By any measure, the EU’s General Data Protection Regulation (GDPR) is a ground-breaking piece of legislation with profound implications for companies worldwide. It applies globally, affecting any organisation that interacts with the data of an EU resident. These pervasive implications mean GDPR impacts internal and external stakeholders and requires actions across people, process and platform (both data and technology).
But is targeting GDPR compliance enough on its own? We believe the answer is no. Put simply, GDPR demands not just regulatory compliance, but strategic organisational change. Therefore, banking and other financial institutions should approach GDPR not as a stand-alone compliance issue, but as a change that creates major opportunities to generate higher value through the smart use of digital technologies and thinking. Banks and other financial services institutions can use their regulatory and digital programs to drive a stepchange in value across their ecosystems.