GDPR (or the General Data Protection Regulation) is a hot topic at the moment as many organisations begin to prepare for the changes, which will be coming into force next year. The GDPR looks to provide better protection to data subjects (you and I) in a fast-paced digital world where data is king.
The new regulation will supersede the current Data Protection Act and builds on the existing legislation. The way in which organisations use data has changed so much over recent years, and the new approach will modernise the way data is handled and bring this into the 21st Century.
We’ve rounded up some of the key facts about the GDPR which you may need to consider before beginning to implement any changes.
Unicorn’s Top 10 GDPR Facts:
- The new regulation was introduced in 2016, however organisations have until 25th May 2018 to be compliant
- GDPR will look to change the way organisations collect, store, process and protect personal information for their clients, employees and customers
- Leaving the EU will have no impact on whether or not the GDPR regulations come into force, special considerations need to be made for companies trading internationally
- The GDPR applies to all companies across the globe who process personal data of EU citizens
- DPA consent isn’t enough. As stated in article 4 of the GDPR “…any freely given, specific, informed and unambiguous indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed”. This means customers will need to opt into an agreement voluntarily with an organisation, which has been clearly explained and states how data will be handled, there must not be an automatic enrolment where customers have to opt out
- Accountability is key, organisations will need to understand any risks they create for data subjects and mitigate those risks. There will need to be a better approach to governance and compliance with robust processes in place
- Organisations will need to have a dedicated Data Protection Officer if they fall into the following categories: a public authority, carry out large scale tracking or carry out large scale processing of special categories of data or data relating to criminal convictions and offences
- Mandatory privacy impact assessments (PIAs) will be introduced, meaning data controllers will need to conduct PIAs where the risk of privacy breaches is high to minimise any risks to data subjects
- Data breaches will need to be notified to the local data protection authority within 72 hours of it being discovered, organisations will therefore need to ensure their technology and employees are able to detect these breaches effectively
- The way in which data can be held by organisations is changing. GDPR means companies can only keep data for as long as it remains absolutely necessary and can only use the data for the original purpose it was collected. If companies wish to use it for a different purpose they will need to obtain permission from the data subject. Data subjects also have the right to be forgotten, which means they can ask to have all of their data deleted, which must be adhered to
Is your organisation preparing for the GDPR? The Information Commissioners Office (ICO) have prepared a helpful 12 step checklist to help you prepare now, which is available here. We are also here to help you and your employees through this change with our new learning pathway which will be added to our Governance, Risk and Compliance eLearning library in August 2017, further information available here.
The objective is to continue to help firms bring about genuine cultural and behavioural change and more effectively meet their regulatory obligations.
The FCA’s new accountability regime for banks, building societies, credit unions and designated investment firms, which came into force last month, again brought into focus that the need for effective training and robust processes for evidencing competence has never been greater.
This is why ComplianceServe has been enhanced and given a new look and feel, to help firms embed the knowledge and understanding of why this regulation matters and drive the behavioural changes that will lead to better outcomes for customers.
At a glance
- ComplianceServe’s fresh new appearance reflects the latest thinking in user experience.
- It is easier and quicker for employees to find the right learning and create personalised training plans.
- ComplianceServe’s new integrated CPD system automatically tracks completed online learning against a generic scheme based on FCA guidelines. It also allows the recording and tracking of other CPD activities such as face-to-face training, attending conferences or accredited body events, research and reading.
- Over the past six months, with the support of industry partners including FSTP and the British Bankers’ Association (BBA), 11 new eLearning pathways have been added to the ComplianceServe library to help firms respond to regulation.
- The new ComplianceServe also provides on-demand refresher training, using highly visual PDF summaries, to overcome the infamous ‘forgetting curve’.
Simon Mercer, ComplianceServe Product Manager, explains: “The new regulation has not only challenged firms to improve their compliance training practices but also provide robust evidence of their employees’ competency at whatever level they work. Staff must really understand what the regulation means and how to apply it and firms must be able to prove they can.
“The key is delivering personalised, ‘snackable’ chunks of learning on demand from their device of choice, while highlighting the potentially serious consequences of non-compliance for employee and employer. It lets them ‘fail’ in a safe environment where they can learn from the experience.”
