The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

SNR Denton Helps First Data Obtain Approval from European Regulators for its Binding Corporate Rules for Data Privacy

SNR Denton has successfully helped First Data Corporation, a global leader in electronic commerce and payment processing, obtain approval from European Data Protection regulators for its Binding Corporate Rules for data privacy (BCRs).

Today, the Information Commissioner’s Office granted authorisation of First Data’s BCRs, making it the eleventh company to obtain such authorization. First Data is one of only a handful of other companies worldwide who have completed this rigorous process to establish of the highest standards global data privacy practices. Its BCRs have been approved by the data protection authorities in 18 European Union member states.

The authorisation marks the culmination of a four-year project by First Data which was led on First Data’s side by John Atkins, First Data’s Chief Privacy Officer, and Tanya Madison Cunningham, Senior Counsel, Technology, Regulatory Compliance and Privacy.

SNR Denton’s team was led by Head of Technology Media and Telecoms sector, Scott Singer, assisted by associates Nicola Tutton and Tristan Jonckheer, all of whom work in SNR Denton’s dedicated UK Data Privacy Group, which has 4 partners and 12 lawyers in total, making it one of the largest in the UK.

Scott Singer commented: “Data Privacy is at the heart of First Data’s business, being a company which processes literally tens of billions of transactions every year. First Data’s determination to complete this process has come out of not just a desire to streamline its business, but more importantly, a wish to demonstrate its commitment to maintaining the highest standards of data privacy in everything it does.”

John Atkins, First Data’s Chief Privacy Officer, said: “First Data appreciates the superior guidance we received from SNR Denton during this process. Only a handful of companies have achieved BCR approval due to the rigorous nature of the process, and the advice and partnership provided by the SNR Denton team were invaluable.”

David Smith, Deputy Information Commissioner, said: “First Data should be commended for its commitment to the concept of binding corporate rules and for the respect for the privacy of individuals that this demonstrates. The ICO welcomes approaches from multi-national organisations that need to share personal information within their own group, but outside Europe and who want to use binding corporate rules to enable that.”

BCRs are a company-wide privacy policy to guarantee that a company’s practices are consistent with European data protection law. They are considered the platinum standard for compliance with the European Data Protection Directive. First Data’s BCRs will allow First Data to transfer personal data from the European Economic Area to its affiliates elsewhere in the world – something which is prohibited under the European Data Protection Directive unless adequate safeguards are in place. Following approval of the binding corporate rules by the European data protection regulators, First Data will now go through the formal process of approaching each of them for local authorization (the ICO’s having been the first such authorisation to be granted).

Related content

WEBINAR

Recorded Webinar: Data Science & Analytics – New approaches and capabilities for driving business analytics

Financial institutions are under pressure to maximise the insight they can derive from their data. With data spread across multiple silos and stored in both structured and unstructured formats, embedding analytics into business processes can be difficult and calls for new approaches to data management. Open source database and data processing technologies, as well as...

BLOG

Behind the Scenes at Solidatus Following £14 Million Series A Funding

Having reported on Solidatus’ £14 million Series A funding last week, this week we go behind the scenes to talk to the company’s founders Philip Dutton and Philip Miller about their business philosophy, ambitions for Solidatus, and the challenges and opportunities of working with investors and growing the company through lockdown. After careers in financial...

EVENT

LIVE Briefing: ESG Data Management – A Strategic Imperative

This breakfast briefing will explore challenges around assembling and evaluating ESG data for reporting and the impact of regulatory measures and industry collaboration on transparency and standardisation efforts. Expert speakers will address how the evolving market infrastructure is developing and the role of new technologies and alternative data in improving insight and filling data gaps.

GUIDE

Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...