Christmas is upon us, but while you are merrily lost in festive revelry, spare a thought for the big regulatory changes coming in early 2018.
One thing we know for sure about 2018 is that it is going to be a year of important regulatory changes, organisations will have to comply with new data protection guidelines, banks will no longer have complete control over customer data and investors will receive greater protection within Europe’s financial industry.
Many organisations have been preparing for the arrival of this raft of new regulations for over a year, but troubling reports indicating low awareness and ignorance have also been circulating. This means we are also likely to see some serious punishment dished out to uncompliant organisations in the case of GDPR.
Banking customers should also be aware of the changes coming in with the New Year, with PSD2 and Open Banking seeking to make customer data available to third party organisations. This initiative will allow access to services leveraging cutting edge technologies like AI, providing users with innovative banking alternatives.
For these reasons, both large organisations and individual banking customers have important reasons to remain aware of the changes that are coming with the New Year. Read on to find out more about the changes and how best to manage and benefit from them.
The General Data Protection Regulation (GDPR) will be active from the 25th of May 2018 and it will put a new set of guidelines in place regarding the way businesses handle customer data. This will include how organisations store it, share it and gather it.
GDPR is being issued by the European Parliament, with intentions to bolster the protection of data across the EU. While aimed at and originating in Europe, the regulation will have a global impact as the rules apply to data on EU citizens wherever it may be.
To achieve compliance with GDPR, organisations must announce a data breach as soon after they become aware of it as possible, with a strict time limit put in place that organisations must act within.
Fines will be extremely heavy, equalling four per cent of annual global turnover in the event that an organisation is found uncompliant. A figure of this size could prove extremely difficult for some businesses to recover from, making it a motivational incentive to improve data protection capabilities.
PSD2 is the second Payment Services Directive, also created and issued by the European Union. The directive has been designed with the intention to relinquish the control of customer data from the established banks, making it available to third parties with the user’s permission. All Member States are required to implement the rules as national law by the 13th of January 2018.
PSD2 is intended to heighten the efficiency of the European payments market while also bringing emerging contenders into the arena. Fintechs are an example of the kind of organisation that could bring competitive banking solutions to the table, with the directive aimed at bringing payment innovation to Europe.
Third parties entering the market will mean banking customers are able to access agile, cutting edge approaches to banking that involve emerging technologies like artificial intelligence, providing improved visibility, transparency and efficiency. In the UK, the Financial Services Authority will be responsible for overseeing the implementation and the enforcement of compliance once the regulation is in place.
Coinciding with PSD2, Open Banking is also coming into action on the 13th of January 2018. PSD2 is the regulation that is making Open Banking possible, providing a framework that will ensure both safety and security while also providing competition and fairness.
The initiative will apply to the nine largest current account providers in the UK, with major organisations like Barclays taking an active role in educating customers and informing them of the benefits and opportunities that will be available to them.
Once Open Banking is in place in the UK, banking customers will benefit from the transparency of seeing all of their accounts in one place, vastly enhancing visibility and overall ease. APIs provided by third parties will make this possible upon consent from the consumer.
Going live on the 3rd of January 2018, the Markets in Financial Instruments Directive (MiFID II) is EU legislation that is intended to increase transparency within the financial markets.
In addition to this, the legislation is also geared towards reducing the cost of market data and maintaining suitable market behaviour. Enhanced functionality is one aim of the initiative, but bolstering the protection of investors is also an integral element.
You may be wondering how Brexit will impact this, but the decision has been made to act on the legislation despite the plan to leave in 2019. Under the new legislation, advisers will have to confirm that advice offered is independent. Fund managers will have to outline in greater detail the risk profiles associated with their products.
MiFID II is built on top of the MiFID legislation that has been in place across Europe since 2007, a move intended to create an investment services single market in a bid to enhance financial market competition.