FCA and ICO update on GDPR

An update from FCA and the ICO confirms FCA’s view that firms can comply with both the GDPR and its rules. The update notes that GDPR is a board level responsibility, and firms must produce evidence to show what they have done to comply with it. FCA also notes that, although the ICO will regulate GDPR compliance, FCA will also consider compliance under its rules, particularly those in SYSC. FCA and the ICO have in place a MoU and will continue to cooperate on preparation for the new requirements.