Future Proofing Privacy: GDPR Compliance in a Networked Banking System

Create a vendor selection project
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
We are waiting for the vendor to publish their solution profile. Contact us or request the RFX.
Projects allow you to export Registered Vendor details and survey responses for analysis outside of Marsh CND. Please refer to the Marsh CND User Guide for detailed instructions.
Download Registered Vendor Survey responses as PDF
Contact vendor directly with specific questions (ie. pricing, capacity, etc)
16 June 2017



As the volume of data being generated about individuals increases, technology is making it ever easier for that data to be transferred, and ever more powerful analysis allows valuable insights to be gained from it. How companies collect, process, and protect data on their customers, staff, and suppliers has turned into one of the biggest debates of our decade.

On the one hand, digitisation brings opportunity: To enhance the customer experience, to drive down costs, and to create new business models that make use of digital assets. On the other, digitisation creates a raft of new threats: whether from competitors, who use their own digital assets to disrupt existing businesses, or from cyber-criminals able to steal or “spoof” digital identities, or from fraudsters who infiltrate the digital economy to perpetrate large scale financial crime.

The General Data Protection Regulation (GDPR), due to come into effect in May 2018, is one of the European Union’s (EU) legislative responses to this development. GDPR sets a common standard for how firms that operate in the EU should protect the personal data of their customers, employees, and suppliers. From 2018 onwards, individuals will have a range of rights that give them greater control over their data (such as famously, the “right to erasure”), while firms will face new obligations (including capturing and recording unambiguous consent for use of personal data).