• Subscribe   
  • Subscribe   

How has GDPR impacted the financial services industry?

Published on 18 Oct 2019

GDPR has had a significant impact on organizations doing business in the EU and the financial services industry has taken its fair share. Reports of data breach incidents hit the headlines regularly, and there is much comment on the impact on businesses having to manage the associated costs and reputational damage.

In this week’s Reading Room, we bring you articles that explore the impact of GDPR on financial services companies and how these organizations can address the challenges, as well as the opportunities this legislation presents.

We conclude with input by our financial services CX expert, James Hall, on the importance of data security and how GDPR compliance can help financial organizations better service their customers in this digital era.

One year on: the impact of the GDPR on digital banking

This article reminds us that when GDPR was introduced in 2018, it rattled the business world, not least because of the threat of large fines and negative publicity. The impact of GDPR in financial services has been significant. The rise of digitization and the introduction of open banking have brought the need for privacy and trust to the forefront as business imperatives.

The author also reiterates that even with the most sophisticated security systems and seemingly iron-clad processes, organizations are still at risk of being compromised. Therefore, it’s vital that businesses are prepared to manage a data breach incident, both to maintain trust with their customers, and to comply with privacy legislation.

And to conclude: GDPR: a blessing or a curse for digital banking? Read on to find out…


Open Banking and the Closed Ecosystem: The Tech Banks Need to Navigate GDPR

Service delivery in the banking industry is evolving to meet the demands of today’s digitally-savvy consumer. Open banking, driven by APIs, is the new trend. However, it is being challenged by privacy regulations such as GDPR and the Payment Services Directive (PSD2). There’s an interesting quote from CSO, that “64 percent of fintech firms’ main websites still fail GDPR compliance tests more than a year after this legislation came into force”.

The article goes on to explain the value of API’s in open banking, as well as how banks can pursue open banking, while still complying with GDPR. This involves both technical and organizational measures.


  • Publisher: BizTech
  • Access: Public
  • Download: None

Financial industry spends millions to deal with breaches

According to a new study (2019 Global DNS Threat Report – from a security company, EfficientIP) “financial services organizations experienced an average of 10 attacks a year and spent an average of $1.3 million to restore services after each DNS attack.” And, based on more frightening stats highlighted in this article, it is clear that financial services organizations are a big target for DNS attacks.

Based on the same study, it is noted that organizations see GDPR as having a positive impact on business – forcing them to become more innovative, upgrade their network security, and educate employees. This effort has had a positive effect, as “64% said they saw heightened consumer trust.”


A comment from our financial services CX expert:

Data is central to progress and innovation in the digital economy. An individual’s personal information has an intrinsic value that must be protected.  Financial data, specifically, is targeted by fraudsters and criminals for many nefarious purposes: extortion, identity theft, fraud, and theft.

This is why, globally, governments and alliances have put in place legislation and guidelines to regulate, monitor and enforce the legitimate processing of data, the priority being to safeguard personal information.

GDPR compliance can help financial organizations establish a competitive advantage in a complex digital landscape, enabling them to better serve their customers, build trust and commit to good business practices.

James Hall

Commercial Director, UK

Build consumer trust through regular, digital communications that comply with data privacy regulations - keen to find out more?

By submitting your details via this form, you are consenting that we receive and store your information for the exclusive purpose of contacting you.
  • We will not share or publish your information or process it for any other reason.
  • Once your request is fulfilled, we will either delete your information or request your consent for further processing.
  • Please find additional information in our Privacy policy.
View our Terms of use | Protected by reCAPTCHA.