By Tim Jesser, Director of Global Product Marketing, Snow Software
After years of speculation and two years of stark warnings, it’s finally here. Enforcement of the EU’s General Data Privacy Regulation (GDPR) is in effect, but according to a report from the Ponemon Institute released last month, nearly half (48%) of organisations didn’t expect to hit the May 25th deadline, or didn’t know when they would.
Some organisations area couple of years into their GDPR journey, while others have left things a little late, only recently realising the monumental effort required to achieve compliance.If you are in the latter group, which if the statistics are to be believed is quite a number of organisations, you don’t need to panic just yet.
That doesn’t mean you should be taking it easy. The longer you delay, you increase the risk of spending an inordinate amount of time scrambling to respond to regulators, taking precious focus away from achieving business goals. The hardest part of any journey is starting, so if you’re still formulating your GDPR plans, here are a few steps that will simplify the process.
- Appoint a data protection officer
Under GDPR, a Data Protection Officer (DPO) is required for all public authorities organizations that regularly process personal data, or organisations that process sensitive personal data. Banking and finance fits squarely within the latter two categorisations, which means nearly all organisations in this industry will need to hire a DPO. With estimates of needed DPOs estimated at 75,000, competition will be significant and it is recommended to start the search now if you haven’t already.
- Focus on the articles that matters most
With 99 articles, GDPR isn’t a quick read. Fortunately, not every article is created equal and focusing on the most important information up front will stand you in good stead. These are:
- Article 30: Records of processing activities (RoPA). The RoPA centres on identifying where personal data is being processed, who is processing it and how it is being processed.
- Article 32: Security of Processing. Within Article 32 is the “technical and organisational measures” language which states that organisations must “implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.” Remember that ‘appropriate’ means just that. Don’t let GDPR alarmists tell you that ‘appropriate’ means you absolutely must buy their state of the art security software. The truth is we don’t know yet how regulators will enforce and interpret this article and others. Do your best, document your efforts, and that will go a long way towards satisfying regulators.
- Article 35: Data Protection Impact Assessment (DPIA). A DPIA is the documentation of especially sensitive data processing and the protection measures that have been established for this processing.
- Get enterprise wide visibility
Most organisations beginning their journey to GDPR compliance, understand the importance of identifying the location of prominent personal data repositories such as ERP systems, along withCRM tools such as Marketo and Salesforce. But these commonly used systems often represent just a fraction of the resources that process personal data.
Like an iceberg, the vast majority of such applications are considerably less visible to the business and not necessarily front of mind for the GDPR team. Of significance here is the growing number ofSaaS applications purchased by business units with little to no involvement by IT. If you can’t find a way to gain total visibility of your software and IT assets, you really don’t have much hope of being GDPR compliant. Establishing GDPR compliance requires complete visibility of all personal data repositories across the enterprise.
- Shine a light on blind spots
Blind spots are the‘unknown unknowns’; a phrase made famous by former US Secretary of Defense, Donald Rumsfeld. You don’t even know you have them. Blind spots can be particularly problematic when it comes to personal data repositories. It is important to utilise automated discovery tools to uncover all personal data repositories across the enterprise.
You need to be particularly aware of the data held on mobiles. Not only do these devices maintain personal data, they also process information on the user. In addition, they are especially susceptible to be being lost, potentially running afoul of GDPR directives on maintaining control of personal data.
- Buildyourpeople, processandtechnologyas one
There is no silver bullet to GDPR compliance. No single application tobuy or consultant to hirethat will take away all GDPR pain. Instead, compliance takes a combination of people, processes and technology.
People: Set up a cross-functional data governance team, made up of the DPO, IT leaders and business leaders from a range of functions including Compliance, Legal, HR, Customer Service, and Marketing. Befitting the criticality of GDPR compliance, this team should report to the Board of Directors.
Processes: Once the data governance team has defined what personal data means, they need to share this understanding across the organisation. In addition, privacy rules must be documented and shared across all lines of the business.
Technology: There are a number of solutions that can accelerate and maintain GDPR compliance including:
- Case management systems for handling data subject requests
- Data discovery systems for finding applications, structured data, and unstructured data
- Identity and Access Management to track role management and who has access to which data
- Software Asset Management can help create the system, users and device visibility required to ensure claims of “compliance” are based on a complete understanding of the enterprise
There is still time to become GDPR compliant before it has an ill effect on your organisation. But in an industry where sensitive customer information is prevalent, you may not get as much wiggle-room as those operating in other sectors. Take note of the above, start the process of getting yourself organised sooner rather than later, and you’ll find that you’re a long way towards being compliant before you know it.
