ARTICLE
2 December 2024

ICO, FCA, And TPR Joint Statement On Data Protection And Effective Communications To Consumers

NR
Norton Rose Fulbright Hong Kong

Contributor

Norton Rose Fulbright Hong Kong logo

Norton Rose Fulbright provides a full scope of legal services to the world’s preeminent corporations and financial institutions. The global law firm has more than 3,000 lawyers advising clients across more than 50 locations worldwide, including London, Houston, New York, Toronto, Mexico City, Hong Kong, Sydney and Johannesburg, covering Europe, the United States, Canada, Latin America, Asia, Australia, Africa and the Middle East. With its global business principles of quality, unity and integrity, Norton Rose Fulbright is recognized for its client service in key industries, including financial institutions; energy, infrastructure and resources; technology; transport; life sciences and healthcare; and consumer markets.

The ICO, FCA, and TPR's joint statement clarifies that retail investment firms and pension providers can send regulatory messages to consumers without direct marketing permissions, as long as these messages don't promote services. The tone must remain neutral, avoiding active promotion to comply with data protection rules.
United Kingdom Finance and Banking

On 15 November, the Information Commissioner's Office (ICO), the Financial Conduct Authority (FCA) and The Pensions Regulator (TPR) published a joint statement on data protection and effective communications to consumers (the statement). Retail investment firms and pension providers had fed back that they would benefit from further regulatory clarity about how TPR's Code of Practice and guidance on communications requirements and the FCA's Consumer Duty interact with direct marketing rules under data protection law and regulations. The statement is designed to provide greater clarity for firms and pension scheme trustees or managers to support their customers decision-making through their communications, in line with the FCA Consumer Duty and TPR's Code of Practice and Guidance.

Regulatory communications without direct marketing permissions

The statement highlights that firms and pension scheme trustees or managers can provide regulatory communication messages to customers even if they don't have direct marketing permissions from them, provided these messages are not direct marketing. The statement also highlights that genuine service messages telling customers important information that they need to know (and do not contain promotion or advertising) will fall outside the direct marketing rules.

A non-exhaustive list of examples of communications that can be drafted in a way that are unlikely to be direct marketing is included:

  1. A message that warns a customer that they are at risk of harm from having an inadequate pension income in retirement due to their existing contribution rates; or from drawing down on their pension at an unsustainable rate.
  2. Helping a customer to understand their pensions or retail investments product or service, such as explaining jargon and signalling where consumers can go for support.
  3. Reminding customers of the option of consolidating their pension pots and the relevant factors around this, where that is appropriate for the client.
  4. Factually describing the details of different decumulation options to help customers make an informed choice.
  5. Noting where people can access free tools, such as pension tracing tools and savings or retirement income calculators.
  6. Informing a customer they are being transferred to another pension scheme.
  7. Giving a child trust fund owner important information about their account, where the account was opened for them during their childhood.
  8. Highlighting to a customer that they have unused Individual Savings Account (ISA) allowance towards the end of the tax year.
  9. Telling customers who are reaching the end of a term deal what their options are.

Importance of tone and context – where regulatory communications may be direct marketing

The statement emphasises that firms should use a neutral tone and avoid active promotion or encouragement to avoid falling under the direct marketing rules. The ICO's direct marketing and regulatory communications guidance provides further advice on this – any active promotion of an initiative, for example by highlighting the benefits and encouraging people to participate or take a particular course of action, is likely to be direct marketing.

If a regulatory communication's context and tone mean that it is also direct marketing, this does not prevent the firm or pension scheme from sending the communication, but it will be necessary to comply with the Privacy and Electronic Communications Regulations where applicable, as well as the UK GDPR. For example, for electronic mail direct marketing, firms or pension schemes must ensure they have consent or meet all the requirements of the 'soft opt-in'.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More