The 11 new eLearning pathways immerse learners in realistic scenarios relevant to their job roles, with the opportunity to make decisions and see the consequences in a way that shapes new behaviours. The eLearning features various bite-size learning activities, including teaser videos, case studies and quick summaries, which all contribute to elevated engagement levels, knowledge retention and cultural change.
Simon adds: “We know new knowledge is rapidly lost if it’s not applied quickly following a training intervention and where there is no regular reinforcing activity. Instead of the once a year ‘sheep dip’ approach, ComplianceServe allows firms to push short bites of learning, tests and refreshers to learners on a regular basis to ensure understanding improves over time, behaviours change and culture shifts.”
New ComplianceServe learning pathways include:
• The new Regulatory Framework in Banking
• Conduct Rules
• Senior Managers Regime
• Foreign Tax Compliance Act 2010 (FATCA)
• The basics of CASS (Client Assets Sourcebook)
• Consumer Credit – Handling Arrears
• The Certification Regime
• Three Lines of Defence
• Vulnerable Customers
• Transaction Reporting
In 2016 Unicorn’s learning and performance platform, SkillsServe was ranked the world’s top LMS for the financial sector for the second successive year, and fourth overall across all sectors, in the Top 50 LMSs Report 2016*. For more information about ComplianceServe visit www.unicorntraining.com/complianceserve
* This report is compiled annually by Craig Weiss, named as the most influential person in the world for eLearning for the past two years.
Unicorn Training, one of the UK’s longest established and most respected online learning companies, has reported record sales and growth of a third in 2015.
Unicorn sales have exceeded £5.6m (US$8.5m), a 33% rise on 2014, in this calendar year, with more new customers won than ever before as well as the company achieving double-digit growth in recurrent revenue from a loyal customer base.
In 2015 Unicorn’s online learning and performance platform, SkillsServe, was ranked the world’s number one LMS for financial services and fifth overall, and Unicorn will be marking its record year on Stand P14 at the Learning Technologies 2016 conference and exhibition at Olympia on Wednesday 3 and Thursday 4 February.
Peter Phillips, Unicorn co-founder and CEO, said: “Over the past 12 months we have seen sustained growth in demand across all our main activities; platform, bespoke content development and our off-the-shelf compliance library.
“This is particularly true in our core sector, financial services, where demand for high quality regulatory and compliance training, together with increased awareness of the risks of cybercrime, are being driven by rigorous, new UK regulatory standards.”
Unicorn is uniquely positioned to offer turnkey solutions, combining SkillsServe’s sector-leading features with relevant and up-to-date content and outstanding instructional design, backed by long-standing partnerships with such industry bodies as the Chartered Insurance Institute (CII) and the British Bankers Association (BBA).
In addition, having acquired a strategic stake in the world class games studio, Amuzo, at the end of last year, Unicorn is also able to meet the growing demand for mobile just-in-time learning, serious games and on-demand video content.
Peter added: “Looking ahead to 2016, I believe this robust and scalable business model will continue to generate strong growth in our core business.
“Add to this the exciting new opportunities opened up through our partnership with Amuzo and for a company whose purpose for over 25 years has been to provide great learning experiences through the innovative use of technology, these are exciting times.”
For more information about Unicorn Training visit www.unicorntraining.com and to come and see us at Learning Technologies 2016 register for free entry to the Learning Technologies and Learning and Skills 2016 exhibitions and seminars at www.learningtechnologies.co.uk
The new Accountability Framework in banking is one of the hottest topics in the FCA regulated world – with less than 6 months until the deadline Unicorn Product Manager, Simon Mercer, explains how Unicorn’s union with FSTP is helping firms rise to the challenge.
When the FCA launched its 2015-16 Business Plan in March, all eyes inevitably looked straight at the deadlines.
‘Senior Manager’s Regime’, ‘MiFID II’, ‘Mortgage Credit Directive’, ‘Certification Regime’, ‘Code of Conduct’ etc are all major changes to the regulatory framework, with even greater consequences and sanctions for non-compliance.
But, as usual, the deadlines are tight, for example, the new accountability framework for individuals in banks, building societies and credit unions comes into force on 7 March 2016 – now less than six months away.
