Technology supplier Iress has updated its Xplan system to take into account incoming European data protection rules.
Advisers have until May 2018 to comply with the General Data Protection Regulation (GDPR), which could see them need to drastically overhaul how they manage client information.
As part of this, Iress said there are three areas of importance: consent, appropriateness and retention, and it has created features on Xplan to address all of these.
Mark Loosmore, UK executive general manager for wealth at Iress, said: “2018 will be a crucial year for financial planners and wealth managers, with a barrage of new regulation coming their way including GDPR and Mifid II.
"As part of our commitment to making Xplan users the best prepared firms in the UK for these regulatory changes, we’re pleased to be able to release some really practical functionality which will help firms meet their responsibilities.
“GDPR in particular is a real challenge for firms, who are financial planners first and marketing communications businesses second. The functionality we have put in place as part of our latest release has the potential to save firms a huge amount of time and money – as well as helping them comply with the new regulations.”
Among the functions Iress has added are the ability to record client consent to hold and process their data, including the ability to link to stored documents evidencing that consent has been given.
The system will also capture client communication preferences across email, post, phone and SMS, and all preferences will default to ‘no permission’ to help prevent clients receiving unwelcome communications in error.
Advisers will also be able to create campaign types inside Xplan, and mark which types are relevant to a client, with only relevant campaigns being sent to that client.
The system will also be able to specify how long uploaded files that have yet to be matched to clients should be kept on Xplan before automatic deletion, and new options have been added to delete all simplified and enhanced annuity medical questionnaire data for a client with a single press of a button.
GDPR introduces a number of regulations which will affect financial advisers, including the right to erasure, meaning an individual can request the deletion of personal data relating to them, and the right to access, meaning an individual can demand information on how their data is being used and a free copy of their personal data.
It also introduces the right to data portability, which means a person must be able to transfer their personal data from one system to another without being prevented by the handler of their data.
Meanwhile explicit consent must be obtained for the collection of data and all the purposes it is used for, while all data breaches must be reported within 72 hours.
damian.fantato@ft.com
