The purpose of the Bill is to streamline requirements on UK firms and to provide clarification on existing legislation. The UK’s adequacy with the US may be at risk given the proposed powers for the Secretary of State (relating to standards setting) that may be regarded as impeding the independence of the regulator and should UK reforms diverge significantly from the EU this raises the risk of inhibiting cross border data flows.

Changes PIMFA members should be aware of relate to:

• the role of the data protection officer being replaced by a designated senior responsible individual.
• the Bill proposes powers for The Treasury and the Secretary of State to issue regulations requiring data holders to submit customer and business data – the proposals are similar to provisions in the EU Digital Markets Act.