Iron Mountain 2021 Outlook
By Stuart Bernard, VP of Digital Solutions at Iron Mountain
The Covid-19 pandemic is continuing to rewrite the rules governing how we live and work; no crystal ball is needed to identify that general trend. However, what is perhaps less clear is how this reshaping of our traditional work/life patterns will play out in physical, day-to-day terms during 2021.
To fully understand the impact of the virus on employment practices requires an investigation of two evolving challenges: how and where we work. These interlinked issues are already having a profound influence on a wide range of business processes and they are continuing to fundamentally and irrevocably altering the world of employment for people around the world.
Cost reduction will top business priorities
For most businesses, the need to preserve cash will be a major concern over the coming 12 months. Uncertain trading conditions customarily tighten purse strings so we can expect some near-term cost reduction measure. An agile, flexible approach to office space offers an immediate monetary benefit, which in combination with a widespread acceptance of remote working, provides ample opportunities for downsizing real estate holdings. This will enable businesses to divert cash to crucial customer-facing operations, helping protect bottom line performance.
Flexible working will enable greater workforce diversity
However, there is an enduring need for companies to provide offices for their employees, if only to support face-to-face collaborations and ensure that there’s an opportunity for direct learning and training to support career development. For many people, a single place of employment will no longer be the norm – a flexible mix of home, remote and office-based work will be the new reality. However, knitting dispersed employees together into an integrated unit is problematic. Meeting the needs of a hybrid workforce will require the implementation of seamless digital workflows that are responsive and robust enough to ensure that staff can be productive and connected no matter their location.
An unintended benefit of operating a hybrid workforce is the increased level of flexibility it provides when recruiting staff. This has the potential to open up the talent pool beyond conventional geographic areas, boosting access to skills and experience from a wider area. Once again, in order to maximise the opportunities this provides, it will be necessary to assemble a robust digital network in order to bridge physical distances as well as potential cultural ones, depending on how widespread a workforce becomes.
Automated workflows will become critical
For 2021 it’s not just where businesses operate that’s going to change; the requirements of customers are likely to transform, too. This will be especially apparent when it comes to signing contracts and delivering services. Lockdowns and Covid-19 related restrictions on traditional in-person meetings are going to herald the demise of conventionally signed documents in many instances; they are also likely to change how records are shared and stored. An increasing reliance on digital workflows will require the parallel adoption of secure digital storage and handling. Specifically, Iron Mountain’s research reveals that IT support (49%), customer relationship management (36%) and overseeing team resourcing (34%) are the top three processes digitised in response to lockdown.
Nevertheless, efficiently storing existing physical documents or ensuring their safe destruction remain important functions that businesses should not neglect, even if they’re moving to predominantly digital workflows.
Importantly, digitising processes offers a range of benefits that will outlast the current global pandemic. According to our research sample there are four key benefits, which all deliver long-term value: increased productivity (the most popular response at 27%), time savings (20%), enhanced data quality (13%) and cost reductions (12%). Irrespective of trading conditions, there are all important developments that any forward-looking business will want to gain.
Protecting bottom line performance
How does all this work in practice? Well, a fully-searchable on-line repository will enable a company to quickly and cost-effectively access and archive documents, thanks to an array of enhanced search functions. During a period of intensified competition and pressure on bottom line performance this level of functionality delivers real-time benefits that not only meets the needs of a transforming business, it also adds value and consistency to customer services. Similarly, once in place, a properly designed digital workflow system will also be able to automate processes, allowing valuable time and budget to be preserved. What at first might look like a costly investment can quickly turn into a business driver by creating a unified and responsive platform for document and contract management with anytime, anywhere access.
Despite the changing employment patterns, 2021 will show that the physical office space will not cease to exist. Having said that, the way we remember it might change as hybrid working becomes more common place. The coming year will also reinforce the importance of enterprises being flexible and agile – those that cling onto outmoded ways of operating will lose their competitive advantage during a period of dramatic change. Importantly, in order to maximise their opportunities businesses will need to invest in the best available digital tools; adopting and adapting to a paper-free workflow aren’t optional: the next 12 months are going to transform how we create, transfer, share, store and action documents thanks to an increasing use of automated workflows.
