Are You Ready for GDPR?

Although many firms are making good progress with the changes needed to become GDPR compliant, it is expected that in order to meet the May 2018 deadline up to two thirds of banks and wealth management firms will have to put in place many workarounds with the intention of continuing to work on GDPR for a considerable length of time after the regulations come into force. Replacing these tactical workarounds with a strategic solution will in many cases be a complex task possibly resulting in the need to select and implement new systems or to enter into GDPR compliant outsourcing arrangements.

In IAWMC’s view there are several important aspects to successful GDPR projects:

• Obtaining legal advice on the impact of GDPR on the firm
• Auditing of processes and procedures vs the findings from the legal team. This should include a gap analysis showing the Red / Amber / Green status of the various business processes and systems within the scope of GDPR. This will then enable the firm to prepare and prioritise the list of changes required
• Moving from tactical to strategic solutions. IAWMC can help you to understand and cost the various options available and to build a roadmap for the journey
• Implementation of the changes from both a tactical and a strategic perspective
• Replacement of legacy architecture:
  

   

  Operating Model Design

  System Selection

  System Implementation e.g. for CRM / KYC / AML

  Data Management – building a central data repository

  Outsourcing

  Project & Programme Management

   

• Technical infrastructure: data security; data encryption; penetration testing; outsourcing of IT infrastructure etc.
• Data Breach readiness. How would your firm react to a data breach? Do you have incident management plans in place? Reacting in the right way to a data breach rather than merely surviving it could save your business. Fines for unprotected data breaches will range up to €20 million or 4% of annual global turnover (whichever is higher).

By utilising its affiliations with carefully selected partners IAWMC can provide assistance to your firm on all aspects of your GDPR project. Please get in touch with us to discuss how we can help you.