Data Protection in Financial Services: Getting Compliance Right

Introduction

Financial institutions operate under a complex dual regulatory regime involving the ICO and financial conduct regulators (FCA/PRA). This session dissects the specific data protection challenges inherent to the financial sector, including limitations on data subject rights when handling access requests, the new rules on “automated decision-making” (including credit-scoring) and breach reporting.

What You Will Learn

This live and interactive session will cover the following:

• Regulatory interplay between the UK GDPR, the FCA Handbook, and AML regulations
• Lawful bases for activities such as fraud detection and credit risk profiling
• Complex Data Subject Access Request (DSAR) management
• Automated decision making for credit scoring and algorithmic lending (Article 22 UK GDPR), including new rules from January 2026 under the Data (Use and Access) Act
• Breach reporting and notification timelines for the ICO and the FCA
• Supply chain governance: due diligence requirements for fintech partnerships and cloud outsourcing

Recording of live sessions: Soon after the Learn Live session has taken place you will be able to go back and access the recording - should you wish to revisit the material discussed.