Luxembourg
01 March 2017
Reporter: Stephanie Palmer

ITAS: TAs given stark warning on data security


Transfer agents must be aware of, and reactive to, the increasing importance of cyber security, according to William Long, partner at law firm Sidley Austin.

Speaking at ITAS Luxembourg, Long told attendees that every business represented in the room “will be affected by a cyber security incident”.

Coping with the fallout from a cyber security attack “can be extremely painful”, resulting in job losses, a direct impact on profits, and reputational damage and a subsequent dip in share prices.

When the EU’s General Data Protection Regulation (GDPR) comes into effect next year, a cyber breach could also lead to “mouth-wateringly large” fines, Long said, of up to 4 percent of annual global turnover, a deliberately “persuasive figure”.

The new regulation mandates a more controlled process around gaining consent to use a client’s data, introduces a right to object to automated data profiling and a right to erasure, meaning clients can, in some cases, request data to be deleted. It also introduces the potential for individuals to file damages claims in the case of a data breach, even for non-financial loss.

In the financial services space, Long said, firms will have to take a “privacy-by-design, privacy-by-default” approach to data, only collecting the minimum amount and building privacy into processed and procedures in an “antithesis to the world of big data”.

The new rules also mean that where a vendor processes data on behalf of an asset manager, “service agreements will have to be amended”.

To manage cyber risk and the impending new regulatory requirements, Long said risk mitigation is key. Firms should determine their risk profile and get procedures and policies in place to prepare for a data breach, clarifying what the “crown jewels” are, where they are, and who is looking after them.

“Frankly,” Long asked, “are they up to the job?” He advised attendees to first identify the relevant people to have on a breach response team, with coordination between human resources, IT, legal and governance teams.

More technology news
The latest news from Asset Servicing Times
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
Raymond James selects Red Deer for MiFID II
16 January 2018 | London | Reporter: Jenna Lomax
Raymond James Investment Services has chosen Red Deer’s research valuation management solution to adhere to MiFID II
Northern Trust acquires technology resources from Citadel
12 January 2018 | Chicago | Reporter: Jenna Lomax
Citadel has agreed to give Northern Trust the software development rights for Omnium, a software solution, along with an undisclosed number of development staff
SETL and OFI AM being to process blockchain transactions on IZNES
11 January 2018 | Paris | Reporter: Jenna Lomax
IZNES, which is powered by SETL’s blockchain technology, has used the IZNES system in a series of trials with selected clients
DTCC launches new trade processing platform
10 January 2018 | New York | Reporter: Jenna Lomax
DTCC Exception Manager is DTCC’s latest addition to its trade processing product suite, supporting and securities transactions globally
Synechron: Innovation will remain key in 2018
09 January 2018 | New York | Reporter: Becky Butcher
Innovation will be the driving force in advancing key priorities such as compliance, risk and automation in 2018, according to Synechron
Linedata teams up with LSE’s Una Vista for MiFID II
03 January 2018 | Paris | Reporter: Jenna Lomax
Linedata will use UnaVista as an approved reporting mechanism to report transactions to national competent authorities for all required asset classes
Texan broker completes first CME Clearing bitcoin futures trade
02 January 2018 | Houston | Reporter: Jenna Lomax
Choice! Natural Gas, a portfolio company of inter-dealer broker OTC Global Holdings (OTCGH), has completed its first bitcoin-denominated futures block trade through CME Clearing
More technology news