Balancing cross-border data, privacy and security regulations
Last week we heard that the French regulator CNIL fined Google a record 50 million Euros for breaching EU Data Protection laws.
Why is this significant for banks?
This article highlights the point very well – a regulator in France fined a company headquartered in Ireland for unlawful activity being conducted out of the US.
Moving data cross-border is not unusual for financial institutions, and data is often transferred between jurisdictions for justifiable reasons e.g. to ensure internal efficiency or detect fraud and money laundering.
But multi-jurisdictional financial institutions are confronted by a myriad of disparate data transfer rules and regulations, many of which restrict the transfer of personal data from one jurisdiction to another. According to the latest RegTech for Information Governance report, 107 countries have enacted some form of data privacy and protection legislation and 138 countries have passed cyber¬crime legislation.
How do you balance cross-border regulatory requirements around data, privacy and security?
Do you know which regulations relate to your business, and have full visibility of all regulatory obligations?
Unlikely, if you rely on manual resources and spreadsheets to monitor your compliance status and assess the impact of regulatory change on your business. For many, this is a time-consuming, inaccurate and very costly process.
CUBE's AI-driven regulatory intelligence and regulatory change management platform does that for you, automatically mapping regulation to your own policies, controls and processes, providing a single view of all regulatory obligations, across all jurisdictions – and issuing alerts when regulatory change occurs.
CUBE detects when a regulation (e.g. GDPR) is superseded, and identifies conflicts with other regulations, enabling risk-based assessments that help you to determine the most compliant course of action.