Jack Henry shares six areas of focus for financial institutions in 2021
Reflecting back on 2020, the community banking and credit union industries should be proud of how this unprecedented pandemic and resulting economic crisis was managed. It was a truly remarkable time in which organizations worked together to take care of their employees, serve and support our communities, and operate their businesses efficiently despite significant challenges.
Now in 2021, the financial services industry is focused on moving forward – and is well positioned to do so. The technology demands faced over the last year were tremendous, but they were not a surprise. Jack Henry has been steadily working toward building digital, user centric, and open technologies that allow community banks and credit unions to meet customer and member needs personally and at their time and location of choice. The company is constantly evaluating industry trends and developing the technology necessary to prepare financial institutions for continued success. Below are a few areas of focus in 2021:
- The Paycheck Protection Program (PPP) continues. An additional $284 billion has been approved for PPP lending, including new loan eligibility and the option for qualifying businesses to receive a second loan. Preparing for the dissemination of these funds, all while managing the forgiveness process, is top of mind for many bankers. Community banks and credit unions can continue to benefit from participating in this program by gaining and strengthening small business customers as well as playing a significant role in extending loans to minority- and female-owned businesses. In fact, in addition to facilitating the majority of the small business PPP loans in 2020, community banks originated 72.6% of PPP loans made to non-white small business owners and 71.5% of PPP loans made to female small business owners.
- Digital banking continues rapid acceleration. Digital banking adoption has reached record highs, and enhancing digital service is a top priority. The area is constantly evolving in speed, personalization and openness. The key to continued success is to stay focused on the needs of people, identify digital solutions that draw people in, engage them, and focus more on providing human-centered service in moments of need. Platforms should offer open infrastructure that makes it easy for institutions to embed their solutions of choice, preparing them for the future.
- Payments platforms take center stage. It’s critical for financial institutions to broaden their payments options, moving toward an approach that provides end users with robust features combined with an excellent experience. An integrated payments infrastructure that provides frictionless, real-time experiences will be necessary to compete with big banks and fintechs. Financial institutions will partner with vendors that can help to build the right platform for their unique customer and member preferences.
- Digital transformation in mortgage lending. Mortgages rates have dropped to record lows and the Federal Reserve has expressed no plans to change the rate environment until 2022 or beyond. Bankers must drive efficiency to compete. They need automation and seamless workflows that effectively measure credit risk and streamline previously manual processes. This empowers lenders to focus on building relationships and growing portfolios. Borrowers will benefit also from the added speed and connectivity with their lender.
- Changes in the new administration. With the pending changes in Washington, a new administration will most likely swing the pendulum back toward an environment of stricter banking regulation. Economic recovery has also been identified as a top priority by the new administration. Banks and credit unions must have agile technology and processes in place to respond; outsourcing will help many with these adjustments.
Transparency and fairness in lending. Given the social environment in our country today, Jack Henry expects a real focus this year on diversity and inclusion in banking, especially around access to fair credit and lending costs. Many organizations, Jack Henry included, have taken a formal stance in supporting racial justice and equality. Working together to ensure that lending clients are treated equitably.
This year will continue to be about partnerships that are committed to doing the right thing and providing for local communities. Together, fintechs and financial institutions can develop joint strategies and modern technology that drive success, both today and tomorrow.
Seven lessons from 2020
Rebeca Ehrnrooth, Equilibrium Capital and CEMS Alumni Association President
Attending a New Year’s luncheon on 31 December 2019, we played a game that involved predicting the world in 2020. Some of the questions included: would Uber become profitable? Would the three-decade bond rally finally come to an end? Would the US hit a recession?
Unlike any of our predictions based on a traditional approach to business and predicting, we now know that 2020 became the year where business, professional and personal plans were turned upside down, reshaped and put-on hold. The proverbial black swan had arrived.
As revealed in a new CEMS Guide to Leadership in a Post-COVID-19 World, to which I contributed, the COVID-19 pandemic has exposed deficiencies in the 20th Century vision of leadership, giving a rare opportunity to question the status quo.
So, what are the main lessons from 2020?
- Humans are enormously adaptive. This is not an extinction scenario. The world is getting used to dealing with global human disaster which may become a recurring event. Life continues guided by new parameters.
