GDPR

Amidst growing concerns around the safety of personal data from identity theft, cyberattacks, hacking or unethical usage, the European Union has introduced a new legislation to safeguard its citizens. The EU General Data Protection Regulation (GDPR) aims to standardise data privacy laws and mechanisms across industries, regardless of the nature or type of operations. Most importantly, GDPR aims to empower EU citizens by making them aware of the kind of data held by institutions and the rights of the individual to protect their personal information. All organisations must ensure compliance by 25th May 2018.

Financial services firms usually require the collection of large amounts of customer data, which is then collated and used for various activities such as client or customer on-boarding, relationship management and accounting. During these processes, customer data is exposed to a large number of different people at different stages, which is where GDPR comes in.

What does the introduction of GDPR actually mean for financial institutions and which areas should they be focusing on?

Four key areas of the GDPR legislation that will impact the sector:

Client consent
Right to data erasure and right to be forgotten
Consequences of a breach
Enhancing privacy

Given the wide reach of the GDPR legislation, there is no doubt that financial organisations need to re-model their existing systems or create newer systems with the concept of ‘Privacy by Design’ embedded into their operating ideologies. With the close proximity of the compliance deadline – May 2018 – firms must do this now.

Failing to do at least one of the following now: a) identify client data access and capture points, b) collaborate with clients to gain consent for justified usage of personal data, or c) remediate data access breach issues, will not only cause financial pain in the long run, but also erode client confidence.

GDPR Solution:

ICO Registration
Introduction to GDPR
Personal & Sensitive data
Lawful basis
Data Transfers and Sharing
Data Breaches
Marketing
Contracts
Security
Record keeping
Staff Training
Cyber Liability cover

Please note, if you become a member of the Excelsior Worldwide network as an individual Excelsior representative adviser then compliance will be provided to you at no cost.

Excelsior Support Services Limited (HQ Admin)

19/65, 9th Floor, Sukhumvit Suite Building, Soi Sukhumvit 13 (Saeng Chan), Klongtoey Nua, Wattana, Bangkok 10110, Thailand

Excelsior Legal and Estate Services (UK) Limited

Grosvenor House,
11 St Paul’s Square,
Birmingham B3 1RB,
United Kingdom

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.