MiFID, MiFID II and AVG compliant
Laws and regulations are an important part of the SCOPE KYC Cloud solution. In collaboration with several lawyers, the solution was checked for compliance with MiFID, MiFID II, and the AVG.
The asset manager and the client
The general trend is that more and more is being asked of asset managers. New laws and regulations follow one another in rapid succession.
One example is the introduction of MiFID II (Markets in Financial Instruments Directive, the European investment directive) in January 2018.
It will lead to increasing pressure on the business model of asset managers, because complying with laws and regulations takes a lot of time, money, and commitment.
Not only MiFID II impacts the way business is done
The General Data Protection Regulation (AVG, in English the General Data Protection Regulation, GDPR) that has been in force since May 25, 2018, will also lead to increasing pressure. The current directive regarding the protection of personal data is implemented in the Personal Data Protection Act (Wbp).
The SCOPE KYC Cloud solution complies with many of the requirements of the AVG/General Data Protection Regulation 2018. Examples include the two-way use of the information (transparency and correctness). Accuracy is guaranteed by giving customers the ability to modify their data.
The Know Your Customer solution has a clear purpose and data limitation determined by relevant legislation.
Furthermore, a number of duties and obligations set forth in the GDPR 2018 are assumed by SCOPE as the administrator of the SCOPE KYC Cloud database and by the Microsoft Azure Cloud Platform.
The Microsoft Azure Cloud Platform has been chosen by SCOPE to host the SCOPE KYC Cloud solution. The Microsoft Azure Cloud Platform has committed to comply with several aspects of the GDPR 2018.
How is the General Data Protection Regulation incorporated into the SCOPE KYC Cloud portal?
Juistheid
Target limitation
The AVG states that personal data must be and remain correct. Correctness is guaranteed because the client has the opportunity to modify his or her data.
As part of the financial situation, goals are also set. For example: how much return does the client want in twenty years. It is calculated whether these objectives are achievable and in which investment profile they should be invested.
Transparantie
Integriteit en vertrouwelijkheid
The client whose data is processed is
aware of this, has given his consent, and knows his rights. Transparency arises because the client has full insight into the stored data and will always have access.
Based on the financial situation and the investment objective(s), the EPI-Engine performs Monte Carlos simulations to understand what may happen to the assets in different stock market climates. In addition, the SCOPE KYC Cloud Portal includes a psychometric risk tolerance test to estimate what risk the client considers acceptable.
Gegevensbeperking
Portabiliteit
Only data necessary for the intended purpose are collected.
The final step is to choose a risk profile and a matching investment strategy. Then all the steps are converted to a PDF document, which can be signed by both parties.
Bewaarbeperking
Verantwoording
Personal data should not be kept longer than necessary for the intended purpose. This responsibility lies with the asset manager/advisor.
The final step is to choose a risk profile and a matching investment strategy. Then all the steps are converted to a PDF document, which can be signed by both parties.