Peer2Peer Finance News
The UK's first peer-to-peer finance magazine for investors and the industry
  • Home
  • News
    • Personal Finance News
    • Industry News
    • SME News
    • Global News
  • Property
  • IFISA
    • IFISA Guide
  • Video
  • Open Banking
  • Cryptocurrency
  • Features
    • Joint Ventures and Promoted Content
  • Comment & Analysis
  • What is P2P?
  • Partners
  • Events
    • Past Events
  • P2P Power 50
    • Power 50 2020
    • Power 50 2019
    • Power 50 2018
    • Power 50 2017
  • Sign up to our e-newsletters
  • Magazine
  • Directory
  • Jobs
  • My Account
    • Manage Account
    • Change Password
    • Log In
    • Log Out
shutterstock_1100727983
June 5 2018

P2P lenders prepared for new data rules

Suzie Neuwirth Industry News, News ArchOver, data protection, Fox Williams, GDPR, Ian Anderson, John Goodall, Jonathan Segal, Landbay, Ratesetter

PEER-TO-PEER lending platforms have welcomed the new General Data Protection Regulation (GDPR) and confirmed that their processes meet with the new EU standard.

“We welcome any measures which safeguard personal information, and very much see GDPR as a significant force for good – not least in recent times, where data has too often been dubiously acquired and unscrupulously used,” said a spokesperson for Lending Works.

A RateSetter spokesperson told Peer2Peer Finance News that the firm “has implemented a comprehensive cross-departmental project to ensure [we are] compliant with new data protection legislation,” while Landbay chief executive and co-founder John Goodall said that “we view GDPR as an opportunity to further build customer trust and confidence and continue to offer quality information to our customers.”

However, a legal expert has warned that GDPR compliance is an ongoing concern which may raise new issues in the future.

Read more: Personal data: Handle with care

Jonathan Segal, head of fintech and alternative finance at law firm Fox Williams, said that P2P platforms should “be ready for an increase in subject access requests” from both customers and staff and have a policy in place to deal with these.

“Customer data should be encrypted, in particular sensitive customer data such as bank account and card details,” Segal said. “If you lose that data (e.g. through a hack), by encrypting the data you will have minimised your risks and reduced any potential liability from the breach.

“You would also need to look at your data retention policy and regulatory requirements surrounding retention of data. If you do not have a policy then you should formulate one. You will reduce risk of fines by the Information Commissioner’s Office if you have appropriate data retention policies in place and you follow them.”

GDPR is an EU-wide directive that came into effect on 25 May. It is the most sweeping data protection law to have been introduced since the arrival of the internet and forces every business in the EU to adhere to certain standards with regards to data storage and usage. This means that companies require explicit permission from customers to add them marketing lists, and they must prove that they can effectively secure sensitive customer data.

Read more: Two in five SMEs unprepared for data compliance laws

However, a number of platforms told Peer2Peer Finance News that they do not expect the new regulations to have a big impact on their business growth.

“If someone doesn’t want you to engage they are unlikely to have ever become a new customer,” said Ian Anderson, chief operating officer at ArchOver. “The biggest challenge has been working with external suppliers to ensure they are compliant and handle our data properly.”

RateSetter said that it relied on its referral programmes to win new customers, and not email marketing campaigns. Meanwhile, Landbay’s Goodall said that he was “not worried” about losing customers through GDPR “as our customer acquisition strategy is not heavily reliant on email marketing”.

GDPR was approved by the EU Parliament on 14 April 2016 and all EU companies were given a compliance deadline of 25 May 2018. Failure to adhere to the law can result in a fine of up to €20m (£17.5m). It will replace the UK’s Data Protection Act of 1998, and will become a permanent part of UK law, despite Brexit.

Read more: Business groups herald plans for post-Brexit data sharing

This article featured in the June edition of Peer2Peer Finance News. Click here to read the magazine online. 

Light at the end of the tunnel for green energy P2P lenders Pressure mounts for Ranger board overhaul

Related Posts

money UK

Industry News, News, Top 3

P2P lenders ‘shouldn’t expect’ investor boost from collapsed platforms

Modern way of exchange. Bitcoin is convenient payment in global economy market. Virtual digital currency and financial investment trade concept. Abstract cryptocurrency with gold bitcoin background..

Cryptocurrency, Industry News, News, Top 3

Goldman Sachs: Institutional crypto interest on the rise

Mike Horton head shot Colour

Industry News, News, Top 3

Quantuma hires former Assetz Capital recoveries manager

Popular posts:

  • Chancellor unveils recovery loan scheme
  • Budget outlines plans for £15bn of green bonds in 2021
  • Government to launch replacement future fund scheme
  • BBB sets out further details on recovery loan scheme
  • Zopa exec “very excited” about embedded finance for lenders
  • Treasury launches £100m Taxpayer Protection Taskforce
Back To Top
  • Home
  • Contact
  • About
  • Team
  • Advertising
  • Subscribe
  • Privacy
  • T&Cs
  • Disclaimer

Follow Us on Social Media

© Peer2Peer Finance News 2020
• Additional design by