Data Protection Services for Private Lenders

Data Protection for Private Lenders

Financial Regulatory Compliance Services for Private Lenders

In the economically significant sector of private lending in Jersey, which contributes over 600 million to the local economy, ensuring adherence to stringent compliance requirements is paramount. As private lenders are registered under Schedule 2, they face a dual responsibility: robust data protection and rigorous financial regulatory compliance. Propelfwd is uniquely positioned to provide expert services in both these critical areas, under the regulatory oversight of the Jersey Financial Services Commission (JFSC).

For private lenders, safeguarding client data is not just a legal mandate but a foundation of trust and professionalism. Our data protection services ensure compliance with the Data Protection (Jersey) Law 2018, guaranteeing that sensitive personal and financial information is handled with the highest level of security and confidentiality.

Private Lenders Data Protection Services
Financial Regulatory Compliance Services for Private Lenders

As a Schedule 2 registered entity, a private lender must also navigate complex financial regulations, including Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) obligations. Propelfwd’s expertise extends to these financial regulatory aspects, ensuring that your lending practices are fully aligned with the JFSC’s standards. We provide comprehensive guidance and support, from policy development to staff training and ongoing regulatory updates, to ensure your business not only meets but excels in regulatory compliance.

Our holistic approach ensures that your operations are not just compliant but also exemplary in terms of data privacy, security, and regulatory integrity. This commitment to excellence in compliance will further strengthen your position in Jersey’s thriving private lending market.

A small selection of our data protection services for private lenders...

Partnering with Propelfwd allows you to confidently manage both the data protection and financial regulatory dimensions of your private lending business.

Data Protection Framework

Propelfwd have designed a framework compliance package specifically for estate agents. This package will cover the main areas of data protection and leave your business in a strong position to protect your client’s data.


The operational package consists of:

    • Data Protection Policy, covering: 
      • Data protection principles.
      • Data collection.
      • Data use.
      • Data retention.
      • Data protection.
      • Data Subject Access Requests.
      • Law enforcement requests & disclosures.
      • Data protection training.
      • Data transfers.
      • Complaint’s handling; and
      • Breach reporting.
    • Separate detailed Data Subject Access Request Policy and Procedure (DSAR).
    • DSAR Templates to communicate with Data Subjects.
    • Separate detailed Data Breach Notification Policy and Procedure.

Data Protection Managers Service

A Data Protection Manager can remove a lot of the burden of compliance from your day to day workload. Allowing Propelfwd to manage this for you gives you the confidence to know you are in good hands. You engage a team of professionals, so you don’t have to worry about sickness, holidays, staff training or resilience, Propelfwd do all that for you.


Our team looks after your needs. You get a dedicated data privacy manager to take care of your account. When they are away, the rest of the team step in, so you are never left without support. 


The service a DPM will provide include:


  • Give guidance and support when needed,
  • Put in place appropriate policy documents & registers, updating and ensuring compliance,
  • Regular contact with the internal Data Governance Team,
  • Assistance when required with Data Subject Access Requests and redaction,
  • Monitoring compliance with the GDPR and other relevant laws relating to data protection and all policy documents and procedures as follows:
  • Monitoring of the Data Breach register, and
  • Monitoring the Record of Data Processing Activities, updating, when necessary,
  • Assistance and advice with any data Breach,
  • Sign-off with appropriate justification on Data Breach register,
  • Develop a full training package for your employees,
  • Communication with the relevant Supervisory Authorities,
  • Identify the need for a DPIA, carry out the requirements and put in place any required mitigations to reduce the identified risks.
  • Carry out due diligence on 3rd party processors and put in place required agreements.
  • Complete a full data transfer map.
  • Assisting and advising on the development of any new process, or data base in accordance with the principle of Design by Default.

Data Protection Training

Our Foundation course is an online course that will take a maximum of 2 hours for each candidate to complete but can be visited in small time frames if required.


To meet different learning styles, the course has audio, text and videos throughout.


These courses are branded to your organisation and delivered for you by our training Course Administrator. We monitor progress, provide update progress reports and send out certificates to your staff.


The course covers:


  •  Principles of Data Protection:
  • Data Subject Rights:
  • Handling Data Subject Access Request:
  • Identifying and handling a Data Breach:
  • Understanding Consent:
  • Data Transfers:
  • Jurisdictional Fines.

Throughout the course there are knowledge checks to ensure the candidates can demonstrate their understanding of the topic and demonstrate the individual has a good foundation knowledge of all relevant laws.


This course is ideal for your front of house employees that are handling customers personal data on an everyday basis.

Financial Regulatory Compliance Framework

Initial consultation

Assessment of your existing compliance framework – gap analysis, compliance review and regulatory ‘health check’.

Help you construct a robust compliance framework of systems and controls designed around the obligations of the JFSC AML/CFT/CPF Handbook and associated laws.

Provide ongoing consultation in the maintenance of this framework (If required).

Compliance Framework to include policies, procedures and tools covering:

  • AML Compliance Manual
  • Business Risk Assessments (BRA)
  • Business Risk Appetite 
  • Customer on-boarding 
  • Customer Identification Measures
  • Customer Business and Risk Profile 
  • Customer Risk Assessments 
  • Transaction monitoring
  • Compliance Monitoring Programme
  • Customer Screening – Sanctions, PEPs, adverse media etc.
  • Reporting Obligations (AML/CFT/CPF/Sanctions) – internally and externally
  • Trigger Events
  • Registers – SARs/Breaches etc.
  • Record Keeping

Risk Management & Infrastructure

  • Enterprise Risk Management
  • Business Risk Assessments
  • Fraud Risk Assessments
  • Risk Management Process Analysis
  • Controls Assurance Assessments
  • Conduct Risk Assurance

Financial Crime Training & Awareness:

Financial Crime Training Programs and Sessions (Internal and External) covering Sanctions, AML, Terrorist Financing and Fraud


CPD Sessions and Seminars (Topical discussions, Forums on Compliance and Financial Crime)


All of our online courses a branded to your organisation and bespoke to your sector of business.

PropelFwd’s most popular course:

Bespoke online courses for businesses and covers data protection from the start of the employees journey with your organisation

The training register retained by Propelfwd is your record of training for your team. If you are ever asked about your organisations accountability to data protection, this register will help to show you are. It will also show when your team are due their annual refresher courses. Propelfwd create customised refresher courses for your business as well.

Why choose PropelFwd for your data protection services?

PropelFwd have experience working with all sectors of business and organisations of any size and any jurisdiction. We pride ourselves on the fact that we demystify data protection, taking the complexity out of it, keeping it simple for your teams to understand and follow.


Our policies are easy to read and understand, our training is in plain language with relevant real-life examples of data protection in action and our solutions for your business are tailored and work.

Scroll to Top