Transcript:
Firms can introduce a series of mechanisms in order to manage risk regarding existing clients. It’s important to understand that the lifecycle of an existing client can evolve and change over time.
So by introducing ongoing monitoring and allow having system integrations in place with third party checks and validation, having an annual review processes in place where a firm actually reaches out to a client to validate information on file to make sure that that is accurate and up to date, is extremely important in ensuring firms take a proactive approach to understanding if there are any changes or trigger events that might have occurred during that client lifecycle. And that means that in the event that something is found, it can be handled in an efficient and effective manner with a client.
Some examples of trigger events in the existing client lifecycle may involve a change in their financial standing, perhaps the addition of a new director or an officer to the board mergers, acquisitions, a whole host of corporate activities or indeed individual activities that may exist to alter in some way the information and data already held on file, and it’s extremely important to proactively keep on top of monitoring that information.
It’s important when considering purging data if there’s any external regulations and oversight in place. For example, GDPR data privacy, regulations and obligations exist. Also to consider the internal policies and procedures that may be in place by the compliance and legal teams within firms.
What is best practice in terms of holding and maintaining data and files and record? There can be a range in terms of the date range in terms of when records are held and maintained. This balance between an external regulation and an internal has to be met, and come together in a cohesive way in order to properly manage sensitive personal information.