Welcome to the Know Your Compliance Blog

Free GDPR Information Audit Template

Information Audit Banner

This free GDPR information audit template has been developed to comply with the current data protection legislation. Available to download without having to add any contact details. The easy to use Excel template can be fully customised and is suitable for any business type or industry. What is a Data Protection Information Audit? Carrying out […]

Vulnerable Customer Policy Template

Having adequate, effective and compliant policies, procedures and training workshops on what makes a customer vulnerable, how to identify them and how to communicate effectively is not only a mandatory FCA requirement, but also an essential business practice. It is even more important in times of national crisis, such as the current pandemic, to ensure […]

When Do You Need a CCTV Policy?

CCTV City Banner

The use of CCTV surveillance “CCTV” requires the user to have certain measures and controls in place. Measures can range from signposting that makes the public aware CCTV is being used; through to having a compliant CCTV policy and checklist. The data obtained through the use of CCTV falls under the data protection legislation. This […]

Suspicious Activity Report Template

Suspicious Activity Report Template

Why use a Suspicious Activity Report Template? It provides the confidence to know that you are collecting, documenting and submitting the right data, in the right format, to the right governing body. It will also save you time and money buy joining 10,000+ firms who already use our templates! Reporting Suspicious Activities Businesses with obligations […]

Treatment of Customers in Financial Difficulty

PDA device with declined notice on screen

HSBC Fined £6,280,100 The importance of having effective policies and procedures in place for treating customers fairly and managing those in arrears cannot be overstated. HSBC UK Bank plc and Marks and Spencer Financial Services plc (“HSBC”) are the latest firm penalised for failing to treat customers in arrears or with financial difficulties fairly. Last […]

Preparing Your Firm’s Wind-down Plan

Downturn in business and profits image

Why is Wind-down Planning Important? The FCA’s wind-down planning guidance was published back in 2016. This has recently gained additional scrutiny and attention with the publication of the FCA page ‘Preparing your firm’s wind-down plan’ in March 2024. While the 60-page guidance itself does not impose any obligation on a firm to create a wind-down […]

AML for Annex 1 Registered Firms

Suspicious Activity Report Template

Introduction Anti money laundering (AML) compliance in the UK is overseen by appointed supervisory authorities. AML for Annex 1 registered firms has recently come under scrutiny by the FCA after their assessment into money laundering prevention processes. The regulator found cases of discrepancies between the registered and actual activities carried out by firms. In addition, […]

Understanding the GDPR Conditions & Rights

AML banner

Initially published in 2017 ahead of the General Data Protection Regulation (GDPR) enforcement, this article has been updated for those new to the UK GDPR. Understand some of the GDPR Conditions & Rights that apply under the UK’s data protection Regulation and see how to comply with your obligations. Lawfulness of Processing Conditions The onus […]

FCA Consumer Duty Guidance

Due Diligence Article Banner

This article provides information on the Consumer Duty and offers suggestions for complying with the rules and outcomes. We have put the FCA Consumer Duty guidance into simple to read sections and have included controls and tools for adherence to the Duty requirements. What is The Consumer Duty? The FCA’s Consumer Duty (“the Duty”) came […]

What Does Data Minimisation Mean?

What Does Data Minimisation Mean?

What does ‘data minimisation’ mean?  Simply put, data minimisation is the process of limiting the collection and retention of personal data to what is absolutely necessary. The purpose for processing personal data should be identifed by the data controller. The information collected should be adequate to fulfil that purpose, directly relevant and limited to what […]