The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

European Commission’s Reding Indicates Data Protection Update is Required, Systems Changes on their Way

The European Commissioner for Justice, Fundamental Rights and Citizenship Viviane Reding is dead set on updating the European Union’s 15 year old Data Protection Directive in order to ensure that it is “stronger and more consistent” across the region. However, the regulation is likely to have a significant impact on data managers and the vendor community by introducing a host of new rules to govern the way that data is stored and accessed.

The regulatory community is seemingly keen on introducing privacy enhancing technologies and rules to ensure that personal data is adequately protected across Europe. Reding, who was recently appointed to the newly created position within the Commission, has already enacted reform of the telecoms industry with regards to protecting consumer rights and is keen to ensure stronger data protection is in place across the market as a whole.

The idea of “privacy by design” is fundamental to the changes, essentially meaning a reworking of the way firms deal with customer data. Regulators are keen for firms to voluntarily build in new privacy safeguards by integrating privacy principles like limited data collection, consumer notice, individual consent and reasonable security into their data processes.

Obviously, this regime change could have a significant impact on the data management function within the financial services sector as a whole. Certain data system features could become a compliance issue under the new rules and the regulation is likely to introduce new data protection compliance audits. Cloud computing is one such area that has already been beleaguered by concerns over data security and could potentially face a host of new hoops to jump through.

At this point in time, the reforms are at a very early stage and Reding has yet to draw up a definitive list of changes to the Directive. Discussions on the subject are likely to be ongoing over the next couple of months and the industry should keep a close eye on developments.

However, there are also discussions going on an international level at the moment regarding financial data transfer across the Swift network. US and European regulators are seeking to come to a new agreement on the transfer of personal data across the financial network for anti-terrorist financing measures, following the rejection of the Swift proposals in February. European regulators are concerned about the transfer of customer data in bulk across SwiftNet and are keen for more guarantees and safeguards to be put in place. There is a degree of criticism about the use of bulk transfers, as some regulators feel this not an appropriate model, given that data that may not be required could be transferred along with the data that is required. The European Commission is hoping to have an agreement on the subject signed by June.

Related content

WEBINAR

Recorded Webinar: Brexit: Reviewing the regulatory landscape and the data management response

With Brexit behind us and the UK establishing its own regulatory regime having failed to reach equivalence with the EU, financial firms face challenges of double reporting, uncertainty about UK regulation, and a potential exodus of top talent. The data management response is not easy and could stretch some firms to the limit as they...

BLOG

Reformis Adds Matrix IDM and NeoXam to Vendor Partner Programme

Reformis, a buy-side business transformation consultancy, continues to build out its vendor partnership programme with the addition of Matrix IDM’s cloud native data management software, and NeoXam’s Impress reporting solution. These join the company’s list of existing partners and products including IHS Markit’s EDM software, Snowflake’s cloud data platform, and Compliance Solution Strategies’ Accudelta product....

EVENT

RegTech Summit New York City

Now in its 5th year, the RegTech Summit in NYC explores how the North American financial services industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

The Global LEI System – A Solution for Entity Data?

The Global LEI System – or GLEIS – has been in development since the middle of last year. Development has been patchy at times, but much has been done, leaving fewer outstanding issues, but also raising new questions. What’s emerging is a structure for the GLEIS going forward, complete with a mechanism for registering and...