The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

SNR Denton Helps First Data Obtain Approval from European Regulators for its Binding Corporate Rules for Data Privacy

SNR Denton has successfully helped First Data Corporation, a global leader in electronic commerce and payment processing, obtain approval from European Data Protection regulators for its Binding Corporate Rules for data privacy (BCRs).

Today, the Information Commissioner’s Office granted authorisation of First Data’s BCRs, making it the eleventh company to obtain such authorization. First Data is one of only a handful of other companies worldwide who have completed this rigorous process to establish of the highest standards global data privacy practices. Its BCRs have been approved by the data protection authorities in 18 European Union member states.

The authorisation marks the culmination of a four-year project by First Data which was led on First Data’s side by John Atkins, First Data’s Chief Privacy Officer, and Tanya Madison Cunningham, Senior Counsel, Technology, Regulatory Compliance and Privacy.

SNR Denton’s team was led by Head of Technology Media and Telecoms sector, Scott Singer, assisted by associates Nicola Tutton and Tristan Jonckheer, all of whom work in SNR Denton’s dedicated UK Data Privacy Group, which has 4 partners and 12 lawyers in total, making it one of the largest in the UK.

Scott Singer commented: “Data Privacy is at the heart of First Data’s business, being a company which processes literally tens of billions of transactions every year. First Data’s determination to complete this process has come out of not just a desire to streamline its business, but more importantly, a wish to demonstrate its commitment to maintaining the highest standards of data privacy in everything it does.”

John Atkins, First Data’s Chief Privacy Officer, said: “First Data appreciates the superior guidance we received from SNR Denton during this process. Only a handful of companies have achieved BCR approval due to the rigorous nature of the process, and the advice and partnership provided by the SNR Denton team were invaluable.”

David Smith, Deputy Information Commissioner, said: “First Data should be commended for its commitment to the concept of binding corporate rules and for the respect for the privacy of individuals that this demonstrates. The ICO welcomes approaches from multi-national organisations that need to share personal information within their own group, but outside Europe and who want to use binding corporate rules to enable that.”

BCRs are a company-wide privacy policy to guarantee that a company’s practices are consistent with European data protection law. They are considered the platinum standard for compliance with the European Data Protection Directive. First Data’s BCRs will allow First Data to transfer personal data from the European Economic Area to its affiliates elsewhere in the world – something which is prohibited under the European Data Protection Directive unless adequate safeguards are in place. Following approval of the binding corporate rules by the European data protection regulators, First Data will now go through the formal process of approaching each of them for local authorization (the ICO’s having been the first such authorisation to be granted).

Related content

WEBINAR

Recorded Webinar: Managing unstructured data to ensure regulatory compliance and add value

As unstructured data floods into capital markets in the wake of traditional structured data, firms must manage both data types and ensure ease of access to extract data required for regulatory compliance efficiently and effectively. Beyond compliance, firms can add value to the business by gaining a clear understanding of their unstructured data, integrating the...

BLOG

Sponsored Blog: The Complexities of Shareholding Disclosure

Complex shareholder disclosure regulations, especially where assets are held across jurisdictions, can quickly translate into a significant headache for asset managers and institutional investors alike. Secure access to the right data and analytics can mean the difference between compliance and a breach of regulations. About shareholding disclosure Shareholding disclosure regulations have been designed to protect...

EVENT

RegTech Summit Virtual (Redirected)

The RegTech Summit Virtual is a global online event that brings together an exceptional guest speaker line up of RegTech practitioners, regulators, start-ups and solution providers to collaborate and discuss innovative and effective approaches for building a better regulatory environment.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...