Unit 2- Topic 24- Other Regulations affecting the advice process

Question 1

Who does the General Data Protection Regulation apply to?

Answer 1

It applies to ‘personal data’, which is information relating to an individual who can be identified.

Question 2

What is 1) of the six GDPR protection principles?

Answer 2

Processed lawfully, fairly and in a transparent manner in relation to individuals.

Question 3

What is 2) of the six GDPR protection principles?

Answer 3

Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes

Question 4

What is 3) of the six GDPR protection principles?

Answer 4

Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

Question 5

What is 4) of the six GDPR protection principles?

Answer 5

Kept accurate and up to date. Every reasonable step must be taken to ensure that personal data are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.

Question 6

What is 5) of the six GDPR protection principles?

Answer 6

Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed, although archiving is allowed in certain circumstances.

Question 7

What is 6) of the six GDPR protection principles?

Answer 7

Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Question 8

How does GDPR define ‘Data subject’?

Answer 8

An individual (a natural person) whose personal data is processed.

Question 9

How does GDPR define ‘Personal data’?

Answer 9

Information that can directly or indirectly identify a natural person. This information can be in any format.

Question 10

How does GDPR define ‘Special categories of personal data’?

Answer 10

This data is more sensitive and so needs more protection. Generally (although there are exceptions) such data can only be processed if the individual has given explicit consent. Sensitive data includes information about an individual’s:- race;- religious beliefs- political persuasion;- trade union membership;- sexual orientation;- health;- biometric data;- genetic data;

Question 11

How does GDPR define ‘Processing’?

Answer 11

This has a very broad meaning, covering all aspects of owning data, including: - obtaining that data in the first place- recording of the data- organisation or alteration of the data- erasure of the data, by whatever means.

Question 12

How does GDPR define ‘Data controller’?

Answer 12

This is the ‘legal’ person who determines the purposes for which data are processed and the way in which this is done. The data controller is normally an organisation/employer, such as a company, partnership or sole trader. They have prime responsibility for ensuring the requirements of the Act are carried out.

Question 13

How does GDPR define ‘Data processor’?

Answer 13

This is a person who processes personal data on behalf of the data controller.

Question 14

What are the six criteria of which at least one must apply in order for an organisation to have a lawful basis for processing data?

Answer 14

1) Consent2) Contract3) Legal obligation4) Vital interests5) Public task6) Legitimate interests

Question 15

Who is responsible for enforcing GDPR?

Answer 15

The Information Commissioner is responsible for overseeing the application of the GDPR. Firms should report significant personal data breaches to the Information Commissioner.

Question 16

What are the Information Commissioner’s powers to enforce GDPR?

Answer 16

• Serve information notices.- Issue undertakings- Serve enforcement notices, and ‘stop now’ orders where there has been a breach- Conduct consensual assessments (audits)- Serve assessment notices- Issue monetary penalty notices- Prosecute- Issue a ban

Question 17

What is the following classified as under GDPR and possible fines?- For a data controller to fail to comply with an information or enforcement notice.

Answer 17

Criminal offence.The maximum fine for this is the higher of EUR 20m or 4% of an organisation’s worldwide turnover.

Question 18

What is the following classified as under GDPR and possible fines?- Failure to make a proper notification to the Information Commissioner. ‘Notification’ is the way in which a data controller effectively registers with the Information Commissioner’s Office b acknowledging that personal data are being held and by specifying the purpose(s) for which the data re being held.

Answer 18

Criminal offence.The maximum fine for this is the higher of EUR 20m or 4% of an organisation’s worldwide turnover.

Question 19

What is the following classified as under GDPR and possible fines?Processing of data without authorisation from the Commissioner.

Answer 19

Criminal offence.The maximum fine for this is the higher of EUR 20m or 4% of an organisation’s worldwide turnover.

Question 20

What is the following classified as under GDPR and possible fines?Intentionally or recklessly re-identifying individuals from psedonymised or anonymised data

Answer 20

Criminal offence.The maximum fine for this is the higher of EUR 20m or 4% of an organisation’s worldwide turnover.

