Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Considering the Cloud Apps you don’t know about

Considering the Cloud Apps you don’t know about

GDPR has been covered in great length in the run up to the enforcement date, with checklists, guides and whitepapers telling us what we need to do to stay compliant. This is all great, if your data is held in and structured in one central place. But the rise of cloud based app usage within banking, financial services and fintech organisations could certainly cause some difficulty when it comes to complying with the rules.

The Netskope Cloud Report by the Cloud Industry Forum found that the average European enterprise businesses are using over 600 cloud apps. While this covers the more obvious SaaS applications such as SalesForce and Expensify, it’s thought that organisations underestimate this figure by 90 per cent. Think teams setting up Dropbox to quickly share files for projects, or external agencies sharing large files with suppliers via WeTransfer.

This data fragmentation (caused by having hundreds of apps) creates an issue for banks, financial services and fintech companies trying to ensure GDPR compliance within their organisation, as they are effectively unaware of 90 per cent of the applications their company uses and the types of data held within those platforms.

Platform Convergence

Centralisation of this data can be a major step forward for GDPR. Products like G Suite and Office 365 allow fintech companies to provide good business tools for their teams while also having the benefit of providing centralised controls, reports, alerts and visibility of the data being used across the organisation. This minimises the number of apps, contracts and data fragmentation while also providing users with powerful tools to get the job done.

Policy complimenting technology

However, technology is only one part of the overall solution. Whether you have hundreds of applications or only a few, banking and fintech companies, and financial services organisations also need to understand what other controls need to be implemented in order to ensure that they are compliant. This includes:

  • Understand Data Usage: When using cloud apps organisations need to audit and understand what data they hold, where it came from, where it is held, what they do with that data, if it’s shared and how it fits with their data policies.
  • Data Protection Policy, Business Processes and Procedures: Organisation need to ensure they have a data protection policy in addition to any required processes and procedures to ensure the information risk is being managed effectively.
  • Staff Training: Organisations must engage employees, teams and contractors on what GDPR means for them in their day to day job and train them on the policies and procedures that they need to adhere to, to ensure the company remains compliant.

It may be worth consulting or hiring a GDPR Data Protection Officer to ensure the correct level of controls are in place and remain relevant.

The bottom line is that banking, fintech and financial services businesses need to understand what PI data they hold, why they are holding it, how long they need to hold it for and how it’s being managed.  This must be communicated to customers and staff and, where appropriate, mechanisms must be put in place to remove the data should it be requested. Technology is not the only part of the solution. Policy and technology complement each other.

James Smith – Head of Architecture & Innovation at Cloud Technology Solutions

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post