Intelliflo has pledged to identify and solve challenges for financial advice firms arising from the forthcoming General Data Protection Regulation.
It has formed a working group comprising representatives from 11 major networks and advice firm customers to tackle the issues.
This comes after a recent survey by Intelliflo highlighted that many advisers are not yet on course to be ready to meet the requirements of the new data rules by the enforcement date of 25 May 2018.
In fact, 67 per cent of 270 Intelligent Office users polled said they do not yet have a plan they are working to, with 9 per cent saying they were not even aware of the new regulation.
Rob Walton, chief operating officer at Intelliflo, said: “It is clear there is a significant lack of understanding of the General Data Protection Regulation, both in terms of the differences with current data protection regulation and the impact it will have on the financial advice industry.
“As such, we have decided to seek engagement and feedback from our client community as to their plans and interpretations of the General Data Protection Regulation in order to map out a clear path and strategy for all firms to achieve compliance with this regulation.
“Given that advice firms deal with and process significant amounts of data on individuals, it is paramount that all have strategies developed and action taken by the deadline of next May.”
The first meeting of the working group was held in late July, with the aim of establishing common understanding of the implications of the regulation and to allow firms to share information about how they will look to meet the requirements of the regulation.
The first consultation paper, entitled ‘General Data Protection Regulation and the Financial Advice Industry: Intelliflo Customer Working Group – 1st Consultation Paper’ has now been produced and made available to all Intelliflo customers for review and to provide feedback. This will happen after each working group.
The next meeting is scheduled for late October, when further recommendations will be made and documented to share with the wider industry.
Ken Davy, chairman of Simplybiz Group, said whilst the importance of the General Data Protection Regulation to financial advisers is obvious it is also vitally important that we don’t get into ‘scaremongering mode’ as regards its impact.
He said: “There is a clear risk that clients, or more likely former clients, will ask for data to be destroyed which the adviser might later need to refer to if there is a complaint, a situation I think appointed representatives could be particularly vulnerable to.
“The rules however do give guidance that there are grounds for retaining data if it may be required to defend a legal claim, unfortunately until we have practical experience and quite probably ‘case law’ it is difficult to be certain what the adviser can justify keeping if a complaint has not yet been made.
“The nightmare scenario is that the first thing an ambulance chaser will do is get a former client to request the deletion of all data and as soon as that has been done, slap in a complaint.
“I believe we need clarity from the FCA and Financial Ombudsman Service as to what it is reasonable for the adviser to retain which in my view should be a comprehensive record of any advice given on the proviso that is retained purely for non-marketing purposes.”
Earlier this month, the Information Commissioner’s Office, which is responsible for overseeing the implementation of GDPR in the UK, said the right to erasure was not universal.
In a statement a spokesman for the office said: “The right to erasure is not an absolute right, and it does not apply where retention of the data is necessary to meet a financial adviser’s legal obligations or for defending legal claims.
“We will be providing more detailed guidance on the rights individuals have under the GDPR in due course.”
