A survey of financial advisers has found that the majority are set to miss the May 2018 deadline for complying with the new General Data Protection Regulation (GDPR) which will impose penalties for mis-using or failing to protect client data.

The survey among 270 users of Intelliflo’s Intelligent Office software revealed that two thirds (67%) say they don’t yet have a plan to ensure GDPR is fully implemented by the enforcement date of 25 May 2018, with almost one in ten (9%) saying they were not aware of the new regulation.

Intelliflo says the survey also highlighted confusion about the differences between the existing Data Protection Act and the new requirements under GDPR, with just three in 10 (30%) saying they understand the differences very well. Of the rest, around a third (32%) said they have a little understanding of the differences, with almost four out of 10 (39%) saying they don’t understand the differences well, or not at all.

Rob Walton, chief operating officer at Intelliflo, said: “Although May might seem like a long way off, it’s actually very little time for advisers to start preparing for the enforcement date of GDPR. It’s not the case that if you are compliant with the current Data Protection Act, then there’s little to worry about.

“The new regulation is far more detailed, with new obligations and requirements and it’s essential that advisers can demonstrate that they have taken action to ensure they are fully meeting these. Personal data is the very essence of financial advice therefore GDPR could have a significant impact on most, if not all, firms. Our survey throws up some worrying results and I urge advisers to act now to get a firm grasp on what it means for them and their businesses.”

Other findings were:
• Three quarters (74%) of those surveyed are not concerned or don’t know about the impact GDPR will have on their businesses.
• Nine out of 10 (89%) currently store data that relates to clients they used to advise but no longer have a need to contact or have lost contact with for a number of years.
• Of those who store previous client data, 43% regard this data as being a valuable asset to their business.
• Only one in three (30%) say they have implemented security best practice and do not store paper based material containing personal client data at all (22%) or use secure third-party run facilities (8%).
• Almost half (49%) store client data in locked cupboards or drawers within their offices, with 17% storing them unlocked in their offices. 2% store material in locked out-buildings near to their office.