This article was originally published on this site
With 100 days remaining until General Data Protection Regulation (GDPR) comes into force, investment managers and wealth managers have ranked the European initiative as the most significant data regulation they face in 2018, according to City law firm Wedlake Bell.
GDPR, which will be effective on 25 May, aims to modernise data law and give consumers the right to know much more about how their information is used and stored.
The introduction of GDPR will mean all firms will have to implement more stringent practices, ensuring data is better stored with adequate checks and processes in place to protect it.
Research carried out by Wedlake Bell at the Financial Firms Fit for the 21st Century panel seminar, attended by UK wealth and investment managers, found GDPR was ranked as the most significant regulation in regards to drivers for change in the sector.
Over 80% of the attendees polled cited the regulation as having the biggest impact ahead of MiFID II and the Common Reporting Standard, which received 15% and 4% of the vote respectively.
The key concern among those surveyed was their capacity to secure client data, with financial services a sector particularly vulnerable to cyber attacks.
Wedlake Bell said: “It needs to be accepted that firms will fall victim to a cyber-attack, but the focus is needed on detection, response and remediation.”
The law firm found 46% of respondents hold data in more than four places and 40% hold their data in two to three places, while just 6% said they held data all in one place.
Wedlake Bell said it is “vital it is for firms to ensure that their data is held in less than four places in light of the various regulatory pressures placed on the sector”.
Wedlake Bell added GDPR will also have a “significant impact” on outsourcing for asset managers and wealth managers, with regulated entities required to mitigate the risk transferred to third parties who are undertaking activities on their behalf.
Advisers also hold a significant amount of personal data about their clients and GDPR imposes much stricter rules on how that data is accessed and shared. Click here to see how the advisory industry is impacted.