Banks and firms across all sectors and industries have just under a year to overhaul the way they handle customer data if they are to avoid big fines. Many however, within banking are now privately warning that the challenge is already looking insurmountable.
Companies need to work out what data they hold on their customers, where they hold it, if they have permission to do so, whether it is stored safely, and how they can extract it or delete it if requested.
These are just some of the main requirements of the new European data protection law that comes into force on 25 May 2018. GDPR affects all companies holding data about EU citizens.
Banks, Brokers, Asset Managers, in fact everyone across the Financial Services sector face the big challenges to comply in time simply because of the difficulty of changing ageing, complex and / or outsourced IT systems. Banks and Custodians specifically are struggling with legacy systems.
The stakes for a breaches of these rules are high and could trigger fines of up to 4 per cent of a company’s global turnover or €20m, whichever is higher. The focus is on, but it comes at a time of a complex backdrop of numerous new regulations and Brexit. Never before has the sector had to deal with so much change at once.