Compliance and Regulatory Consulting
Local and global compliance expertise for the financial services industry.
Jason Elmer, Managing Director in the Compliance and Regulatory Consulting practice at Duff & Phelps, was quoted in The Cybersecurity Law Report’s three article series on "GDPR Essentials for the Financial Sector.” The first article discusses the current state of compliance in the financial sector, the extraterritorial applicability of the GDPR, its relationship to U.S. laws, enforcement priorities and the risk of collective action. The second installment in the series addresses specific compliance steps and the identification of common errors. The third article examines special considerations of the law – such as determining the identity of controllers and processors and accounting for member-state specificities – while providing advice on monitoring ongoing compliance.
In the first article Jason explains, "While consultants and/or legal counsel can provide guidance and educate clients on GDPR, businesses should take the time to understand the requirements to identify how their business practices are affected by the regulation. Knowing the intent behind GDPR is key to determining the business’s risk."
Read the full article on GDPR Essentials for the Financial Sector: Benchmarking and Assessing the Risks.
In the second article Jason highlights, “Banks and asset managers should understand the type of personal data collected, why it is being collected, who has access to the personal data, how long such data will be retained and where it is stored. This could be done as part of a GDPR risk assessment, or separately.”
Read the full article on GDPR Essentials for the Financial Sector: Compliance Steps.