New legislation currently making its way through Parliament is anticipated to bring about significant changes to the advice market in the UK. The Data (Use and Access) Bill (D(UA)), which has emerged as a replacement for the previously stalled Data Protection and Digital Information No 2 Bill, is poised to offer consumers enhanced control over their personal data. Speaking to Money Marketing, Ian McKenna, founder and director of FTRC, highlighted the considerable benefits this new framework could bring to both advisers and clients, while also warning of potential challenges for providers and technology firms within the sector.
The D(UA) aims to empower consumers by allowing them to instruct organisations to share their data with third parties of their choosing. This legislation builds upon existing data portability rights established under the General Data Protection Regulation (GDPR), and will enable the Secretary of State to create "smart data" schemes that will require secure sharing of consumer data upon request. Moreover, these provisions are expected to extend beyond financial services, impacting various sectors such as retail, where individuals could feasibly request supermarkets to share their purchasing information with whomever they desire.
A key area of potential impact lies in the advancement of pension dashboard services. Though these services may not be fully operational until 2025 or early 2026, the D(UA) allows consumers to leverage their new rights in order to access and manage data related to their pensions more effectively. McKenna noted the common frustrations experienced by advisers in obtaining information from pension providers, such as Nest, which often prefer to engage directly with consumers. With the new regulations in place, clients will have the ability to compel these providers to share their data with advisers or other services of their preference.
Additionally, the Bill seeks to address amendments to GDPR and consumer rights concerning subject access requests (SARs). As SARs are increasingly utilised by insurers to request medical data, this could introduce further ramifications within the industry, although that subject may warrant separate discussion.
It is important to acknowledge that the changes mandated under the D(UA) will apply universally across all businesses, potentially reshaping the dynamics between consumers, advisers, and technology suppliers. McKenna raised the prospect that consumers might demand their former advisers share information with new advisers or alternative services, thus facilitating a more fluid transition and interaction within the financial services arena.
Previously, under the earlier draft of the legislation, the imposition of penalties for non-compliance was to be determined at the discretion of the Secretary of State. However, with the new D(UA) framework, there is an expectation that the Treasury, Prudential Regulation Authority, and Financial Conduct Authority will play crucial roles in formulating the specific rules and regulations that govern compliance.
McKenna emphasised the significance of the D(UA) as a substantial leap forward for the UK's digital economy, providing consumers with greater autonomy over their personal information, and enabling them to direct organisations in sharing that data as they see fit. Initially anticipated to be legislated during the Boris Johnson administration, McKenna remarked that these changes have been long overdue.
As the industry looks ahead, financial product manufacturers, technology service providers, and associated stakeholders are encouraged to prioritise the development of strategic plans to address their obligations under the forthcoming Bill, as the implementation phase approaches in early 2025.
Source: Noah Wire Services