The EMIR Review and GDPR: Webinar Recording
In case you couldn't attend, below is a recording of the webinar we broadcast on the 14th of March. The EMIR Review section comes first, followed by GDPR from 30:57.
In order to fulfil its mandate under EMIR, the European Commission launched a public consultation in May 2015 on the implementation of EMIR so far. The Commission's final report, including a legislative proposal, was published on 4 May, 2017, suggesting a number of targeted modifications of EMIR ('EMIR Refit'). These are designed to eliminate disproportionate costs and burdens and to simplify the rules. The proposal has been further amended by the Council of the European Union on 15 November, 2017 and the EU legislative process is expected to be finalised and published by end 2018.
In this webcast Peter Ten-Broeke will go through the main topics of the Commission's proposal and the status of continuing market advocacy on some of the rulemaking areas which are part of EMIR Refit.
With only about 4 months to go before GDPR comes into force, this leaves very little time to become compliant. Data privacy and data protection is highly important as it impacts all EU citizens’ personal rights. Besides this, a significant part of our economy already is digitalised, so the importance as well as the impact is also of major importance.
Financial institutions, over the years, have collected enormous amounts of data and it is not always clear under what circumstances these were obtained. This is a potential risk. Data leaks, where an employee loses a USB stick, is just around the corner. Solid security measures are essential, but also get a grip on what data the organisation possesses and why you own this data. Also, data with third parties should not be forgotten. Organisations should be master of their own data.
Complexities that are added by Brexit should also be taking into account. Besides this, the penalties of breaching GDPR are substantial: €20 million or 4% of worldwide turnover (whichever is the greater).
Finally, GDPR is not just an ‘IT thing’, this impacts the entire organisation.
In this webinar Roger Coenen will address the topic of how to become compliant with GDPR in an efficient manner. The approach to become compliant with GDPR can be categorised as follows:
- Organisational requirements (awareness, processing personal data legally, communication)
- Data governance (become master of your organisation’s data)
- Data protection (designing of systems, appointing data protection officers)
- Clients (individual’s rights, requests, consent, age verification)
- Cross-border activities
- Breaches and consequences