Finance Companies Not Prepared for GDPR

May 11, 2018


From May 25, the GDPR will be enforceable. This document is targeted at safeguarding the right to secrecy of European Union nationals anywhere in the world. Any firm that has European Union clients or employees should have a plan for how to comply with these rules.

A lot of firms were unconscious that these rules affected their firm. Mainly of concern are those companies that deal with funds.

A survey by Reed Accountability and Finance found that less than one in four financial company acknowledge they are ready for GDPR. Actually, 77% say they are not. Just 10% said they were completely or partly ready.

More than half stated they have taken part in coaching workshops. Some firms have updated their anti-virus and malware software. Some have appointed Information Technology experts to complete this job.

Businesses found in non-compliance after May 25 might face the higher of 20 million Euros or 4% of their yearly incomes.

Although this is an upsetting statistic, financial companies are not alone. A few companies were quite relaxed supposing GDPR didn’t relate to them. This is true of any firm not situated in a European Union state. Many private, public and charitable organizations supposed they were exempted.

This is not so. As several of them are noticing, if they have dealings with European Union nationals who are employees or clients, they should have in place a plan for informing people of their human rights. People should sign approval forms agreeing to the gathering, handling, storage and use of their private data.

Moreover, firms like financial institutes should have a procedure for informing employees and clients of their privileges to access their private data files, to request rectifications, to erase files, to change files and to move files to another firm.

A number of firms have already made a decision they will be gathering and retaining less private data in the future due to the time and labor needed complying with GDPR rules.