A number of you have received emails from the FCA inviting you to complete a feedback survey for them. I haven't actually seen the content of these but I would make a couple of points about them.
Although the surveys apparently take about 20 minutes, I would argue that it would be a good idea to complete. There are two reasons for this.
Firstly,presumably it is a chance to have a say about the FCA and make any points of annoyance etc if they give you the opportunity.
Questions that come to mind are:
1. Why am I paying an FSCS levy now for the failures in investment sales when I have never sold investment products?
2. Why is there a constant stream of Variations of permission required for existing regulated firms (with costs) when, with a little planning these could have been covered under one VOP application?
But perhaps I am being a bit unreasonable?
Secondly, you notice that this survey response is to the FCA and not to some outside organisation. Given that under the FCA regime, contact with firms is more hands off, I would suggest that every possible contact with the FCA gives the opportunity to demonstrate that you have engaged with them.
You will recall this word from the round of visits from the FSA on TCF and the like. There is nothing that a regulator likes more than to see that the firms that it regulates engage with them. This is an example. After all, on your file at the FCA however it looks there will be a simple entry of some kind I imagine. It will say something like.
FCA survey October 2015. Response received or response not received.
Which looks netter to a regulator when assessing your risk to regulation?
Monday 5 October 2015
Friday 2 October 2015
Cookie Law
This is just a thought on the rules and requirements for Cookies on web sites. It is not a usual area of compliance that I focus on but I think it is important enough for focus!
I have seen a number of web sites recently where there is no explicit request for confirmation by the user to assent to the use of cookies. This is now a key part of EU Data Protection and failure to comply does render a firm or an individual liable to enforcement and potentially a fine from the Information Commissioner.
As an aside, if you monetise your website using Google Adsense you are also at risk of being struck off by them for failure to comply. Compliance here is not an FCA matter directly but obviously if you are in breach of data protection requirements then this could be of interest to them.
Basically what you need is a popup message when a person first accesses you website that explains a bit about cookies and how you use data. You should also refer them to a privacy policy which should be somewhere on your site.If you do not have these, you need to take action now because you are in breach of legal requirements.
There are a number of free facilities available on the internet and I am happy to refer you to these if you need them, if you let me know. I can also provide you with an example of a privacy statement if you so wish. Obviously privacy statements can be as varied as firms can be different.
This is an action to take now rather than later becasue the originbal legislation came in some time ago.
I have seen a number of web sites recently where there is no explicit request for confirmation by the user to assent to the use of cookies. This is now a key part of EU Data Protection and failure to comply does render a firm or an individual liable to enforcement and potentially a fine from the Information Commissioner.
As an aside, if you monetise your website using Google Adsense you are also at risk of being struck off by them for failure to comply. Compliance here is not an FCA matter directly but obviously if you are in breach of data protection requirements then this could be of interest to them.
Basically what you need is a popup message when a person first accesses you website that explains a bit about cookies and how you use data. You should also refer them to a privacy policy which should be somewhere on your site.If you do not have these, you need to take action now because you are in breach of legal requirements.
There are a number of free facilities available on the internet and I am happy to refer you to these if you need them, if you let me know. I can also provide you with an example of a privacy statement if you so wish. Obviously privacy statements can be as varied as firms can be different.
This is an action to take now rather than later becasue the originbal legislation came in some time ago.
Subscribe to:
Posts (Atom)