Question 21

Define Direct Pay Arrangement

Answer 21

A direct pay arrangement is one where the employer collects an employee’s pension contributions from their gross salary and pays them over to the pension provider.

Question 22

What are the three categories ‘power of the pensions regulator’ fall under?

Answer 22

• Investigating schemes- Putting things right- Acting against avoidance

Question 23

Outline the ‘Investigating schemes’ section of the powers of the pensions regulator.

Answer 23

• Identifying and investigating risks.- Requiring all schemes to make regular returns to the regulator.- Requiring trustees or scheme managers to give notification of any changes to important information, such as types of benefit being provided by the scheme.- Requiring that the regulator be informed quickly if the scheme discovers that it cannot meet the funding requirements, so that remedial action can be taken at an early stage.

Question 24

Outline the ‘Putting things right’ section of the pensions regulator.

Answer 24

• Requiring specific action to be taken to improve matters within a certain time.- Recovering unpaid contributions from an employer who does not pay them to the scheme within the required period (by the 19th day of the month following that in which they were deducted from the member’s salary)- Disqualifying trustees who are not considered fit and proper persons- Imposing fines or prosecuting offences in the criminal courts

Question 25

Outline the ‘Acting against avoidance’ section of the pensions regulator.

Answer 25

• Preventing employers from deliberately avoiding their pensions obligations and so leaving the Pension Protection Fund to cover their pension liabilities- Issuing: - contribution notices, requiring the employer to make good the amount of debt either to the scheme or to the Pension Protection Fund; or - financial support directions, which require financial support to be put in place for an underfunded scheme.

Question 26

What is the Pension Protection Fund?

Answer 26

The Pensions Act 2004 established the Pension Protection Fund (PPF) to protect members of private sector defined-benefit pension schemes in the event that a firm becomes insolvent with insufficient funds to maintain full benefits for all its scheme members.

Question 27

How does the PPF fund compensation payments?

Answer 27

• It imposes a levy on defined-benefit schemes (there are exceptions for some schemes in certain circumstances).- It takes on the assets of schemes that are transferred to the fund.- It seeks recovery of assets from insolvent employers.- It seeks to grow its funds through investment.

Question 28

Define Electronic Money (E-Money).

Answer 28

Electronically stored monetary value issued on receipt of funds for the purpose of making payment transactions, including prepaid cards and electronic prepaid accounts for use online.

Question 29

What is the Investment Services Directive (ISD)?

Answer 29

Its aim is to enable investment firms to operate in different European states.In order to obtain and retain authorisation in their home state, investment firms must comply with certain prudential rules drawn up by the authorities in the home state. The general nature of these prudential rules are incorporated in the Markets in Financial Instruments Directive (MiFID).

Question 30

What is the Markets in Financial Instruments Directive (MiFID)?

Answer 30

It is a key element of the EU Financial Services Action Plan and aims to harmonise the regulation of investment services cross the EU.MiFID has the main objectives of increasing both competition and consumer protection by setting requirements in three main areas:- conduct of business- organisation- market transparency

Question 31

Briefly outline the ‘Conduct of business rules’ reforms under MiFID II.

Answer 31

Enhancing the level of protection for different types of investor.

Question 32

Briefly outline the ‘Transparency’ reforms under MiFID II.

Answer 32

The MiFID pre- and post-trade transparency regime for shares is extended to non-equity investments.

Question 33

Briefly outline the ‘Development in the market structures’ reforms under MiFID II.

Answer 33

Designed to produce comprehensive regulation of secondary trading.

Question 34

Briefly outline the ‘Organisational requirements’ reforms under MiFID II.

Answer 34

Enhanced requirements in respect of the management of firms; explicit organisational and conduct requirements relating to product governance.`

Question 35

Briefly outline the ‘Commodity derivatives’ reforms under MiFID II.

Answer 35

Refinement of and augmentation of existing MiFID requirements.

Question 36

Briefly outline the ‘High-frequency trading’ reforms under MiFID II.

Answer 36

Measures to ensure that high-frequency trading does not adversely impact on markets.

Question 37

Briefly outline the ‘Disclosure’ reforms under MiFID II.

