About a-team Marketing Services
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Silwood Offers Safyr Metadata Discovery Software to Support GDPR Compliance

Subscribe to our newsletter

Silwood Technology, provider of Safyr metadata discovery software, has turned its attention to how firms running vendor application packages can meet the May 25, 2018 compliance deadline for General Data Protections Regulation (GDPR).

The company has researched five large and widely used application packages – SAP, JD Edwards, Microsoft Dynamics AX 2012, Siebel and Oracle E-Business Suite – to determine how difficult it will be to identify personal data in the applications (rather than databases) as required by GDPR. The terms data of birth and social security number were selected for research purposes, although many other elements of personal data could be used, and searches were performed to see how often they appeared. Safyr retrieves metadata about each application from the application layer, including any customisation, and can return searches in a few minutes.

Silwood’s research looked at several instances of each package to provide an indication of how many occurrences of each personal data field might be found in a typical system. By way of example, it found there are typically more than 90,000 tables in a SAP ERP system and over 900,000 fields. Social security number appeared in over 900 tables and date of birth in over 80 tables.

Nick Porter, founder and technical director at Silwood, points out that less than 1% of a typical SAP system contains personal data, but it could cause GDPR data breaches costing an organisation up to 4% of its annual turnover. While some firms are approaching the discovery of personal data manually, Porter argues that at this stage in the GDPR game, automation is the only way to reach compliance on time.

He says: “Silwood and Safyr are a small, but important part of GDPR compliance. The market is short on data discovery tools, which are often the elephant in the room, but we bring automation to identifying personal data, not just for GDPR, but for programmes that need to govern data but must first find the data.”

Safyr acts as a repository of metadata from a vendor package and identifies where the data is in the system. With the data discovery task done, Silwood exports the metadata to partners and resellers offering data analysis and governance for GDPR. These include ASG Technologies, IBM, Adaptive, Datum and Erwin, many of which use Safyr as a scanner for personal data embedded in vendor application packages.

Silwood has also released a Safyr GDPR Starter Pack for SAP users trying to find personal data in their ERP systems and will soon release a starter pack for JD Edwards. Starter packs for the other vendor applications mentioned above are in development.

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: The Data Office at a Crossroads — AI Governance, Organisational Design, and the Evolving Mandate of the CDO

Date: 28 July 2026 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Who owns AI governance in a capital markets firm – and is the Data Office structured to bear that weight? These questions sit at the heart of A-Team Research’s latest findings, presented here for the first time: the combined...

BLOG

Financial Crime is a Decision-Speed Problem: Rethinking AI in AML and Compliance Controls

Financial crime compliance is often described as a resourcing challenge. Firms speak of analyst backlogs, alert volumes and the rising cost of surveillance and screening. Kieran Holland, Solutions Engineering Team Leader at Innovative Systems’ FinScan, argues that the underlying constraint has shifted. Financial crime has become a decision-speed problem. “The fight against financial crime is...

EVENT

Eagle Alpha Alternative Data Conference, Spring, New York, hosted by A-Team Group

Now in its 9th year, the Eagle Alpha Alternative Data Conference managed by A-Team Group, is the premier content forum and networking event for investment firms and hedge funds.

GUIDE

AI in Capital Markets Handbook 2026

AI adoption in capital markets has moved into a more disciplined phase. The priority is now controlled deployment: where AI can be used safely, where it can deliver measurable value, and how outputs can be governed, monitored and evidenced. The 2026 edition of the AI in Capital Markets Handbook examines how AI is being applied...