After the dust settles
How Financial Services are taking a sustainable approach to GDPR compliance in a new era for privacy, one year on
One year on from the General Data Protection Regulation (“GDPR”) coming into force, do financial services professionals welcome the regulation more than they fear it, and how will technology play a part in ensuring their privacy designs are fit for future?
With their long history of meeting strict and regulated privacy and data protection requirements, the efforts of financial services businesses to comply with GDPR would be classed modest and incremental rather than huge and sudden. They are well attuned to the culture of data risk management and have adequate frameworks in place to action and adapt to change.
This report, based on the views of Deloitte specialists, financial services practitioners and the UK’s Information Commissioner’s Office (ICO), looks at how GDPR has affected financial services companies and their personal customers in its first year of operation; a follow-up to Deloitte’s November 2018 survey, A new era for privacy: GDPR six months on, which looked at the impact of GDPR on companies and their customers in all sectors of the economy.
Respondents to the survey attached more importance to the positive drivers of GDPR compliance (improving customer trust, increasing the efficiency of data processing, and providing insight), than to the negative drivers (reputational damage and fines) - Deloitte GDPR survey. However, according to Suzanne Rodway, RBS, “There is often a gap between what the professionals understand about privacy, and what the frontline, customer facing, employees understand’’.
Is it possible FS professionals have developed a false sense of security and is it only a matter of time before financial services companies start to fall foul of the regulation?