About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

Browse by brand

RegTech Insight
TradingTech Insight
Data Management Insight

Browse by content type

A-Team Insight Blogs

General Data Protection Regulation Calls for Increased Investment in Data Security and Governance

28 September 2016
Subscribe to our newsletter

Paul Nemitz, the director for fundamental rights in the justice directorate of the European Commission, has warned companies operating in the EU that they must invest in data security to ensure they can demonstrate compliance with the data privacy by design and security elements of the General Data Protection Regulation (GDPR) and thus reduce potential fines for breaches.

Speaking at a recent conference in Brussels, Nemitz said GDPR will require many companies to increase investment in data security, which will not only lead to compliance, but also competitive gains in the market.

GDPR comes into force on May 25, 2018 and is designed to harmonise data privacy laws across Europe, protect EU citizens’ data privacy and reshape the way organisations across the region approach data privacy. While the regulation sustains the key principles of data privacy established in a 1995 directive, it extends many of these and clarifies ambiguous territorial applicability by stating that it applies to all companies processing personal data of data subjects residing in the EU regardless of company location.

The impact of GDPR on financial services firms will be significant, requiring firms to reconsider how they build data management systems and manage personal data. Those that do this well and take a proactive approach to compliance should benefit from improved customer communication, strategic data management and a higher level of trust in the market. For those that breach compliance, the stakes are high – reputational damage and fines of up to 4% of annual turnover or €20 million – making it essential that companies respond to GDPR with a data governance framework that can support effective design and also provide evidence of the organisation’s commitment to privacy by design and default.

To find out more about approaches to GDPR compliance, join A-Team Group’s webinar, GDPR: How to build a data protection framework, on October 18, 2016. The webinar will be hosted by A-Team editor Sarah Underwood and joined by Koen Van Duyse, subject matter expert on regulatory compliance at Collibra, and Dennis Slattery, designer of the Data Management Agenda for Privacy at EDMworks.

The webinar will discuss:

  • Requirements of GDPR
  • Challenges of implementation
  • How to build a data protection framework
  • Tools to support data governance
  • How to ensure ongoing compliance
Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Managing Non-Financial Misconduct Under SMCR

Non-financial misconduct – encompassing behaviours such as bullying, sexual harassment, and discrimination is a key focus of the Senior Managers and Certification Regime (SMCR). The Financial Conduct Authority (FCA) has underscored that such misconduct is not only unethical but also poses significant risks to a firm’s culture and operational integrity. Recognizing the profound impact on...

Find out more

09 October 2025
RegTech Insight
BLOG

The Data Backbone of Defence: Powering Next Generation Surveillance

A unified data fabric is fast becoming wholesale finance’s front line of defence. By fusing millions of voice calls, chat messages and trade records into a single analytical view, next generation surveillance promises to detect misconduct in minutes and to satisfy regulators who increasingly ask firms to prove that capability. A-Team Group RegTech Summits in...

Read More

04 August 2025
RegTech Insight
EVENT

RegTech Summit New York

Now in its 9th year, the RegTech Summit in New York will bring together the RegTech ecosystem to explore how the North American capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

20 November 2026
RegTech Insight
GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...

28 August 2025
RegTech Insight