The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

General Data Protection Regulation Calls for Increased Investment in Data Security and Governance

Paul Nemitz, the director for fundamental rights in the justice directorate of the European Commission, has warned companies operating in the EU that they must invest in data security to ensure they can demonstrate compliance with the data privacy by design and security elements of the General Data Protection Regulation (GDPR) and thus reduce potential fines for breaches.

Speaking at a recent conference in Brussels, Nemitz said GDPR will require many companies to increase investment in data security, which will not only lead to compliance, but also competitive gains in the market.

GDPR comes into force on May 25, 2018 and is designed to harmonise data privacy laws across Europe, protect EU citizens’ data privacy and reshape the way organisations across the region approach data privacy. While the regulation sustains the key principles of data privacy established in a 1995 directive, it extends many of these and clarifies ambiguous territorial applicability by stating that it applies to all companies processing personal data of data subjects residing in the EU regardless of company location.

The impact of GDPR on financial services firms will be significant, requiring firms to reconsider how they build data management systems and manage personal data. Those that do this well and take a proactive approach to compliance should benefit from improved customer communication, strategic data management and a higher level of trust in the market. For those that breach compliance, the stakes are high – reputational damage and fines of up to 4% of annual turnover or €20 million – making it essential that companies respond to GDPR with a data governance framework that can support effective design and also provide evidence of the organisation’s commitment to privacy by design and default.

To find out more about approaches to GDPR compliance, join A-Team Group’s webinar, GDPR: How to build a data protection framework, on October 18, 2016. The webinar will be hosted by A-Team editor Sarah Underwood and joined by Koen Van Duyse, subject matter expert on regulatory compliance at Collibra, and Dennis Slattery, designer of the Data Management Agenda for Privacy at EDMworks.

The webinar will discuss:

  • Requirements of GDPR
  • Challenges of implementation
  • How to build a data protection framework
  • Tools to support data governance
  • How to ensure ongoing compliance

Related content

WEBINAR

Recorded Webinar: Brexit: Reviewing the regulatory landscape and the data management response

With Brexit behind us and the UK establishing its own regulatory regime having failed to reach equivalence with the EU, financial firms face challenges of double reporting, uncertainty about UK regulation, and a potential exodus of top talent. The data management response is not easy and could stretch some firms to the limit as they...

BLOG

Mirato Raises $9 Million to Fund AI-Based Supplier Risk Platform

In another indicator of the market’s acceptance of AI, Tel Aviv-based Mirato has raised $9 million to support the development and commercialization of its third-party risk management (TPRM) platform. With regulators intensifying their scrutiny of financial institutions’ relationships with external suppliers – with regulations like GDPR addressing privacy concerns, for instance – Mirato’s offering helps...

EVENT

RegTech Summit New York City

Now in its 5th year, the RegTech Summit in NYC explores how the North American financial services industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

Directory of MiFID II Electronic Trading Venues 2018

The inaugural edition of A-Team Group’s Directory of MiFID II Electronic Trading Venues 2018 offers a guide to the European landscape resulting from new market structure introduced by the January 3, 2018 implementation of Markets in Financial Instruments Directive II (MiFID II). The directory provides detailed profiles of more than 70 venue operators and their...