Luxembourg
01 March 2017
Reporter: Stephanie Palmer

ITAS: TAs given stark warning on data security


Transfer agents must be aware of, and reactive to, the increasing importance of cyber security, according to William Long, partner at law firm Sidley Austin.

Speaking at ITAS Luxembourg, Long told attendees that every business represented in the room “will be affected by a cyber security incident”.

Coping with the fallout from a cyber security attack “can be extremely painful”, resulting in job losses, a direct impact on profits, and reputational damage and a subsequent dip in share prices.

When the EU’s General Data Protection Regulation (GDPR) comes into effect next year, a cyber breach could also lead to “mouth-wateringly large” fines, Long said, of up to 4 percent of annual global turnover, a deliberately “persuasive figure”.

The new regulation mandates a more controlled process around gaining consent to use a client’s data, introduces a right to object to automated data profiling and a right to erasure, meaning clients can, in some cases, request data to be deleted. It also introduces the potential for individuals to file damages claims in the case of a data breach, even for non-financial loss.

In the financial services space, Long said, firms will have to take a “privacy-by-design, privacy-by-default” approach to data, only collecting the minimum amount and building privacy into processed and procedures in an “antithesis to the world of big data”.

The new rules also mean that where a vendor processes data on behalf of an asset manager, “service agreements will have to be amended”.

To manage cyber risk and the impending new regulatory requirements, Long said risk mitigation is key. Firms should determine their risk profile and get procedures and policies in place to prepare for a data breach, clarifying what the “crown jewels” are, where they are, and who is looking after them.

“Frankly,” Long asked, “are they up to the job?” He advised attendees to first identify the relevant people to have on a breach response team, with coordination between human resources, IT, legal and governance teams.

More technology news
The latest news from Asset Servicing Times
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
InvestCloud builds on digital platform
17 November 2017 | Los Angeles | Reporter: Stephanie Palmer
Financial technology provider InvestCloud has added a new portfolio management tool to its digital platform
Citi pilots new platform for proxy voting
14 November 2017 | London | Reporter: Jenna Lomax
The platform, which is supported by Computershare, will be initially rolled out in the UK for the 2018 proxy season
WTW’s AMX chooses InvestCloud to boost asset management platform
07 November 2017 | London | Reporter: Stephanie Palmer
InvestCloud has been selected by Willis Towers Watson’s Asset Management Exchange to provide a digital interface to connect asset owners and management
R3 and SIA push for blockchain ecosystem
07 November 2017 | London | Reporter: Theo Andrew
The partnership will aim to speed up the global development of blockchain through SIAnet’s network of 600 nodes, provided to financial institutions, corporates and public administrations
BNP Paribas goes live on ASX corporate actions service
03 November 2017 | Sydney | Reporter: Stephanie Palmer
The new service offers straight-through delivery of corporate actions announcements, getting information to clients within seconds of the announcements being made
Lombard Risk provides regtech solution to OneSavings
01 November 2017 | London | Reporter: Jenna Lomax
The introduction of the programme at OneSavings Bank will help to streamline regulatory reporting, data management and analytics, according to Lombard Risk
DTCC enhances its European GTR for SFTR
25 October 2017 | New York | Reporter: Jenna Lomax
The new bolstered SFTR offering will be a significant addition to the existing reporting capabilities, affecting 45 regulators around the world who have access to GTR data
More technology news