Unit 11 - Rules and regs Flashcards
(36 cards)
Electronic comms privacy legislation
Privacy and Electronic Comms Regs 2003
Data controller
Legal entity who determines purpose and means of processing of personal data
Data subject
Individual to whom personal data relates
Personal data
Information relating to individual
Data processing
- Collection/recording
- Adaption
- Retrieval
- Disclosure
- Combination
- Erasure
Data processor
Entity who processes personal data on behalf of controller
Special category personal data
Personal data revealing racial or ethnic origin, political opinions, philosophical beliefs, sexual orientation
Six GDPR principles + 1
PI SALAD - Lawfulness, fairness and transparency - Purpose limitation - Data minimisation - Accuracy - Storage limitation - Integrity and confidentiality AND Accountability
Legal basis for processing
CCC, PP, L
- Subject’s consent
- Processing necessary for performance of contract
- Compliance with legal obligation
- Protect vital interests of subject
- Public interest task
- Legitimate interest
Information notices
- Identity and contact details of controller
- Contact details fo controllers Data Prot Officer
- Purpose of processing and legal basis for processing
- Details of recipients of personal data
- Details of transfer of data outside EEA
- Details of how long retained for
- Explanation of subject’s rights
Individual rights
- Access
- Inaccurate - rectify
- Restrict processing
- Object to processing
- Erasure if no longer necessary or no legitimate reason to hold
- Provided to them
- Not to have decisions made by automated
- Withdraw consent
Must do within 1 month
ICO
UK supervisory authority - monitors DPA 2018 and GDPR
GDPR offences
Generally a civil matter but some criminal:
- Access offences - e.g. sale of data
- Investigation offences - e.g. provide false statements if asked
- New offences - In 2018 but not 1998,
- Re-identification of personal data
- Destroy info to prevent disclosure
- Enforcement - €20m or 4% of global revenue - whichever higher
Money laundering
The process by which the proceeds of criminal conduct are dealt with in a way to disguise their criminal origins
Where are money laundering offences found?
Proceeds of Crime Act 2002
Money Laundering Regulations 2007
Require administrative procedures and regulatory requirements to be adopted to guard against ML
Apply to all financial activities
Money laundering - FSMA2000
FCA has investigation and sanctioning powers for ML
POCA02 - Sections
327 - offence to conceal or remove criminal property
328 - offence to enter into arrangement which facilitates use of criminal property
329 - offence to acquire criminal property
POCA02 - Section 330 - ML
Offence when:
- Person knows another person ML
- Information for above came from regulated sector
- Person doesn’t disclose asap
AML requirements
FCA requires firms to have AML procedures in place and requires approved persons to take responsibility.
Must set up MLRO.
Must not engage with another firm if don’t know who they are - ID for beneficial owners
Must make sure staff who transact report to MLRO if find ML
MLRO must report to National Crime Agency
Also check FCA handbook - has its own expectations e.g. SM to look holistically at financial crime
Joint Money Laundering Steering Group
JMLSG is an industry body made up of leading trade associations in the UK FSI, encourages good practice in combating ML.
What is bribery?
Giving someone a financial or other advantage to encourage a person to perform their functions, or to reward someone
Bribery Act 2010
Four categories of offence:
- Offering a bribe
- Accepting a bribe
- Bribing a foreign official
- Failing to prevent a bribe
Ministry of Justice guidance on BA10
Promotional/proportionate hospitality ok
