The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Next Year’s European Data Privacy Reforms Could Potentially Have a Significant Impact on Data Storage and Access

The UK government has this month issued a call for evidence on the current European data protection legislative framework, ahead of European-wide negotiations on an update of the European Data Protection Directive 95/46/EC due at the start of next year. Reforms could potentially have a significant impact on the data storage and access requirements for financial institutions and therefore entail a reworking of firms’ current data warehouses and EDM systems.

The UK’s call for evidence, which is open until 6 October 2010, is asking for general feedback on the current data privacy practices and recommendations for improvement. At the same time as this information gathering exercise, the government has also published a provisional post-implementation review impact assessment of the Data Protection Act 1998, on which it is also asking for comments.

The call for evidence has broken down the areas in which the government is seeking feedback upon into seven categories: definitions; data subjects’ rights; obligations of data controllers; powers and penalties of the Information Commissioner; the principles-based approach; exemptions under the Data Protection Act; and international transfers. In terms of impact, the move from a principles-based approach to a more prescriptive environment could potentially significantly alter financial institutions’ obligations and data management practices.

The politicians are keen to revise these requirements, however, as it has been 15 years since the European directive was passed and technology has moved on substantially since that time. The legislation will therefore need to take into account trends such as the storage of data in the cloud and mobile technology in order to better address data privacy risks posed by these technological innovations. The call for evidence notes: “It is important that any new legislative changes take into account the way technology is advancing, enabling it to be ‘future proofed’ as far as possible.”

Data managers will need to keep a close eye on developments, as they happen and feed back any recommendations to the relevant bodies in their jurisdictions in order to ensure data privacy requirements to not become overly prescriptive and difficult to navigate. The likelihood is that many new requirements will spring from the updated directive and these could mean extra security measures, but they could also mean the reworking of current EDM systems to separate different levels of data by the nature of its customer sensitivity.

Related content

WEBINAR

Upcoming Webinar: Managing unstructured data to ensure regulatory compliance and add value

Date: 2 November 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes As unstructured data floods into capital markets in the wake of traditional structured data, firms must manage both data types and ensure ease of access to extract data required for regulatory compliance efficiently and effectively. Beyond compliance, firms can...

BLOG

Trustworthy AI in Capital Markets

By Shameek Kundu, head of Financial Services at TruEra. The use of Artificial Intelligence (AI) is growing in capital markets. But the sector has work to do to capitalise on investment made, and this starts with making AI and machine learning (ML) models robust, transparent and fully accountable. Ensuring AI quality will be critical to...

EVENT

RegTech Summit Virtual

The RegTech Summit Virtual is a global online event that brings together an exceptional guest speaker line up of RegTech practitioners, regulators, start-ups and solution providers to collaborate and discuss innovative and effective approaches for building a better regulatory environment.

GUIDE

Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...