Earlier this year we joined forces with leading financial services consulting and training specialists, FSTP, to bring a more targeted and streamlined approach to compliance for FCA regulated firms.
Now, with FSTP’s help, we’re adding new eLearning titles to our comprehensive compliance training solution, ComplianceServe, to help organisations embed the cultural and behavioural changes demanded within the new framework.
When it comes to the Accountability Framework there are four supporting courses…
- An Introduction to the New Banking Regime
- An Introduction to the New Senior Managers Regime
- The Certification Regime
- The New Code of Conduct
These titles are designed to meet the demand for ‘snackable’ chunks of learning that can be digested little and often, for a more pervasive learning experience that supports the goal of continuous learning.
Learners have to understand and, most importantly, value the possible implications of their actions in terms of how it affects their promotion prospects, earning power, professional reputation and personal pride. This is why compliance should be treated as part of, not in isolation to, an individual’s whole career development plan.
The by-product of this is the benefit it brings to your business, both commercially, and with regards to regulatory compliance when the FCA calls.
All of these new titles are being added to the ComplianceServe library at no additional cost, and like all our compliance titles, we’ll continue to update them in line with ongoing changes in the regulations.
Utilising FSTP’s capabilities in instructor-led training, we’re also able to provide our clients with a truly blended approach – combining our eLearning modules with face-to face-workshops – for the more complex and risk laden roles i.e. Senior Manager and Senior Responsibility function holders.
Want to know more?
Unicorn has joined forces with respected Jersey-based Sator Regulatory Consulting to enhance Sator’s commitment to providing first class financial industry compliance and regulatory services at global to local level.
The new partnership between financial services online learning specialists Unicorn and Sator now offers a managed service for compliance training through Unicorn’s award-winning ComplianceServe learning and performance platform.
The custom version of ComplianceServe will enable Sator to underline its global market support by ensuring local regulatory and compliance content is up-to-date and relevant, management information for clients is robust and easy to access and learners’ training is completed, tracked and reported.
Sator ComplianceServe was launched in Jersey – a potential market of around 1,000 regulated entities and 15,000 specialist financial services employees – in mid-December. The platform will then be introduced in Guernsey, followed by Gibraltar and the United Arab Emirates.
Helen Hatton, Sator Regulatory Consulting MD, is widely recognised as the prime architect of the modern Jersey regulatory regime. During a successful 10-year tenure as Deputy Director General of the Jersey Financial Services Commission, the island went from blacklisted to achieving one of the world’s best IMF evaluation results.
She said: “The statutory training requirement is actually not met by a one-off conference. First employers are required to test understanding, next the training must include the law, in-house policies and procedures and building awareness through typologies relevant to each employee’s role.
“We researched global platform providers, seeking resilience, experience, quality and a product that was interesting and user friendly. ComplianceServe met these criteria comprehensively and added very attractive additional features. It is outstanding.
“Our target global markets are substantial international financial centres yet relatively small in their own right compared to say the USA or UK. The capital investment necessary to build a first class, feature rich compliance solution is not economic.
ComplianceServe was developed to help firms manage their compliance training needs through one easy-to-use, secure portal, combining a library of high quality learning assets with advanced diagnostic, content creation, and management tools.
A unique feature of ComplianceServe is Unicorn’s new integrated authoring tool, eCreator, a graphically rich, user-friendly, flexible tool for the fast, simple creation, delivery and editing of learning content at the desktop and on mobile.
Sator have recently been shortlisted as a finalist in the category of Consulting Team of the Year for the 2015 Women in Compliance Awards.
Mark Jones, Unicorn Training Commercial Director, added: “I am extremely proud to welcome the Sator team to our Partner Programme.
“Sator brings a level of expertise and professionalism that I see takes compliance training to a new level across the Channel Islands. “With their breadth of local connections, and a reputation to surpass, Sator is the ideal partner to offer a managed service for compliance training.”
Unicorn Training has been creating learning and development and compliance solutions for the UK’s ever-changing financial services for over 25 years.
Unicorn’s experience, industry expertise and award-winning creativity have helped the company grow to be a market leader. In 2013 Unicorn was named ‘Outstanding Learning Organisation’ at the eLearning Awards in its 25th anniversary year.
