It’s just over twenty years since the Bank of England became independent and the regulatory framework for the financial sector changed in the UK. And it’s also just over ten years since the financial-sector crisis which prompted further amendments to regulatory authority in this country. One result of the 2007 crisis was the creation of the Financial Conduct Authority (FCA). If you operate in the financial sector, you’ll be more than familiar with FCA regulations.
Of course, there’s no cycle for regulatory change. But there are further forthcoming changes to financial-sector regulation in 2018. The revised Payments Services Directive (PSD2) is being implemented in January. And arguably more far-reaching for FCA-regulated companies, the Europe-wide General Data Protection Regulation (GDPR) comes into force in May. With our expertise in Specialist Document Storage for financial-sector companies, CAS is in a position to help you prepare for GDPR.
Trusted by FCA-regulated companies for specialist document storage
From credit cards, bank accounts and mortgages, to loans, savings and pensions, virtually every adult in the UK is a consumer of financial services. One of the roles of the FCA is to ensure the highest standards of integrity for financial services providers in relation to their clients. This crucially includes the security of business and customer records.
If your FCA-regulated company is looking for specialist document storage and secure document management solutions, then look no further than CAS. We already have many clients in the financial sector. As well as document and archive storage, we also offer live file storage for documents which are frequently accessed. We can digitise documents as necessary with our scanning-on-demand service. And for a complete scanning and electronic document management solution, we offer our proprietary CAS-Cloud service.
Financial-sector documents: your security is our promise
At CAS we continually strive for the highest levels of security. Your documents are secure even before they reach our financial records storage facilities, as we have a dedicated fleet of GPS-tracked vehicles for transport to and from storage. Our secure records storage facilities have securely gated perimeter fences, which are monitored 24/7 by Mobotix M12 CCTV cameras, with records backed up off-site. Our gate staff require identification for anyone entering the facility and only authorised personnel are admitted.
Within the storage facilities, entry to warehouses is managed with advanced Suprema BioEntry fingerprint IP access terminals. All CAS document-handling and security staff have been checked by the Disclosure and Barring Service (DBS) to provide an added level of security. We have installed environmental controls, advanced optical fire beam protection system and air-quality monitoring throughout.
Full audit trails with state-of-the-art document identification
CAS deploys Radio Frequency Identification (RFID) at our storage facilities. RFID is one of the most advanced systems to track clients’ documents and provides new levels of accuracy and efficiency far beyond standard barcode management. RFID asset tracking means faster, more cost-effective report generation. It also enables comprehensive audits to be performed in close to real-time with 99.999% accuracy which is essential for effective financial records storage. RFID systems support strict compliance regulations by providing customers with audit reports that confirm and validate the location of every RFID carton in storage. This includes Sarbanes-Oxley (SOX) and current UK and EU data protection requirements.
Gearing up for GDPR
As for the forthcoming GDPR, we’re future-proofed – and we can talk through with FCA-regulated companies how they can prepare too. Most organisations should start with an information audit, in order to check your procedures cover all individuals’ rights. This will now include how you would delete personal data (the right to erasure), or provide data electronically and in a commonly used format on request (the right to access).
The GDPR updates rights for a networked world, so it’s vital to keep records of who you share personal data with too, not least in case you need to rectify inaccurate personal data. Under the new GDPR standard, consent must be freely given, specific, informed and unambiguous. There must be a positive opt-in, and you will need to have simple ways for people to withdraw consent. And you’ll need to update your privacy notice too to spell out your lawful basis for processing data and your data retention periods in concise, easy-to-understand and clear language.
One vital element is having the right procedures in place to detect, report and investigate a personal data breach. Larger organisations will need to develop policies and procedures for managing data breaches. Failure to report a breach to the data protection authority and (in some cases ) to individuals could result in a fine, as well as a fine for the breach itself.
Data protection for the professionals
We’ll be maintaining the excellent standards which we have under current data protection legislation. We’ll keep your data safe and secure if you use our document storage or scan-on-demand services. And ensuring data protection is a key consideration for our office removal, document shredding and data disposal services.
Talk to one of the CAS team today to discuss financial records storage, digitisation and all our other services!
About CAS document storage and management
CAS provides comprehensive and secure document storage and management, and facilities management services. For more than 20 years CAS have worked with NHS Trusts, Financial Services providers, and corporate and private clients. Our head office is just four miles from the City of London, supported by our advanced storage centres across the UK. CAS has an impressive array of International certifications (ISOs), which prove our compliance with the strictest national, European and international laws. They also demonstrate our commitment to provide innovative systems on security, confidentiality and quality control in keeping your files safe and well managed.