Next year, firms around the globe will be impacted by some of the world’s toughest new regulations and privacy requirements. Adapting to this new landscape was a key topic at The Lawyer's Managing Risk and Litigation conference.
PSD2 (Payments Services Directive), the Markets in Financial Instruments Directive (MiFID II), GDPR (General Data Protection Regulation) and NIS (Network and Information Systems directive) will come into force in 2018 and will have a massive effect on companies around the world.
We’re going through a period of intense regulatory change, these upcoming regulations require companies to treat data with respect and have increased accountability and transparency for their client information.
These pieces of legislation are all coming at a time when more corporations are trying to utilise, monetise and leverage data in a bid to be more competitive. Data is the new oil of the 21st century, but those companies who are able to use it lawfully in an increasingly complex regulatory landscape will be the ones that come out on top.
Regulatory change is not going away. It is now going to be a constant, and so we need to factor in change as a BAU – business as usual – mentality rather than be surprised by it each time a new regulation comes online. Companies need to challenge the conventional top-down mandate approach towards compliance.
As business models have evolved, and data has proliferated both within and outside a company’s firewall, firms will need to adopt a more agile and collaborative approach towards change. Many firms have started with information governance as a basic step to align stakeholders, regulatory obligations and data. Smart use of technology is also an essential part of operationalising any compliance programmes, whether it be machine learning to help automate manual classification or Big Data to help identify compliance patterns and risks.
Regardless of the industry, complying with these requirements will ultimately help make a firm’s data, service and company more valuable, and serves as good protection against an increasingly complex competitive landscape.
For instance, Orange, the mobile phone company has now recently created Orange Bank with the aim of winning 25% of the online banking market in France. While financial services would not have typically envisaged telecom companies as a potential competitor, Orange was able to leverage their client base to enter a new market. They leveraged Information Governance as an imperative to help the firm innovate and ultimately used their data to provide a competitive advantage. A key lesson learned is that firms need to be willing to accept and take risks to both comply with regulation and also defend against marketplace disruptors.
In this data-driven world, information governance is crucial, whether it’s to reduce data and costs, comply with the plethora of regulations being enforced, or simply to stay ahead of competitors to provide a truly client-centric approach.