We all remember 25th May 2018, when GDPR came into force and changed the way all businesses handled their client data. Firms were busy putting plans together on how they were going to implement new processes in which they collected, stored and used personal information, and there were many questions flying around in regards to leads, encryption and security. In additional to the above, consideration for documents you provide to your clients should have also been included.

Why is this important?

One of the most common 'findings' our file checking team come across is that firms are still issuing Terms of Business and Customer Consent Forms that refer to The Data Protection Action Act 1998. It goes without saying that these documents should refer to the General Data Protection Regulation 2018. Additionally, under GDPR, it is mandatory that you issue a Consent Form or equivalent to your clients and have a copy retained in the clients’ file showing clients’ preferences on how contact should be made, i.e. SMS, phone, email or post. Without this, you do not have consent to contact your clients to review their mortgages or policies in the future.

So, it bring into question do you currently use a compliance provider? If not, perhaps you should be. Alternatively if you are currently using one, and they haven’t advised you of this, maybe it's time to look around.


Our compliance packages are designed to ensure you meet all of your regulatory requirements. Our compliance is backed up by our regulated financial services network providing you with a framework you can trust. We offer bespoke compliance packages and individual services to fulfil the needs of your firm.

To request a brochure and to find out why so many other directly authorised firms are taking advantage of a network framework, click here