Article

After the dust settles

How Financial Services are taking a sustainable approach to GDPR compliance in a new era for privacy, one year on

One year on from the General Data Protection Regulation (“GDPR”) coming into force, do financial services professionals welcome the regulation more than they fear it, and how will technology play a part in ensuring their privacy designs are fit for future?

With their long history of meeting strict and regulated privacy and data protection requirements, the efforts of financial services businesses to comply with GDPR would be classed modest and incremental rather than huge and sudden. They are well attuned to the culture of data risk management and have adequate frameworks in place to action and adapt to change.

This report, based on the views of Deloitte specialists, financial services practitioners and the UK’s Information Commissioner’s Office (ICO), looks at how GDPR has affected financial services companies and their personal customers in its first year of operation; a follow-up to Deloitte’s November 2018 survey, A new era for privacy: GDPR six months on, which looked at the impact of GDPR on companies and their customers in all sectors of the economy.

Respondents to the survey attached more importance to the positive drivers of GDPR compliance (improving customer trust, increasing the efficiency of data processing, and providing insight), than to the negative drivers (reputational damage and fines) - Deloitte GDPR survey. However, according to Suzanne Rodway, RBS, “There is often a gap between what the professionals understand about privacy, and what the frontline, customer facing, employees understand’’.

Is it possible FS professionals have developed a false sense of security and is it only a matter of time before financial services companies start to fall foul of the regulation?

After the dust settles

Contacts

Roland Bastin

Partner | Risk Advisory & Forensic

rbastin@deloitte.lu

+352 45145 2213

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Jean-Pierre Maissin

Partner | Strategy, Analytics & M&A and EU Leader

jpmaissin@deloitte.lu

+352 45145 2834

With over 20 years in consulting, Jean-Pierre Maissin has acquired a strong expertise in program management, regulatory programs and IT strategy & transformation projects. Throughout his career, Jean-... More

Irina Hedea

Partner | Information & Technology Risk

ighedea@deloitte.lu

+352 45145 2944

Irina is a Partner in Risk Advisory services, with more than 15 years’ experience in IT risk, IT Regulatory and Outsourcing, Information Security Management, digital trust services and project managem... More

Georges Wantz

Managing Director | Advisory & Consulting

gwantz@deloitte.lu

+352 45145 4363

Georges joined Deloitte in 2016, and currently serves as Managing Director in the Advisory and Consulting business line for the Public and Health sector. Georges has extensive experience in transforma... More

Viewing offline content

Audit & Assurance

Consulting

Tax

Financial Advisory

Risk Advisory

Deloitte Private

Corporate and Accounting

Innovation

Sustainability

International markets

Legal

Consumer

Energy, Resources & Industrials

Financial Services

Government & Public Services

Life Sciences & Health Care

Technology, Media & Telecommunications

Job Search

Your Career at Deloitte Luxembourg

Luxembourg Deloitte Alumni

After the dust settles

How Financial Services are taking a sustainable approach to GDPR compliance in a new era for privacy, one year on

Contacts

Roland Bastin

Partner | Risk Advisory & Forensic

Jean-Pierre Maissin

Partner | Strategy, Analytics & M&A and EU Leader

Irina Hedea

Partner | Information & Technology Risk

Georges Wantz

Managing Director | Advisory & Consulting

Related pages