Recommended Blogs

Twitter to increase character limit 'next week'
According to reports, Twitter’s long-awaited character limit increase will finally be introduced next week.  What is changing? In response to user feedback, Twitter has changed its character count. IThis means that: Photos Videos Gifs Quoted tweets Will no longer count towards the 140 character...
10 things to look for when choosing an automated workflow system
Regulated businesses are increasingly looking to automate their marketing processes. When you look at the potential benefits of automation, this isn’t surprising. Automating your processes can: Minimise the time you take to produce collateral Cut out unnecessary admin, duplication and rework Reduce...
How to get buy-in for a marketing automation project
The benefits of marketing automation are well documented. More streamlined processes; quicker Compliance approval and reduced regulatory risk. If you want to improve your marketing efficiency, automation can make a significant difference. How can automated workflows improve marketing efficiency? If...

What can you learn from the new FCA/ICO update on GDPR?

Steve Coleman

GDPR Compliance

On February 8th, the Financial Conduct Authority and Information Commissioner's Office issued an update on the EU General Data Protection Regulation (GDPR).

What does the update say?

The update clarifies some questions regulated firms have raised with the Authority. It says that:

‘Firms have asked us about their ability to comply with both the GDPR and rules made by the FCA. We believe the GDPR does not impose requirements which are incompatible with the rules in the FCA Handbook.’

This is something we covered last year in GDPR for regulated firms – what do you need to know?

There we identified some of the requirements you’ll already be meeting, which give you a head-start on compliance – and some of the new demands which you’ll need to comply with.

The plus points:

  • You already operate with some degree of rigour. Complying with FCA requirements gives you an understanding of working in a heavily-regulated environment – for example around accurate record-keeping, a big focus of the new regulation.
  • Your culture (hopefully) already supports a compliant approach. The GDPR – as the update points out – ‘is now a board level responsibility’.

Firms are more likely to be compliant with existing FCA regulation if they have a culture where good behaviours are embedded.  If you’re not sure you fall into this camp, our recent blog on How to ensure your board is prepared for GDPR has some pointers.

  • Some FCA requirements already support the principles of the new regulation. The update says that ‘there are a number of requirements that are common to the GDPR and the financial regulatory regime detailed in the Handbook’.

Requirements around suitability, producing financial promotions that are fair, clear and not misleading and desired consumer outcomes all align neatly with the GDPR’s aim of improving the customer experience.


  • The GDPR has very specific requirements of its own that aren’t covered in existing regulation. Rules on consent; on opt-in; on data breaches.

Even if you meet your regulator’s current requirements, it’s likely you’ll have to up your data game in time for 25th May.

How will the FCA and ICO work together on the new data rules?

The update says that ‘While the ICO will regulate the GDPR, complying with the GDPR requirements is also something the FCA will consider under their rules’.

The financial regulator and the ICO say they will continue to collaborate in the coming months to address concerns raised by firms. They will revisit their existing Memorandum of Understanding to make sure it’s still fit for purpose in the new world.

What should firms be doing now?

One of the initial challenges with the GDPR was the lack of clarity around exactly what firms needed to do.

Last summer, the Information Commissioner’s Office published a series of blogs designed to increase this clarity and put a stop to some of the regulation’s ‘myths’.

You can read a summary of the ICO’s myth-busting blogs in GDPR – sorting the myths from the reality and How to separate GDPR compliance myths from reality.

If you want more detail on the new requirements, you can check you’re up to speed by reading GDPR compliance – do you know everything you need to? and find out how to avoid potential GDPR pitfalls in your marketing.

The ICO’s microsite is another good source of information. It’s where any new updates are posted, and has useful downloadable tools. The What’s new page is a particularly useful summary of developments by date.

Whether you’re tackling the GDPR or making sure you’re up to speed with other compliance rules, you’ll find our Compliance Guide to Financial Promotions useful.

It looks at the regulations governing your promotions and what you have to do to comply. You can get your free copy of the Guide here.

Nothing in this document should be treated as an authoritative statement of the law. Action should not be taken as a result of this document alone. We make no warranty and accept no responsibility for consequences arising from relying on this document.

Compliance Guide to Financial Promotions


Topics: Compliance

Subscribe to our weekly blog

Tips and best practice for Compliance teams, along with the latest news and views.

  • 2018-10-19 14:27:52 The 7 SEO mistakes you need to avoid

     Search engine experts Search Engine Land have published a blog looking at common SEO blunders. Back in June we explored the 5 SEO basics you need to get right. Today we examine the flip side, and...

    Learn More
  • 2018-10-12 14:27:10 How can you emulate the success of the best global brands?

     This month, brand consultancy Interbrand released its 19th Best Global Brands list. The list identifies – and explores the common success factors behind – the world’s leading brands. What sectors do...

    Learn More
  • 2018-10-12 11:15:17 The state of social media in 2018

     A new report analyses the social media landscape in 2018. With social media such an integral part of today’s marketing campaigns, understanding what delivers a successful approach is essential. What...

    Learn More