London – Financial Services firms are being warned by compliance and regulations consultancy Complyport on International Data Protection Day that they must ensure they gain explicit client consent for data sharing.
Jonathan Greenstein Director of Complyport has underlined his concerns that many companies were “simply not sufficiently informed” in the detail of GDPR.
Jonathan Greenstein said: “Under GDPR, for personal data sharing to be permitted and valid, the data sharing must be for a legal purpose, and the main legal purpose applicable to financial services is that it is required to fulfil a contract or that a client has given consent.”
Noting that financial services firms typically share data with providers, he added: “For client consent to be valid, it is not good enough to assume that a client has not objected or to work on an opt-out basis.
“Consent must be affirmative, specific, informed, unambiguous and freely given, and firms must also be mindful that a client has a legal right to withdraw consent.
“If these conditions are not enforced by robust processes and procedures, a firm may find it has breached GDPR requirements and potentially face serious consequences.”
ENDS
Notes to Editors:
For media enquiries contact
John Kaponi, J7 Communications: +44 787 554 2969 /
- To arrange an interview with Jonathan Greenstein of Complyport Ltd please email or call John Kaponi
- Complyport is a leading compliance and regulatory consultancy providing bespoke, practical solutions for all manner of regulated firms both in the UK and overseas.
- Established in 2001, Complyport combines former regulators, industry practitioners and legally qualified individuals to offer our clients an unparalleled, professional team.
