London-based RegTech company Pontus Vision has launched an open source and software-based product to help companies comply with the EU’s upcoming GDPR regulation.
The EU’s General Data Protection Regulation (GDPR) is due to come into force on 25 May 2018.
GDPR will impact every business that processes or collects data from EU citizens. Failure to meet the regulatory requirements could result in significant penalties of up to €20m or 4% of global annual turnover – whichever is higher.
The legislation will require firms to adhere to a multitude of new rules governing how their customers’ personal data is handled, processed and secured.
To effectively address upcoming obligations, including the need to respond to information requests within specified time frames, firms will need to ensure they protect their customer’s data in a standardised, complete and readily accessible manner.
Pontus Vision said its software solution, Pontus Vision GDPR, enables firms to search for any given customer and access all of the data the business holds about them in a consolidated view.
The RegTech company said Pontus Vision is designed to deliver “GCHQ-level security” even when data is stored in the cloud.
Pontus Vision GDPR is described as enabling firms to streamline and automate their data management processes, without changing underlying systems or procedures, or implementing potentially restrictive proprietary solutions.
The RegTech company extracts and tracks all of the personal data that the business holds on its customers. This empowers data protection officers to collate and analyse all of the personal data relating to a particular client.
Firms can respond to GDPR-related subject access requests (SARs) and track privacy impact assessments (PIAs), even when the data is stored in different locations and in varying formats.
Leonardo Martins, founder of Pontus Vision, commented: “We have designed Pontus Vision GDPR to enable financial service firms, challenged with historical data management issues, to very quickly and efficiently meet their GDPR requirements.
“Having built the solution following an engagement with the UK Government, we have applied our knowledge and expertise in security to the development of Pontus Vision GDPR and are pleased to offer it as an open source solution to the financial community.”
Almost two-thirds (65%) of players across the wealth management and private banking market recently responded to a Private Banker International (PBI) survey and said they are prepared for GDPR.
Asked how prepared their firm is for GDPR, it is clear that 25% of organisation are making progress, but have some distance to go before being fully prepared for GDPR.
Some 10% of respondents told PBI their company was unprepared for GDPR.
A total of 60% of respondents said the biggest expected consequence of GDPR will be greater transparency for consumers.
In terms of communicating GDPR to their clients, 60% of respondents said they are taking a proactive approach and have already discussed the regulation with their customers.
However, 25% of clients say they had not discussed GDPR with their clients. Meanwhile, 15% were unsure if they had, or had not.
Half the respondents said they have adapted their IT systems for GDPR, but 45% admitted they have not. Some 5% said they are unaware whether any changes have been implemented to IT systems in readiness for the regulation.