Data Protection for Finance Companies
Financial Regulatory Compliance Services for Finance Companies
In the multifaceted finance business sector of Jersey, which plays a pivotal role in facilitating private loans, mortgages, car loans, and direct lending, adherence to rigorous compliance standards is not just a legal obligation, but a cornerstone of operational success. As entities registered under Schedule 2, finance businesses are subject to the dual regulatory oversight of robust data protection and stringent financial regulation, all under the purview of the Jersey Financial Services Commission (JFSC).
At Propelfwd, we specialise in providing comprehensive compliance services that cater to the unique needs of finance businesses. Understanding the critical nature of handling sensitive financial data, we offer expert data protection services to ensure your practices align with the Data Protection (Jersey) Law 2018. This ensures the secure and confidential handling of client information, which is essential in maintaining trust and integrity in the finance industry.
Moreover, as a Schedule 2 registered entity, your business must navigate the complex terrain of financial regulations, including compliance with Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) requirements. Propelfwd’s team of experts offers tailored guidance and support in financial regulatory compliance, ensuring that your business operations adhere to the stringent standards set by the JFSC. Our services encompass policy development, compliance training, risk assessments, and ongoing support to keep your business updated with regulatory changes and best practices.
Our holistic approach ensures that your operations are not only legally compliant but also demonstrate a commitment to the highest standards of data privacy, security, and financial integrity. This commitment is crucial in reinforcing your standing in the competitive finance sector, where trust and compliance are paramount.
A small selection of our data protection services for finance companies...
By partnering with Propelfwd, finance businesses in Jersey can seamlessly manage the intricacies of both data protection and financial regulatory compliance.
Data Protection Framework
Propelfwd have designed a framework compliance package specifically for estate agents. This package will cover the main areas of data protection and leave your business in a strong position to protect your client’s data.
The operational package consists of:
- Data Protection Policy, covering:
- Data protection principles.
- Data collection.
- Data use.
- Data retention.
- Data protection.
- Data Subject Access Requests.
- Law enforcement requests & disclosures.
- Data protection training.
- Data transfers.
- Complaint’s handling; and
- Breach reporting.
- Separate detailed Data Subject Access Request Policy and Procedure (DSAR).
- DSAR Templates to communicate with Data Subjects.
- Separate detailed Data Breach Notification Policy and Procedure.
- Data Protection Policy, covering:
Website Compliance package
Your website is the front window of your business, it is also the front window of your compliance structure. A good Privacy Notice and Cookie Management Platform (“CMP”) are all you need to show your are accountable to your customers data and you take data protection and PECR/ePrivacy compliance seriously.
At Propelfwd we are experts at developing good quality, easy to read privacy notices for your site users to access and understand what your company dose with data.
We provide the full package that includes:
- Fully compliant Privacy Notice for your website.
- Branded Privacy Notice animation.
- Audio files for each section of your privacy notice.
- The first years CookieScan™ subscription for your website (Premium account).
- Full service to have the Privacy Notice, animation and audio (if wanted) uploaded onto your website. You provide the details of your website developer. There may be extra fees from your developer for this work.
- Categorisation of the cookies used on your website.
- Colour match of the CookieScan™ banners to your website theme.
- Test of the Data Rights feature of the CookieScan™ banner.
You will be left with the confidence your website is up to scratch and fully compliant with the requirements.
Data Protection Managers Service
A Data Protection Manager can remove a lot of the burden of compliance from your day to day workload. Allowing Propelfwd to manage this for you gives you the confidence to know you are in good hands. You engage a team of professionals, so you don’t have to worry about sickness, holidays, staff training or resilience, Propelfwd do all that for you.
Our team looks after your needs. You get a dedicated data privacy manager to take care of your account. When they are away, the rest of the team step in, so you are never left without support.
The service a DPM will provide include:
- Give guidance and support when needed,
- Put in place appropriate policy documents & registers, updating and ensuring compliance,
- Regular contact with the internal Data Governance Team,
- Assistance when required with Data Subject Access Requests and redaction,
- Monitoring compliance with the GDPR and other relevant laws relating to data protection and all policy documents and procedures as follows:
- Monitoring of the Data Breach register, and
- Monitoring the Record of Data Processing Activities, updating, when necessary,
- Assistance and advice with any data Breach,
- Sign-off with appropriate justification on Data Breach register,
- Develop a full training package for your employees,
- Communication with the relevant Supervisory Authorities,
- Identify the need for a DPIA, carry out the requirements and put in place any required mitigations to reduce the identified risks.
- Carry out due diligence on 3rd party processors and put in place required agreements.
- Complete a full data transfer map.
- Assisting and advising on the development of any new process, or data base in accordance with the principle of Design by Default.
Data Protection Training
Our Foundation course is an online course that will take a maximum of 2 hours for each candidate to complete but can be visited in small time frames if required.
To meet different learning styles, the course has audio, text and videos throughout.
These courses are branded to your organisation and delivered for you by our training Course Administrator. We monitor progress, provide update progress reports and send out certificates to your staff.
The course covers:
- Principles of Data Protection:
- Data Subject Rights:
- Handling Data Subject Access Request:
- Identifying and handling a Data Breach:
- Understanding Consent:
- Data Transfers:
- Jurisdictional Fines.
Throughout the course there are knowledge checks to ensure the candidates can demonstrate their understanding of the topic and demonstrate the individual has a good foundation knowledge of all relevant laws.
This course is ideal for your front of house employees that are handling customers personal data on an everyday basis.
Financial Regulatory Compliance Framework
Assessment of your existing compliance framework – gap analysis, compliance review and regulatory ‘health check’.
Help you construct a robust compliance framework of systems and controls designed around the obligations of the JFSC AML/CFT/CPF Handbook and associated laws.
Provide ongoing consultation in the maintenance of this framework (If required).
Compliance Framework to include policies, procedures and tools covering:
- AML Compliance Manual
- Business Risk Assessments (BRA)
- Business Risk Appetite
- Customer on-boarding
- Customer Identification Measures
- Customer Business and Risk Profile
- Customer Risk Assessments
- Transaction monitoring
- Compliance Monitoring Programme
- Customer Screening – Sanctions, PEPs, adverse media etc.
- Reporting Obligations (AML/CFT/CPF/Sanctions) – internally and externally
- Trigger Events
- Registers – SARs/Breaches etc.
- Record Keeping
Risk Management & Infrastructure
- Enterprise Risk Management
- Business Risk Assessments
- Fraud Risk Assessments
- Risk Management Process Analysis
- Controls Assurance Assessments
- Conduct Risk Assurance
Financial Crime Training & Awareness:
Financial Crime Training Programs and Sessions (Internal and External) covering Sanctions, AML, Terrorist Financing and Fraud
CPD Sessions and Seminars (Topical discussions, Forums on Compliance and Financial Crime)
All of our online courses a branded to your organisation and bespoke to your sector of business.
Bespoke online courses for businesses and covers data protection from the start of the employees journey with your organisation
The training register retained by Propelfwd is your record of training for your team. If you are ever asked about your organisations accountability to data protection, this register will help to show you are. It will also show when your team are due their annual refresher courses. Propelfwd create customised refresher courses for your business as well.
Why choose PropelFwd for your data protection services?
PropelFwd have experience working with all sectors of business and organisations of any size and any jurisdiction. We pride ourselves on the fact that we demystify data protection, taking the complexity out of it, keeping it simple for your teams to understand and follow.
Our policies are easy to read and understand, our training is in plain language with relevant real-life examples of data protection in action and our solutions for your business are tailored and work.