Blogs

Content  /  Blog
Nicsa | GDPR: How New EU Data Protection Rules Will Impact US Fund Managers

GDPR: How New EU Data Protection Rules Will Impact US Fund Managers

By Nicsa posted Dec 05, 2019

In 2016, the European Union adopted a revised and reinforced data protection framework, called the General Data Protection Regulation.

Looking at the regulation’s material scope, it will apply from 25 May 2018 to all types of businesses, including the financial services and investment funds sector. The protection of the GDPR will cover natural persons, whatever their nationality or place of residence, in relation to the processing of their personal data. Both the processing of personal data wholly or partly by automated means and the processing other than by automated means are in the scope. Personal data processed by investment funds and their managers typically include data of their employees, data obtained from fund investors and counterparties, data collected regarding portfolio investments and data of third party service providers or other third parties. The regulation provides that personal data shall be:

  • processed lawfully, fairly and in a transparent manner in relation to the data subject;
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • accurate and, where necessary, kept up to date;
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Typically, the funds and their managers – either one of them or jointly – are considered as data controllers, i.e. as those who set the purposes and means. Data processors in fund structures can also be, for example, transfer agents, paying agents, corporate secretariat services or providers of tax reporting services. In order to avoid gaps or misunderstandings, it is crucial that the fund and manager on the one hand and the service providers on the other hand share and discuss their analyses.

The data controller will be responsible for compliance with the above-mentioned principles, and he must be able to demonstrate compliance. To this end, the fund or its managers (but also the data processors) should keep records of all processing activities.

But how do these rules impact non-EU fund managers for instance in the US?

The territorial scope of European data protection was broadened by the GDPR. If both the data controller and data processor are established in the EU, the new rules will apply. This will also be the case if the data subject (be it an EU or non-EU citizen) is residing in the EU whereas the controller and processor are not established in the Union, provided the processing activities are related to:

  • the offering of goods or services, irrespective of whether a payment of the data subject is required, or:
  • the monitoring of the data subjects’ behaviour as far as their behaviour takes place within the EU.

#Compliance/Legal
#DataAnalytics

Read More Blogs from Nicsa

Private Markets Committee Highlights Key Focus Areas Shaping the Industry

Authored by Sarah Walter, Head of Asset and Wealth Management Relationships at Nicsa Private markets continue to play an increasingly central role in asset and wealth management strategies, driven by investor demand for differentiated return streams, income, and diversification. Nicsa’s Private Markets Committee convenes senior leaders from across asset management, wealth platforms, distribution, technology, and professional services […]

Governance Isn’t Glamorous, But It’s What Makes AI in Finance Work

Nicsa's Innovation & Technology Strategy Committee, comprising executives in the asset and wealth management community, presents the following insights around AI implementation:   Artificial Intelligence is no longer a side experiment in financial services. In asset and wealth management, it is quickly becoming strategic infrastructure. Firms are using AI to streamline client reporting, automate compliance […]

Global AI Advisor and Former OpenAI Executive Zack Kass to Keynote Nicsa’s 2025 Asset & Wealth Management Summit

Get ready to look ahead.Nicsa has invited Zack Kass— Global AI Advisor and Former Head of Go-To-Market at OpenAI—to deliver the keynote address at the 2025 Asset & Wealth Management Summit, taking place November 11–12, with the keynote on Wednesday, November 12. As the asset and wealth management industry continues to navigate the transformative power […]
Copyright 2025. All rights reserved.

Website Design By Branophia LLC

LinkedIn IconMail Icon
magnifiercrossmenuchevron-down