“I find the content of Journal of Business Continuity & Emergency Planning to be up to date, easy to follow, and applicable to the professional in the field, the student in the class, and the academic. This journal offers a mix of articles from many disciplines in a manner that allows the professional to utilise the data immediately. I have personally used material from this journal on multiple occasions, both in my academic and professional endeavours.”
The impact of the General Data Protection Regulation on the banking sector: Data subjects’ rights, conflicts of laws and Brexit
Click the button below to download the full text of the article.
Abstract: The General Data Protection Regulation (GDPR) will undoubtedly have an impact on how businesses manage compliance in the coming years. The banking and finance sector is not immune. It does however already operate in a heavily regulated environment, because the type of personal data banks receive, while not generally fitting the definition of ‘sensitive personal data’ in the EU, is still highly vulnerable data that could see the data subject becoming a victim of fraud or other financial crime. Between the NIS Directive and the GDPR, what then will be the impact of additional toothy, large-scale regulations requiring databases full of documentation for auditability, transparency and accountability on an industry already (presumably) running a very tight compliance ship?
This paper addresses:
● the key changes of the GDPR (and for completeness, the NIS);
● what happens when these laws conflict with other applicable regulations;
● other changes in the banking in general, including the end to banking secrecy in light of certain elements of the GDPR around sharing of personal data; and
● the impact Brexit will have in the context of regulating privacy in a non-GDPR environment.
Keywords: banking, GDPR, banking secrecy, NIS Directive, financial crime
Lori Baker: Until her recent relocation to Dubai, UAE, Lori Baker was a Senior Associate at Fieldfisher LLP in London, in the Privacy, Security and Information team led by Hazel Grant. Her primary areas of focus over the past 11 years have been in Data Protection and Regulatory Compliance and her strengths are in the areas of global/EU data protection, anti-corruption and ethics, IT and telecoms outsourcing, as well as global telecoms regulation and commercial contract negotiation.