EU on Exit Day (as defined in the European Union (Withdrawal) Act 2018). This has an impact on this Practice Note. For further guidance...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

The table in this Practice Note identifies and briefly summarises the principal exemptions available under the Data Protection Act 1998 (DPA 1998). This Practice Note...

Practice Note

BREXIT: The UK is leaving the EU on Exit Day (as defined in the European Union (Withdrawal) Act 2018). This has an impact on this Practice Note. For further guidance, see...

Practice Note

The General Data Protection Regulation (the GDPR), Regulation (EU) 2016/679 was published in the Official Journal of the EU on 4 May 2016. Its provisions became...

Practice Note

The UK is due to leave the EU on Exit Day (as defined in the European Union (Withdrawal) Act 2018). This has an impact on this Practice Note. For further guidance on the...

Practice Note

Introduction to cybersecurity in financial services firms In the wake of continued escalations in phishing and denial of service attacks against banks and other financial...

Practice Note

The General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR), includes a right to data portability. This right allows individuals to obtain from a...

Practice Note

This Practice Note on data protection and outsourcing provides guidance on: • the data protection regime under the General Data Protection Regulation, Regulation (EU)...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

The General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) contains a set of core data protection principles that controllers must comply with. These are...

Practice Note

ARCHIVED: This archived timeline sets out the key legislative developments of the data protection reform package. This timeline is for background information only and is...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

Although the text of the General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) refers throughout to the ‘Union’, it is stated on page one of the GDPR...

Practice Note

FCA and PRA rules on whistleblowing On 6 October 2015, the Financial Conduct Authority (FCA), alongside the Prudential Regulation Authority (PRA) published policy...

Practice Note

Background to the remuneration codes The FCA Handbook currently contains five remuneration codes (Codes), with change driven by European Directives that include the Third...

Practice Note