About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Best Practice Approaches to GDPR Compliance

Subscribe to our newsletter

Compliance with General Data Protection Regulation (GDPR) is an extensive undertaking for financial services firms, but it also generates benefits including reduced risk and cost, improved data security, new business cases, and the availability of trusted information for analytics.

The challenges and opportunities of GDPR were discussed during a recent A-Team Group webinar moderated by A-Team editor Sarah Underwood and joined by Scott Snively, data intelligence strategist at ASG Technologies; Garry Manser, head of data governance at Visa; and Colin Ware, regulatory product manager at BNY Mellon.

The webinar included results from a survey conducted by A-Team, sponsored by ASG and presented in a white paper, How to Tackle the Challenges of GDPR. It will be followed by additional webinars in the run up to GDPR compliance on May 25, 2018, and a panel session on the regulation at A-Team’s London Data Management Summit in March.

An audience poll on readiness for compliance set the scene for discussion, with 6% of respondents already ready, 25% expecting to be ready, 20% ready but with workarounds, 44% hoping to be ready, and 6% not expecting to be ready. The panel suggested financial services firms are likely to be in a good place by May as they live and breathe regulation.

Talking about approaches to GDPR, Ware said: “Most financial services companies are taking a pragmatic view and looking at the systems where they may hold personal data. They are taking a risk-based approach, looking first at areas with more sensitive and high-risk types of personal data, and then they have plans to manage lower-risk areas going forward.”

Considering the data management challenges of GDPR and drilling down into the specifics of the regulation, Manser commented on Article 30, saying: “From my point of view and most probably for a lot of financial services firms, the challenges are around Article 30, which requires us to look at what we’re actually processing data for, how many times we process a piece of information, and how we link the data back to subject access rights. There’s a lot of work around that article and really understanding what we do with personal data.”

A second audience poll reflected Manser’s view, with 56% of respondents identifying required data as a key challenge, 44% deciding on data flow for compliance, 42% establishing privacy by design, 24% keeping personal data up to date, and 18% ensuring data is accessible.

The panel went on to discuss solutions to these problems, particularly data centralisation, automation and governance, best practice implementation, and the need to look at GDPR compliance as an ongoing rather than one-off exercise.

Noting beneficial outcomes of GDPR compliance, Snively said: “There are a myriad of different benefits. The top one is that compliance mitigates the risk of fines of 4% of total revenue if you are not compliant. It also reduces the cost of internal and external audits, and by having everything in a central location, reduces the risk and cost of having privacy data stored in many locations. Compliance also ensures security is in place for technologies that house privacy information, controls surrounding the information mean breaches are less likely, and trusted sources of information are confirmed and established making data science and predictive analysis more viable. Lastly, the time to build applications is reduced, cutting the cost and giving a distinct competitive advantage. So, not only are we talking about benefits within GDPR, but also benefits extending well outside GDPR and helping organisations be more successful.”

Subscribe to our newsletter

Related content


Upcoming Webinar: How to automate entity data management and due diligence to ensure efficiency, accuracy and compliance

Date: 13 December 2023 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Requesting, gathering, analysing and monitoring customer, vendor and partner entity data is time consuming, and often a tedious manual process. This can slow down customer relationships and expose financial institutions to risk from inaccurate, incomplete or outdated data –...


INQDATA and KX Partnership Helps FIs Extract Maximum Value from Data at Speed

INQDATA, a data science company specialising in the curation, cleansing, mapping, and hydration of data for financial institutions, has partnered KX, provider of the kdb+ Data Timehouse and the KDB.AI vector database, to deliver streamlined data processing, drive informed decision making, and identify new opportunities. The INQDATA platform, powered by kdb+ , addresses issues associated...


ESG Data & Tech Summit London

The ESG Data & Tech Summit will explore challenges around assembling and evaluating ESG data for reporting and the impact of regulatory measures and industry collaboration on transparency and standardisation efforts. Expert speakers will address how the evolving market infrastructure is developing and the role of new technologies and alternative data in improving insight and filling data gaps.


Regulatory Data Handbook 2023 – Eleventh Edition

Welcome to the eleventh edition of A-Team Group’s Regulatory Data Handbook, a popular publication that covers new regulations in capital markets, tracks regulatory change, and provides advice on the data, data management and implementation requirements of more than 30 regulations across UK, European, US and Asia-Pacific capital markets. This edition of the handbook includes new...