GDPR for financial services firms—one minute guide
Produced in partnership with Curtis McCluskey of Reed Smith LLP
GDPR for financial services firms—one minute guide

The following Financial Services practice note Produced in partnership with Curtis McCluskey of Reed Smith LLP provides comprehensive and up to date legal information covering:

  • GDPR for financial services firms—one minute guide
  • FCA and ICO comment on the GDPR
  • Brexit
  • Scope of the GDPR
  • Key GDPR changes for financial services firms
  • FCA and ICO collaboration on GDPR

Brexit: As of exit day (31 January 2020) the UK is no longer an EU Member State. However, in accordance with the Withdrawal Agreement, the UK has entered an implementation period, during which it continues to be subject to EU law. This has an impact on this Practice Note. For further guidance on the impact of Brexit on the GDPR and data protection, see Practice Note: Brexit—implications for data protection.

FCA and ICO comment on the GDPR

The EU General Data Protection Regulation (EU) 2016/679 (GDPR) came into effect on 25 May 2018. From that date, any organisation that processes personal data originating in the EU is required to comply with the GDPR. In a joint update from the Financial Conduct Authority (FCA) and Information Commissioner’s Office (ICO) published on 8 February 2018, the FCA raised the importance of financial services firms needing to consider how GDPR will apply to them to ensure compliance.

The GDPR is a seismic change to European data protection laws to accommodate the use of technologies over the last 20 years and provides a consistent EU-wide law. GDPR requires organisations to implement and comply with a multitude of obligations.

Brexit

On 13 December 2018, the Department for Digital, Culture, Media and Sport (DCMS) published guidance on its proposals on how the UK data protection regime will work in a no-deal scenario post-Brexit.

Popular documents