- No sector or country is immune to rapid change. Just as the leveraged finance and equity markets ground to a halt during the Global Financial Crisis, we have seen a disruption in the financial markets (including M&A) in 2020, including a significant redistribution of wealth between sectors; think tech vs airlines and the hospitality industry. When a market is disrupted it has secondary and tertiary effects such as less work for accountants, lawyers, financiers etc.
- Location is not as important anymore. The belief that finance staff need to be based in one of the financial capitals to be effective has been forever altered. Pursuing a career in finance from anywhere is becoming possible. However, it’s likely that over time, financial controls and human interaction will move the work model back towards the traditional office approach, as work is a critical sanctuary for people. While working from home may allow more time for family, chores and sports, it is mainly effective for people who already have their internal and external networks. For junior employees it presents a notable challenge as they may be forced to spend their formative years without a chance to really build their networks.
- Change is likely to be lasting. The opportunity for alternative finance and tech focused providers is enormous and 2020 will accelerate this shift. For example, many retail banks are providing rather poor customer service, blaming the pandemic. Even the most loyal customers will be heading elsewhere. For recent graduates and current students this is a major shift; future winners and key employers may not be names we are used to seeing in the headlines.
- There will be a spotlight on leaders with visionary strategy and understanding of the operations. 2020 showed many politicians and business leaders behaving like they were playing a game of snakes and ladders, rather than executing a thought-out strategy. The next wave of thoughtful leadership is urgently required.
- Collaboration leads to success. The definition of a pandemic is an infectious disease prevalent worldwide. A global problem requires a collaborative solution rather than each country and industry on their own. Quoting Steven Riley, professor of infectious disease dynamics at Imperial College London: “Once you have the knowledge and you share the knowledge, then you are able to take measures to push transmission much lower”. This principle is transferable to management education. In a world more complex than ever, investing in a degree is hard currency. Combined with the full global alumni network, corporate partners and schools, CEMS is capital that doesn’t depreciate.
- Resilience has become a watch word. Saint-Exupéry’s quote resonates with me: “If you want to build a ship, don’t drum up people to collect wood and don’t assign them tasks and work, but rather teach them to long for the endless immensity of the sea.” We are in a new paradigm – so prepare for the next change. For COVID-19, while we hope that the vaccine will soon upon us, the broader long-term positive challenge remains.
Shares climb ahead of Yellen speech, earnings in focus
Via Reuters By Danilo Masoni and Wayne Cole MILAN/SYDNEY (Reuters) – Global shares climbed and the dollar eased on Tuesday...
Norway awards oil and gas exploration rights to 30 firms
Via Reuters By Nerijus Adomaitis OSLO (Reuters) – Norway awarded 61 offshore exploration blocks to 30 oil firms in its...
European stocks turn defensive as lockdown worries resurface
Via Reuters By Amal S and Sruthi Shankar (Reuters) – European stocks inched higher on Tuesday, as possible extension of...
FTSE 100 edges up as HSBC, drugmakers gain
Via Reuters By Shivani Kumaresan (Reuters) – British shares inched higher on Tuesday, supported by gains in HSBC and drugmakers,...
Google backs Indian courier startup Dunzo in $40 million fundraising
Via Reuters BENGALURU (Reuters) – Indian hyperlocal courier startup Dunzo has raised $40 million from existing investor Google and others,...
Bankers call for ‘hybrid’ shares to plug COVID corporate capital gap
Via Reuters LONDON (Reuters) – European companies hit by COVID-19 could issue “hybrid” shares to plug a predicted capital gap...
Bank of England sets out interim ‘bail-in’ debt targets for banks
via Reuters LONDON (Reuters) – The Bank of England on Tuesday set out interim levels of special debt that banks...
British firms call for immediate $10.3 billion in COVID aid
via Reuters By William Schomberg LONDON (Reuters) – British firms called on Tuesday for another 7.6 billion pounds ($10.3 billion)...
BOJ’s policy review may make ETF buying more flexible – Reuters poll
via Reuters By Kaori Kaneko TOKYO (Reuters) – The Bank of Japan will likely focus on measures to make...
Holding Cloud To Account, How Cloud Adds Up In Financial Services
By Dom Poloniecki, General Manager, Western Europe and Sub-Saharan Africa at Nutanix Cloud computing and the deployment of increasingly cloud-native...