About a-team Marketing Services
The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

General Data Protection Regulation – Start Now to Meet May 2018 Compliance Deadline

Subscribe to our newsletter

General Data Protection Regulation (GDPR) is on the radar of most financial services firms, but its scale, scope and large penalties for non-compliance mean firms need to start planning and implementing now to meet the May 2018 compliance deadline.

The requirements of GDPR and how to build a data protection framework to achieve and evidence compliance, were discussed during a recent A-Team Group webinar. The webinar was moderated by A-Team editor Sarah Underwood and joined by experts Koen van Duyse, subject matter expert on regulatory compliance at Collibra; and Dennis Slattery, CEO at EDMWorks.

An early poll of the webinar audience showed 40% of respondents at the planning stage of GDPR compliance, 26% having not yet started on the regulation, 26% starting implementation, and 8% having made significant progress on a solution.

Opening the webinar discussion, Slattery talked about the development of the digital world, the ensuing scope of GDPR’s data protection requirements – which cover any organisations, wherever they are, processing EU citizens’ data – and key points of the regulation. These include new rights for data subjects, such as the right to provide consent to organisations to use private data, and rights around the portability, rectification and erasure of personal data.

Looking at the implications of GDPR in the financial services sector, van Duyse noted that firms must prove they have the best interests of their customers at heart and provide evidence of data protection compliance and accountability.

In terms of implementation, the speakers discussed the need for strong data governance to meet the regulation’s requirement for data protection by design and to track and alert customers and regulators of any breaches quickly and efficiently. With penalties for non-compliance running up to 4% of annual group turnover, the pressure is on for financial firms to use data governance to drive GDPR implementation, an issue reflected by an audience poll showing 36% of respondents planning to make provision for GDPR in their data governance frameworks from the start of implementation.

As well as data governance, the speakers noted the need to classify personal data to ensure control over sensitive data, such as political opinion and sexual orientation, and align architecture across the organisation to the requirements of the regulation. Mapping operational impacts to use cases, van Duyse described responses to particular articles of GDPR.

Summing up on the extent of GDPR’s requirements, its reach across organisations, and the penalties of non-compliance, the panel members concluded with some practical advice for practitioners involved in implementing the regulation. Slattery suggested a need for communication and training programmes to make people aware of and aligned with GDPR, a focus on data architecture to create a framework for data protection, and a need to sort out policies that make sense and can be sustained.

Van Duyse recommended that practitioners should step outside silos, check any overlap of GDPR with other existing and incoming regulations, and remember that GDPR is less about regulatory reporting than how your business is organised.

Listen to the webinar to find out more about:

  • Requirements of GDPR
  • Impacts on data management
  • The role of data governance
  • A data protection framework
  • Benefits of implementation
Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: FINRA CAT CAIS: What to Expect – Giving Regulators Full Access to Your Customer & Account Data

Join n-Tier and a panel of industry experts to discuss implications of the SEC’s Consolidated Audit Trail (CAT) Customer & Account Information System (CAIS) Phase 2e. The initial phase of CAIS was the start of a new era for broker-dealer Onboarding and Account Management teams, turning customer and account reference data into a daily regulatory...

BLOG

IQ-EQ Acquires Greyline Partners to Boost US Presence

In its fourth US acquisition in two years, London-based regulatory technology specialist IQ-EQ has bought Greyline Partners, which offers outsourced governance and regulatory compliance solutions for the alternative asset sector, including hedge funds, venture capital, private equity and high net-worth investors. Greyline’s recently launched GCM Advisory outsourced CFO, finance and accounting business is also included in...

EVENT

Virtual Briefing: ESG Data Management – A Strategic Imperative (Redirected)

This briefing will explore challenges around assembling and evaluating ESG data for reporting and the impact of regulatory measures and industry collaboration on transparency and standardisation efforts. Expert speakers will address how the evolving market infrastructure is developing and the role of new technologies and alternative data in improving insight and filling data gaps.

GUIDE

ESG Data Handbook 2022

The ESG landscape is changing faster than anyone could have imagined even five years ago. With tens of trillions of dollars expected to have been committed to sustainable assets by the end of the decade, it’s never been more important for financial institutions of all sizes to stay abreast of changes in the ESG data...