It was adopted on 14 April 2016, and after a two-year transition period, it will finally become enforceable this Friday, May 25th, 2018. With numerous regulations that specifically require strict policies and procedures for compliance, the finance industry is suspected to be a likely target for audits and enforcement actions.
GDPR in the Finance Industry
The finance industry has already grown accustomed to strict regulations and oversight, but with the new legislation from GDPR, financial services organizations such as banks and investment advisory firms will be required to tighten their policies and procedures concerning the usage and storage of personal data. With many organizations already reliant on acquiring the data of its customers to enhance their decision making and marketing, GDPR is sure to make things interesting. Normally, the finance industry uses fraud detection, compliance and regulatory requirements, and risk management to use their data. However, with the new strict guidelines set by GDPR, the finance industry can expect to have thing shaken up and changed sooner than later.
So now that it’s here, what are the impacts?
One of the major impacts of GDPR on the financial sector is client consent. Under the terms of GDPR, personal data refers to anything that could be used to identify an individual, such as their name, email address, IP address, social media profiles or social security numbers, some of the most vulnerable and attainable information an individual can have.
“The GDPR sets a high standard for consent and defines it as “offering individuals genuine choice and control.” Under the GDPR, all of the responsibility for consent is placed upon the company. You will be required to not only ask for an individual’s consent before collecting or processing their data, but you must also keep a record of when, how, and what you told each individual about consent.” Logicgate reports.
Financial firms and executives must clearly outline the purpose for which the data was collected and seek additional consent if firms want to share the information with third-party sources. In short, the aim of GDPR is to ensure that customers retain the rights over their own data rather than the firms having all of the control.
Another major impact of GDPR on finance is the right to ensure data erasure and the right for that data to be forgotten. Through the implementation of GDPR in the UK, it empowers every citizen to have the right to data privacy. Under the new terms in the United States, individuals can now freely request access to, or the removal of, their own personal data from banks without the need for any outside approval or authorization.
“The right to data erasure, also known as the “right to be forgotten”, gives an individual the right to have their bank or financial institution completely erase their personal data, as long as there is not a compelling reason to continue processing…Companies will need to have robust data inventories and data tracking implemented in order to effectively and efficiently execute on requests to remove personal data.” Logicgate reports.
Financial institutions may keep some data to ensure compliance with other regulations, but in all other circumstances where there is no valid justification, the individual’s right to be forgotten will apply.
Are you prepared?
Now that GDPR has arrived, the time to act is now. Failing to comply with any of GDPR’s new policies can not only cause financial retributions, but it can cause a lack of confidence in client’s. Companies that are unaware of the new regulations that GDPR requires will need to adapt their policies in order to meet the wide-ranging directives imposed by the legislation. GDPR is complex, and non-compliance is not an option. Every organization today needs to be fit for digital business, so it should be seen that the requirements of GDPR can serve as a useful accelerator by helping to channel resources into the right areas for the financial industry.
ABOUT THE FSI TRANSFORMATION ASSEMBLY
C-level IT leaders in the financial services and insurance sectors are dealing with many challenges as digital transformation becomes an imperative. Understanding not only the convergence of Mobile, Social, and Cloud but also the possible implications of Artificial Intelligence, Machine Learning and Blockchain is vital to stay ahead of the competition.
Join us at FSI Transformation Assembly for updates on the latest digital technologies and strategies.
This is not just another “Financial Services” event. Spaces are reserved for the best in the business. Apply to attend here!