Answer 37

Requirement for aggregated cost disclosure, detailing all adviser and product charges.

Question 38

Briefly outline the ‘Suitability’ reforms under MiFID II.

Answer 38

The requirement to assess suitability when recommending an investor, buys, holds or sells (rather than buys or sells).

Question 39

What is Undertakings for Collective Investment in Transferable Securities?

Answer 39

Undertaking for Collective Investment in Transferable Securities (UCITS) legislation applies to regulated investment funds that can be sold to the general public throughout the EU.UCITS aims to provide a common framework of investor protection and product control.

Question 40

What are the two main objects of a European single market for insurance?

Answer 40

• Provide all EU citizens with access to the widest possible range of insurance products, while ensuring the highest standards of legal and financial protection.- Enable an insurance company authorised in any of the member states to pursue its activities throughout the EU.

Question 41

What are the minimum requirements of insurance intermediaries?

Answer 41

Intermediaries must not have been:- convicted of a serious criminal offence relating to crimes against property or other financial crimes;- declared bankrupt.

Question 42

What is the amount the latest directive requires that insurance intermediaries should hold in professional indemnity insurance?

Answer 42

At least EUR 1,300,380 per case andEUR 1,924,560 per annum.

Question 43

What information must an intermediary give to a customer?

Answer 43

• Name and address- Details of registration and means of verifying the registration- Whether the intermediary has any holding of more than 10% of the voting rights or capital of an insurance company- Conversely, whether any insurance company has a holding of more than 10% of the voting rights or capital of the intermediary- Details of internal complaints procedures and of external arbitrators (eg ombudsman bureaux) to which the customer could complain- Whether the intermediary is independent or tied to one or more insurance companies.

Question 44

Briefly outline ‘Extension of the scope of IMD’ under reforms under the IDD.

Answer 44

To cover direct insurance sales and some aspects of price comparison websites.

Question 45

Briefly outline ‘Enhanced professionalism requirements’ under reforms under the IDD.

Answer 45

Formal requirement for intermediaries to undertake at least 15 hours continuing professional development each year.

Question 46

Briefly outline ‘Conduct of business rules’ under reforms under the IDD.

Answer 46

Requirement that insurance distributors must always act ‘honestly, fairly and professionally in the best interests of customers’.

Question 47

Briefly outline ‘Mandatory disclosures’ under reforms under the IDD.

Answer 47

Before an application for insurance is made to ensure that customers receive clear information.

Question 48

Briefly outline ‘Requirement for a standardised (insurance product information document)’ under reforms under the IDD.

Answer 48

For non-life insurance contracts.

Question 49

Briefly outline ‘Stricter requirements’ under reforms under the IDD.

Answer 49

For the sale of life insurance products with investment elements.

Question 50

Briefly outline ‘Additional information requirements’ under reforms under the IDD.

Answer 50

For the sale of bundles products

Question 51

Briefly outline ‘Simplified procedure for cross-border entry to insurance markets across the EU’ under reforms under the IDD.

Answer 51

Through the use of a single electronic database of cross-border insurance intermediaries.

Question 52

What is the role of oversight groups?

Answer 52

Oversight of an institution’s business can be carried out by different individuals and groups, such as auditors, trustees or compliance officers.

Question 53

What is the difference between a data controller and a data processor?

Answer 53

A data controller is legally accountable for the purposes for which data is processed and the way such processing is carried out. A data controller is a ‘legal person’ but not necessarily a ‘natural person’, ie it might be an organisation rather than an individual.A data processor is a person who processes personal data on behalf of the data controller.

Question 54

What does the GDPR define as ‘sensitive data’?

Answer 54

• Race- Religious beliefs- Political persuasion- Trade union membership- Sexual orientation- Health- Biometric data- Genetic data

Question 55

Which of the following products are NOT subject to MiFID?a) Units in a collective investmentb) Sharesc) Life assuranced) Bonds

Answer 55

Life assurance.

Question 56

A general insurer with a head office in one of the member states may set up branches in other member states; these branches will be regulated by the national regulator of the state in which the head office is situated. True or False?

Answer 56

True.