About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

General Data Protection Regulation Calls for Increased Investment in Data Security and Governance

Subscribe to our newsletter

Paul Nemitz, the director for fundamental rights in the justice directorate of the European Commission, has warned companies operating in the EU that they must invest in data security to ensure they can demonstrate compliance with the data privacy by design and security elements of the General Data Protection Regulation (GDPR) and thus reduce potential fines for breaches.

Speaking at a recent conference in Brussels, Nemitz said GDPR will require many companies to increase investment in data security, which will not only lead to compliance, but also competitive gains in the market.

GDPR comes into force on May 25, 2018 and is designed to harmonise data privacy laws across Europe, protect EU citizens’ data privacy and reshape the way organisations across the region approach data privacy. While the regulation sustains the key principles of data privacy established in a 1995 directive, it extends many of these and clarifies ambiguous territorial applicability by stating that it applies to all companies processing personal data of data subjects residing in the EU regardless of company location.

The impact of GDPR on financial services firms will be significant, requiring firms to reconsider how they build data management systems and manage personal data. Those that do this well and take a proactive approach to compliance should benefit from improved customer communication, strategic data management and a higher level of trust in the market. For those that breach compliance, the stakes are high – reputational damage and fines of up to 4% of annual turnover or €20 million – making it essential that companies respond to GDPR with a data governance framework that can support effective design and also provide evidence of the organisation’s commitment to privacy by design and default.

To find out more about approaches to GDPR compliance, join A-Team Group’s webinar, GDPR: How to build a data protection framework, on October 18, 2016. The webinar will be hosted by A-Team editor Sarah Underwood and joined by Koen Van Duyse, subject matter expert on regulatory compliance at Collibra, and Dennis Slattery, designer of the Data Management Agenda for Privacy at EDMworks.

The webinar will discuss:

  • Requirements of GDPR
  • Challenges of implementation
  • How to build a data protection framework
  • Tools to support data governance
  • How to ensure ongoing compliance
Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: An Agile Approach to Investment Management Platforms for Private Markets and the Total Portfolio View

Data and operations professionals at private market institutions face significant data and analytical challenges managing private assets data. With investors clamouring for advice and analysis of private markets in their search for returns, investment managers are looking at ways to gain a more meaningful view of risk and performance across all asset types held by...

BLOG

Navigating the Labyrinth: Maintaining Off-Channel Communications Compliance

Maintaining rigorous compliance standards around electronic communications remains a significant challenge for capital markets firms. Following a period marked by substantial regulatory fines globally, the industry is taking stock of its surveillance programmes and adapting to both evolving technological landscapes and shifting regulatory priorities. A recent webinar hosted by A-Team Group in May, sponsored by...

EVENT

RegTech Summit London

Now in its 9th year, the RegTech Summit in London will bring together the RegTech ecosystem to explore how the European capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...