ICO and FCA announce new Memorandum of Understanding

On 18 February 2019, the Information Commissioner’s Office (the “ICO“) and the Financial Conduct Authority (the “FCA“) published a new Memorandum of Understanding (“MoU“) between them. This will no doubt be of interest to any business regulated by the FCA and while it is good news that regulators will be co-operating in the exercise of their functions, the MoU does not remove the risk for such businesses that they could, in the event of any data protection breach, face parallel investigation and enforcement action from more than one regulator, both with very significant sanctioning powers.

We have set out below a high-level overview of the MoU, the conduct of investigation and enforcement and the legal basis on which information can flow between the two regulators – paving the way for further joined-up regulatory thinking in the wake of the GDPR. Continue reading