Data and de-banking: what you need to know

"De-banking – noun, the act of depriving a person of banking facilities.” HarperCollins Dictionary, 2023.

De-banking has made a huge impact on public life following media coverage on account closures involving political figures, charities, small businesses and retail customers. This has presented major challenges for financial services institutions, including increased regulator and government scrutiny, access requests and litigation.

On 1 February 2024, TLT welcomed representatives from the Financial Conduct Authority (FCA) and the Information Commissioner’s Office’s (ICO) for a panel session. The webinar yielded crucial insights and practical takeaways for the several hundred guests in attendance.

Anchored by TLT’s Emma Erskine-Fox, the expert panel consisted of:

• Emad Aladhal – FCA - Director, Specialist Directorate

• Andrew Thomsen – ICO - Group Manager, Competition & Regulatory Cooperation

• Ben Cooper – TLT, Partner Economic Crime

• Chris Elwell-Sutton – TLT – Partner Data Privacy & Cybersecurity

Key Takeaways 

• Customer Trust was harmed by de-banking, but confidence is returning. 

• Financial Crime prevention remains a priority for the FCA and for the UK Government.

• Balancing Act: Firms must balance financial crime measures with protecting customers’ rights.

• Success is Possible: Data protection law does not contradict financial services regulations, but rather helps guide firms to minimise risk in their anti-fraud and monitoring activities - ultimately supporting positive customer outcomes.

• UK GDPR Principles: Focus on all principles is important, with principles concerning fairness, data minimisation, and accuracy especially relevant. 

• Collaboration is Key: The FCA promotes collaboration and cooperation across the private and public sectors in the fight against financial crime and data is at the heart of this.  

• Data sharing between firms can assist in preventing financial crime but needs to be done responsibly and in compliance with the law.

• Innovation: Both the ICO and FCA support innovation. Several initiatives facilitate this including the ICO’s innovation advice service and regulatory sandbox. 

• AI: Is hugely useful in detecting and reducing financial crime but also a key area of data risk.

• New Legislation: The data sharing provisions in the Economic Crime and Corporate Transparency Act 2023 came into force in January 2024, while the Data Protection and Digital Information Bill is expected in the coming months.  

Four actions to take now

• Governance review: Firms should assess their de-risking procedures and governance holistically including: financial crime, GDPR, financial inclusion and Consumer Duty. 
• Implement GDPR in full: GDPR compliance isn’t just about security. Firms must build all GDPR principles into their processes, including fairness, accuracy, purpose limitation and restrictions on the use of sensitive data (including political views).
• Policy statement: HM Treasury's latest Policy Statement contains crucial pointers. 
• Politically Exposes Person: Apply the amended enhanced due diligence requirements for UK domestic PEPs. 

How we can help
TLT has a dedicated team advising on effective and efficient de-risking programmes that meet financial crime, GDPR, financial inclusion and Consumer Duty requirements. Please contact Ben Cooper or Chris Elwell-Sutton to discuss.

Additional resources 

From the ICO

• ICO guide to the data protection principles, including the ‘Data Minimisation’, ‘Accuracy’, ‘Accountability’ and ‘Fairness, Lawfulness and Transparency’ principles

• ICO Data protection by design and default guidance

• ICO Data sharing code of practice and Data sharing hub

• ICO Guidance on AI and data protection

• ICO Innovation Services, including a final report from the ICO’s Regulatory Sandbox concerning an ‘information sharing pilot’

• UK digital Regulation Cooperation Forum website

From the FCA

• FCA Reducing and preventing financial crime 
• FCA Financial crime resources