The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

OneTrust Launches Schrems II Solutions After Landmark EU Judgement

The landmark decision in July from the Court of Justice of the European Union (CJEU) on Schrems II has changed the way that organisations must manage personal data transfers – creating a whole raft of new challenges that firms must urgently address. To legally transfer personal data from the EU to a third country, it must now be shown that the recipient country and company have an equivalent level of data protection to that of GDPR. This means that the most common mechanism for US data transfers, the EU-US Privacy Shield, is essentially invalidated  – and while Standard Contractual Clauses (SSCs) are still usable in theory, that must be evaluated on a case-by-case basis.

The European Data Protection Board (EDPB) recently issued new FAQs on the invalidation of the Privacy Shield, and the wider implications that this may carry for firms seeking to transfer personal data outside of the EU. Although the European Commission is currently working on further guidance, the EDPB have recommended that firms must urgently conduct a risk assessment as to whether their current SSCs provide enough protection within the local legal framework, while the UK’s Information Commissioner’s Office (ICO) has warned firms that they should: “take stock of the international transfers you make and react promptly as guidance and advice becomes available.”

In response, AI-powered data privacy and compliance platform OneTrust this week launched a range of free Schrems II solutions to help organisations respond to the new operational and data challenges posed by the recent ruling. In particular, they are designed to help firms identify existing data transfers and mechanisms, use pre-built templates to assess the validity of those relying on SCCs, and manage any required contract updates and vendor changes. They also seek to help processors implement holistic privacy programs, track guidance on compensating controls for GDPR equivalency, and implement those controls as they are identified.

“The Schrems II ruling presents a brand-new set of challenges and we want to help our customers adapt their processes to continue to transfer personal data in line with the law,” says Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP).

Related content

WEBINAR

Recorded Webinar: Unifying client data to accelerate insights and deliver better experiences

Data insight is critical to all aspects of the buy-side investment process from portfolio decisions that drive core revenue and incremental revenue opportunities, to delivering unique and timely investment research, and rapidly innovating and offering new products to clients. While this is a key goal for asset managers, built on the ability to understand and...

BLOG

SS&C Expands APAC Customer Base with Win at KIM Vietnam Fund Management

KIM Vietnam Fund Management (KIM Vietnam) has selected SS&C Technologies’ Eze order management system to support its operations. The fund manager was established in October 2020 and manages eight investment funds from Korea, Japan and Europe. Most recently, it expanded with the launch of new funds in Vietnam. “We were looking for an experienced investment...

EVENT

RegTech Summit APAC

Now in its 2nd year, the RegTech Summit APAC will bring together the regtech ecosystem to explore how capital markets in the APAC region can leverage technology to drive innovation, cut costs and support regulatory change. With more opportunities than ever before for RegTech to add value, now is the time to invest for the future. Join us to hear from leading RegTech practitioners and innovators who will share insights into how they are tackling the challenges of adopting and implementing regtech and how to advance your RegTech strategy.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...