Skip to main content

Case study

The one where
a bank needed guidance in complying with a customer data request due to a fraud investigation

Advice relating to a request for information made pursuant to s.109B of the Social Security Administration Act 1992 (“SSAA”)

The client, a Fintech deposit taking bank, had received a request for information about a customer from the Job Centre Plus Fraud Investigation Service. The client was concerned firstly to ensure that the request was legitimate i.e. from a genuine party, that the request was valid under s.109B of the SSAA and that the request took priority over the client’s obligations under relevant data protection legislation.

Tenet was able to take practical steps to conclude that the request was genuine and established that the request was valid under s.109B of the SSAA through an analysis of the relevant legislation. Tenet was also able to quickly identify the relevant Code of Practice relating to this discrete area which contained important practical advice for recipients of such requests.

Having established that such requests override any data protection or customer confidentiality obligations Tenet was able to offer practical guidance as to the correct record keeping under data protection legislation. Tenet’s work in relation to this matter saved the client time, but also added comfort that in responding to the request the client was not breaching any of its duties to its customer.

Tenet was also able to advise on the content of the client’s privacy notice to ensure this type of scenario was covered. Such advice adds value for the customer going one step further to ensure the client’s processes and standard documents are completely fit for purpose.

  • Case Study
  • Sector
    Fintech
  • Service
    Financial Crime Compliance