"Even three years after the introduction of GDPR, a lot of firms still have manual records in the office, which poses a genuine GDPR risk."
The end of May marked the third anniversary of GDPR becoming law in the UK, yet according to SmartSearch, regulated businesses in the housing chain risk non-compliance if they rely on manual customer records.
SmartSearch's CEO, John Dobson, said that even three years after the law was introduced, a lot of firms do not have procedures in place to protect customer details, which has been exacerbated with the disruption caused by the coronavirus outbreak.
In response to the concern, SmartSearch has enhanced its data hosting capability which updates customer details automatically when something changes, both increasing due diligence and data security.
Dobson said: “Customer data hosting is something that can be overlooked, or businesses think the processes they have in place are good enough. But the fact is, even three years after the introduction of GDPR, a lot of firms still have manual records in the office, which poses a genuine GDPR risk.
“If you have a digital platform in place to carry out ID verification for AML purposes when onboarding new customers, it’s crucial that the data is hosted so that it updates automatically. And if there is a knock on the door from the auditor, a fully hosted system will make it quick and easy to pull a report which has everything on it necessary for compliance.
“Once the customer inputs their client data, they don’t need to do anything with it from an AML perspective, which enables them to forget about it and get on with the job of running their business.”