The majority of Financial Service networks say it has always been the responsibility of the AR's to ensure they are DPA compliant - but its come to notice there is a lack of knowledge and understanding in this area especially around Encryption & Backup software requirements to meet DPA 'Principle 7'.
A recent Freedom of Information request submitted by a industry leading publication revealed a high level of instances of lost or stolen data that have been reported to the FCA regulator in the past 12 months. It is suspected some of the reported incidents were from brokers authorised under Financial Service Networks.
A recent mini DPA survey by JMS Secure Data undertaken with 250 AR's authorised under different networks highlighted 61 % of them were non-compliant for DPA 'Principle 7' despite being 'signed off' by their own respective networks for DPA. Survey feedback confirmed AR's expected their network to offer guidance on DPA 'Principle 7 requirements' or at the very minimum offer a set of solutions with suitable advice to achieve the necessary ICO compliance.
We would be interested in receiving more industry feedback on this DPA subject - as more AR's may find themselves in front of the FCA and ICO for data loss or theft resulting in the reputational, regulatory and legal penalties for non-compliance.
Why not try our DPA Mini Health Check Assessment