Like a bad relationship on Valentine’s Day, facing another year of regulatory eLearning can bring on a sudden headache. Lucy Cartlidge, Unicorn Client Relationship Manager, asks how can you avoid that sinking feeling?
It’s crazy how quickly the year whizzes by.
It’s already Valentine’s Day today, the day women are let down remembering how forgetful and ultimately unromantic their men are 😉 Next will be Children In Need – surely that happens twice a year?? – then it will be Christmas again before we know it!
Many organisations are in the process of working out their regulatory/mandatory training calendar for the year ahead, and deciding whether to follow the same process as the previous year or to mix it up a little bit.
Just like a failing relationship on Valentine’s Day, another year of the same regulatory eLearning can often result in the learner feigning a headache and finding an excuse not to go through the ordeal………
The majority of Unicorn’s clients are in the financial sector and all face the same challenge; how to make content fun and engaging whilst retaining the underlying importance and significance of the subject matter.
Here are my top tips for achieving great results on an otherwise, dry topic.
1. Trust the learner
This is often a difficult concept to get your head around as our natural assumption is the learner is going to view their training as something forced upon them and will be the same as last year. It will take an hour out of their day and feels pointless as they know everything they do is aboveboard and they won’t be laundering any money that day for example.
Tesco Bank saw this problem as a challenge and wanted to transform the way their learners learnt. Together we came up with an approach which would test the learners’ knowledge through a competency-based assessment, which once successfully completed learners would be exempt from completing the full module.
We then put together a refresher module, taking key information from the main course for learners to brush-up on and then attempt the assessment. The full module was completed by new employees.
The questions within the assessment were linked to specific course modules so forcing learners through particular modules before letting them have a second attempt at the assessment. Unless the learner is a new employee they choose their own learning path.
The outcome of this was giving the learners some responsibility for their learning pathway engendered better buy-in and engagement. Tesco Bank trusted their learners and in turn the learners do what they need to do to make sure they are at the right level at all times.
2. Assessment questions
Writing good assessment questions is a skill often taken for granted. A common mistake is the sentence for the correct answer is often longer than the other options, for example!
Using the Tesco Bank example, we had to make sure the assessment questions really tested applied knowledge. Including questions like ‘When was the FSA formed?’ is pointless. If learners pass with little effort Tesco Bank comes under major scrutiny from the regulators.
Preferably, questions should:
• be clear and concise
• not contain ambiguities, double negatives or be negative
• have answers approximately the same length and be equally likely
• remain internally consistent
• be randomised as far as possible to try and avoid colleagues consulting each other
• be as relevant as possible to what you need learners to actually know and retain
• never include ‘All of the above’!
3. Regulatory eLearning can be sexy, fact!
Believe it or not, you can turn otherwise dull and lacklustre content into a visually-engaging piece of learning which is an extension of your organisation’s branding.
Unicorn has recently developed a suite of mandatory courses for Santander that’s just that. Sexy!
There are some 11 courses with several themes, all appropriate to that course. Three of those courses sit within the regulatory suite which, despite being our bread and butter – financial crime, anti bribery and corruption and fraud awareness – can still be a dry topic.
Santander wanted the boundaries pushed and so a ‘Minority Report’ concept was born, only without Tom Cruise. Learners download ‘missions’ – ie modules – and work alongside a hologram and special agents to complete the course.
Clients often worry the seriousness of topics will be lost if they add a theme like this. But we’ve found it actually helps attract learners and engages them in wanting to complete the ‘mission’ successfully. They are also more likely to retain knowledge as they actually enjoy it.
Getting more eLearning for less investment is still the wish for the majority of clients.
Although having a big budget can mean added whizzes and bangs, it doesn’t mean it will have more effect. You don’t actually need to spend a lot of money and there are some really good tools that can turn the bleakest PowerPoint presentation into a butterfly of a course. Trust us we’ve seen a lot of ‘simple’ PowerPoint presentations!
Taking the Minority Report concept, the course was developed at the top end of the budget and it does look fantastic. Yet the real reason it works so well is because it has a familiar, consistent theme running through it. The success is in the storyboard.
So the point is courses don’t need to be flashy or super rich in media, although that can help. Creating a story and a real learning journey is much more impactful and successful.