Are Networks Letting Down Their Appointed Representatives on DPA Compliance?
We are aware that in the eyes of the majority of Financial Service networks it has always been the responsibility of the Appointed Representatives (AR’s) to ensure they are DPA compliant – but its come to notice there is a lack of knowledge and understanding in this area especially around Encryption software requirements to meet DPA ‘Principle 7’.
A recent Freedom of Information request submitted by a industry leading publication revealed a high level of instances of lost or stolen data that have been reported to the FCA regulator in the past 12 months. It is suspected some of the reported incidents were from brokers authorised under Financial Service Networks.
A recent mini DPA survey by JMS Secure Data undertaken with 250 AR’s authorised under different networks highlighted 61 % of them were non-compliant for DPA ‘Principle 7’ despite being ‘signed off’ by their own respective networks for DPA. Survey feedback from the majority of brokers confirmed AR’s expected their network to offer guidance on DPA ‘Principle 7 requirements’ or at the very minimum offer a set of solutions with suitable advice to achieve the necessary ICO compliance.
It is without doubt a brokers responsibility to robustly check they are fully DPA compliant and data secure but without network support in this area many more brokers may find themselves in front of the FCA and ICO for data loss or theft resulting in the reputational, regulatory and legal penalties for non-compliance.
To review any Data Security concerns in your business contact our Technical team on: 020 3397 9026 for a free DPA review.