GDPR: Heralding a New Era in Data Privacy

The impact on financial institutions and what the way forward should be

The European Union’s General Data Protection Regulation (GDPR) is expected to have far-reaching impact as it affects all organizations that hold or process EU residents’ data. Though currently restricted to the European Union, GDPR will form the basis of future data privacy laws across the globe.

GDPR enhances the responsibility of financial institutions handling EU residents’ data. Violation of privacy laws could expose banks to law suits and significant reputation damage leading to an adverse impact on their market position. Ensuring GDPR compliance is thus not only mandatory but also a competitive imperative. To achieve GDPR compliance, banks must:

• Assess impact on existing systems and processes, and identify gaps
• Define a compliance strategy keeping in mind the basic pillars of data protection such as data governance and change management