Failing to maintain proper records of electronic communication has led to hefty fines for companies in recent years, prompting the UK’s regulator to clarify its stance on email compliance.

According to an announcement by the regulator, the Financial Conduct Authority (FCA) is revising how it manages emails and introducing a policy of deleting messages from staff inboxes after one year.

A Push for Smarter Data Management

“The changes we are making will help us comply with our obligations under GDPR and the Data Protection Act, so that we aren't retaining information for too long,” Ian Phoenix, the Director, Intelligence and Digital, said. “But, just as importantly, it will help us to improve how we use data so that we can work smarter.”

The move, set to take effect in April 2025, earlier sparked criticism among staff and campaigners about the regulator's accountability in scenarios that might arise after a year.

However, the FCA insists the change will enhance efficiency, improve compliance with data protection laws, and streamline access to essential records. According to Ian Phoenix, FCA’s Director of Intelligence and Digital, the regulator is not attempting to hide or erase critical information.

Instead, the aim is to ensure that relevant emails, such as those explaining decision-making processes, are properly stored in a centralized, secure repository rather than left scattered across individual inboxes.

The sheer volume of emails stored by the FCA is staggering. With over 70 million emails in inboxes, Phoenix likened searching through them to "finding a specific grain of sand on a beach." By implementing structured record-keeping, the FCA hopes to make historical data retrieval faster and more efficient.

The FCA argues that the move aligns with its obligations under GDPR and the Data Protection Act by preventing excessive retention of non-essential information.

Addressing Criticism and Ensuring Compliance

In an increasingly digital world, email remains one of the most significant sources of data, yet, according to the watchdog, much of it consists of routine or redundant messages.

The new policy aims to declutter inboxes and improve data organization. Emails deemed as official records will be transferred to a central archive, where they can be easily searched by keyword, eliminating the need for manual inbox trawling.

Some critics argue that the FCA is holding itself to a different standard than the firms it regulates. However, Phoenix refutes this claim, emphasizing that the regulator remains committed to rigorous record-keeping, with regulatory records still retained for up to 25 years.

Phoenix maintains that better data organization will enhance the FCA’s ability to make timely decisions and respond swiftly to potential risks.