Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

GDPR. ARE TRANSLATION PROCESSES PUTTING BANKS AT RISK?

By Katie Rigby-Brown, VP Global Finance Solutions, SDL 

The upcoming European Union General Data Protection Regulation seems to have caught most businesses – including the financial industry – by surprise. Only a third of companies claim to be compliant (or at the very least on their way to compliance), exposing many to heavy penalties once May 2018 passes. These penalties include up to 4 per cent of annual turnover for a data breach, not to mention the untold impact on brand equity and daily operations.

For those not familiar with the new legislation, the objective of this new set of rules is to give citizens back control of their personal data, and to simplify the regulatory environment for businesses. The data protection reform is a key enabler of the Digital Single Market which the European Commission has prioritised, and will allow financial institutions to fully benefit from the digital economy.

Financial supply chain

Despite being more compliance-focused than most, the financial industry is not immune to the dangers of a post-GDPR world.

One of the underlining principles of the GDPR framework is to understand – and control – the customer data you hold, why you hold it, where it is, and who has access to it. In finance organisations, this can be easily managed. But in large multinationals – with customers scattered across the world speaking different languages – the picture is very different.

Multinational banks, insurance and financial enterprises rely on large teams of translators – both internal and externally – to localize everything from marketing collateral to highly sensitive documents including sensitive HR documentation and forms relating to the claims and underwriting process. This often involves sharing, storing and collaborating on documents with colleagues and partners across the globe.

Under the radar

The truth is that many translation activities take place under the radar, and financial firms often have limited visibility of activity across the entire translation supply chain.

This exposes weaknesses even within organisations that have a central policy in place. For instance most banks have established vendor pools where NDAs and data protection contracts were signed years ago. However this does not provide the chain of custody required for GDPR compliance.

While ISO 27001 (and 9001) is important for validating vendors, it also does not mean that translation processes are truly compliant with the new regulations.

Understand the risk

Financial firms should ask themselves the following questions to understand how their translation teams, and processes, could impact their GDPR governance.

  1. Can you be certain that your employees are not unwittingly putting you at risk via the use of free online translation tools?
  2. When was a security review of your vendors and their processes last carried out? Do you know whether you are sending PII out as part of the translation process?
  3. Is your process for handling multilingual content fit for purpose?
  4. Who is responsible for security across the translation supply chain? Can you identify what happens to your documents after they reach your external vendor(s)?

Unless financial organisations have a challenge and demand policy in place, and a robust process that ensures vendors can only receive work through a central platform, then there’s no way of proving that security is designed into the process.

These are crucial questions that any financial business should ask of their translation teams, systems and processes.

Relationships with customers – particularly in this industry – are built on trust. Consumers are more empowered than ever, and they need to know that their chosen bank or insurer takes their data privacy just as seriously as they do. While this presents challenges, it’s also a huge opportunity for businesses that get it right.