The SCOPE KYC Cloud solution meets a large amount of the regulations and requirements set by the AVG/General Data Protection Regulation 2018. Several important requirements are:

Transparency

The person whose data is being processed is fully aware and has given his permission whilst being aware of his rights. By allowing the client full access to his or her stored data this requirement of complete transparency is created.

Integrity and reliability

The personal data needs to be protected from unauthorised access, data loss or destruction.

Limitation

The personal data is collected and used for a justified and legal purpose and is not to be used for other purposes. The SCOPE KYC Cloud solution has straightforward limitations which are set by acting regulations.

Responsibility

The person responsible must be able to show that all regulations are met.

Data limitation

Only the data which is necessary for the goal of the product can be collected.

Portability/Flexibility

A client can request a transfer of his or her data to a different party, such as a different investment manager.

Trueness

It is vital that personal data is correct and stays up-to-date. By allowing the client to update his or her data it can be ensured that the data is correct.

Storage limitation

The personal data may not be stored longer than necessary for its purpose.

Pseudonymising

A process that encrypts personal data. The process can use the same pseudonym/cypher for a person, which allows encrypted data from multiple sources to be combined flawlessly. This is a big difference with anonymising, where it is not possible to combine multiple data sources due to the data and figures being anonymous.

Several requirements and responsibilities set by GDPR 2018 are taken on by SMT as administrators of the SCOPE KYC Cloud Database and by Microsoft Azure, the chosen hosting partner. The Microsoft Azure Cloud platform has obliged to meet the requirements of GDPR 2018.

No compliance without you

The SCOPE KYC Cloud solution does not guarantee compliance with the legislations; legal compliance is a combination of functionality and the user/manager.

The primary principle of the Know Your Customer solution is providing a tool which does not detriment the need for the manager/advisor to be proactive about questioning situations. It is the investment manager/advisor who judges if there are any irregularities, and or reasons to further question certain situations. Such as with conflicting information or products which inherently come with risk.

In conclusion, SMT provides a KYC solution which is entirely based on acting regulation and legislation.