The Financial Conduct Authority take over regulation of the claims management industry from 1st April 2019. With tougher controls on data acquisition and management on the horizon, Nigel Allen, Director of Total Claims Solutions, explains what your business needs to do to ensure you are compliant.
The introduction of FCA regulation to the claims management sector is set to impact on many areas of the way businesses operate. Requirements around the way customer data is obtained, stored and ultimately destroyed are about to get tougher, with those operating in the currently unregulated Scottish market are likely to be hit the hardest.
An expert with over 25 years of experience in the sector, Director of Total Claims Solutions Nigel Allen explains the steps businesses must take to ensure they comply to the FCA’s stricter regulations on customer data.
Where has your data come from?
“The introduction of GDPR has had huge implications for businesses across sectors, and the claims management industry is no exception. The new FCA regulations reflect these changes, ” Nigel explains.
“If the way you source clients is external, through a marketing company or call centre for example, you must be able to prove that customers have explicitly ‘opted in’ to their details being passed to third parties such as yourselves,” he continues.
If your business is used to relying on these methods, the introduction of tougher scrutiny on data capture, particularly in Scotland where there are currently no GDPR controls, could have a significant impact on the way your business operates.
“The key point to remember is that you must be able to demonstrate a full auditable trail that demonstrates where your data comes from, and that it has been obtained legitimately,” advises Nigel.
“The FCA have a right to request this trail at any time, so it is important to be prepared.”
How exactly can you ensure that your business can prove the legitimacy of your data?
“The IT software and technical expertise required to ensure you are complying to these tougher data management standards may have a financial impact on businesses, particularly for smaller firms,” Nigel says.
It’s not just how to prove the origin of your data which might require some new technology either.
“Cyber-crime is a huge global concern at the moment, and stricter security requirements are being imposed by the FCA to reflect this. Your data storage systems must be airtight, with encrypted access and secure migration systems to move data from point to point.
“Again, this can all be subject to an FCA audit at any time.”
It is imperative that your business has the IT provisions in place to comply with the new FCA regulations on data management, as failure to demonstrate the sufficient software will lead to your operating license being revoked.
“Of course, as well as installing this software, it is important to have someone on your team with the technical expertise to understand it...and who knows what to do if things go wrong,” adds Nigel.
“Business continuity and disaster recovery software systems are a requirement for compliance under the new FCA regulations, so it’s important to have a plan in place for if the worst happens, and the technical experience to carry out that plan.”
With the way businesses obtain and store personal data under intense scrutiny across all sectors, ensuring that your business is fully prepared for the implications the upcoming FCA regulatory reforms have on data management is essential to continue legally operating after 1st April.