About a-team Marketing Services
The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

General Data Protection Regulation – The Time to Implement is Now

Subscribe to our newsletter

General Data Protection Regulation (GDPR) is broad, rigorous and challenging – and its compliance deadline is just 12 months away. So, how are organisations responding to the regulation, what progress are they making on implementation and what steps can they take to ensure compliance within the 12-month timeframe.

These questions and more were answered in a recent A-Team Group webinar asking ‘Are you ready for GDPR?’. The webinar was hosted by A-Team editor Sarah Underwood and joined by Michael Dimopoulos, a GDPR practitioner assigned to a Tier 1 European bank; Christy Haragan, principal sales engineer at MarkLogic; Tudor Borlea, pre-sales engineer at Collibra; and Michael Angle, chief technology officer at Opus.

Setting the scene for discussion, an early audience poll questioning organisations’ progress on GDPR showed 42% of respondents at the planning stage, 27% just starting implementation, 18% not yet making progress, and 13% making significant progress. Considering the 25 May 2018 compliance deadline of the regulation, the speakers agreed that if organisations within the scope of GDPR have not yet started work on compliance, they should not delay and get going straight away. The challenges of compliance are considerable, and it will take a lot of time and effort to identify personal date, gain and document the consent of data owners – essentially EU citizens – to use the data, and embed policies and practices to deal with data owners’ rights, such as data access and corrections, data portability, and the right to be forgotten. Firms based outside the EU, but with EU customers, must also comply with GDPR.

A second audience poll reflected these challenges, showing respondents expecting to, or experiencing, GDPR data management challenges including establishing customer consent management, identifying private and protected data, and building data privacy by design as required by the regulation. The speakers added compliance challenges presented by data silos, problems around accessing and managing unstructured data, and the ability to scale systems to deal with data subjects requests in a timely manner.

Solutions to these problems include a step-by-step approach to GDPR implementation that starts with a data inventory and goes on to document consent from data owners, map data to systems where it is used, encrypt data where necessary, and ensure compliant data can be given to data subjects on request. A shift in culture around how employees collect customer data is also recommended.

While no single technology solution is expected to provide an answer to all the data management challenges of GDPR, the speakers suggested organisations should start conversations with technology providers now with a view to implementing solutions in the second half of the year.

Final advice included getting board level sponsorship for GDPR programmes, making all required efforts to avoid potentially huge fines for non-compliance, and collaborating across the enterprise to achieve success. And start now!

Listen to the webinar to find out about:

  • GDPR obligations
  • Scope of the regulation
  • Data management challenges
  • Implementation plans
  • Beneficial outcomes
Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: FINRA CAT CAIS: What to Expect – Giving Regulators Full Access to Your Customer & Account Data

Join n-Tier and a panel of industry experts to discuss implications of the SEC’s Consolidated Audit Trail (CAT) Customer & Account Information System (CAIS) Phase 2e. The initial phase of CAIS was the start of a new era for broker-dealer Onboarding and Account Management teams, turning customer and account reference data into a daily regulatory...

BLOG

NeoXam Connects to Refinitiv Data Platform to Expand Provision of Reference, Pricing and ESG Data

NeoXam has extended its partnership with Refinitiv, a London Stock Exchange Group company,  to offer clients a wider range of data sourced for the first time from the Refinitiv Data Platform (RDP) that was released early last year. The data will include reference, pricing, and ESG data as well as data exclusive to the RDP...

EVENT

RegTech Summit Virtual (Redirected)

The highly successful RegTech Summit Virtual was held in November 2020 and explored how business and operating models are adapting post COVID and how RegTech can provide agile and enhanced compliance for managing an evolving risk and compliance landscape. The event featured daily live keynotes, panel discussions, presentations, fireside chats and Q&A sessions with content available on demand over five days.

GUIDE

Regulatory Data Handbook 2021/2022 – Ninth Edition

Welcome to the ninth edition of A-Team Group’s Regulatory Data Handbook, a publication dedicated to helping you gain a full understanding of regulations related to your organisation from the details of requirements to best practice implementation. This edition of the handbook includes a focus on regulations being rolled out to bring order and standardisation to...