GDPR, (General Data Protection Regulation) the four lettered word that has invited a hailstorm all across businesses, society, judiciary and in the consumer’s mind, assumes a level of fervor for the world of finance like it does for no other business.
While financial institutions have always been at the forefront of protecting data and ensuring security for the trillions of private data points floating over the internet highway, the current debate takes scrutiny of several security issues at a level of microscopy like never before.
GDPR: The Clear and Ever-present Impact
For long, the end-consumer has been at the receiving end of any security breach or malfeasance. The new measure is intended to strengthen and unify data protection, thus allowing consumers to pressurize financial institutions to provide for better safeguards, hold businesses accountable for security breaches and facilitate financial redressal mechanism.
According to the gdpr.report, “If businesses fall victim to a cyber security attack, and a data breach occurs, they may face a heavy fine of up to 4% of their total global annual revenue or €20 million (whichever is greater)”.
While the GDPR is specific to the European Union, in a smart, inter-connected and globalized world, the implications of this landmark pronouncement impact more or less everyone on the value chain of consumer requirement to delivery. Consumers could be remitting huge amounts of money to their relatives or merchants over mobile via an African telecom operator with a banking license. Is the telecom operator by virtue of not being in the EU free from the implications of the GDPR?
It is not far that similar regulations are adopted across globally, because banking standards, like telecom and airlines, are clearly global.
Irrespective of the newly adopted GDPR regulations, protecting consumer data simply is good business.
Multifaceted: Consumer servicing, Internal or External
Financial institutions have multiple loopholes and vulnerability zones, right from collection of data for marketing to data for processing banking and financial services and finally repeating the process for re/cross-selling.
Security breaches can happen from external sources through cyber-criminals with tools of DDoS attacks, malware, phishing, to get what they want, leaving companies exposed and damaged.
Low-tech breaches and malfeasance can also happen with paper and pen processes or internal policy and compliances compromise or from a simple access to the network or a physical banking end-point device.
A Strong Secure Foundation
At OBOPAY, powering 11% of the global mobile money transactions comes with looking at security from a very rigorous point of staying one step ahead of the bad guys, transaction over transaction over transaction.
Critical to this confidence is deploying not just the industry best practices in Information Security but also innovating in systems, processes and technology. So, at the base and foundation are:
Staying Confident with Evolys
At the innovation front, we deploy Evolys which has real time event monitoring (REM) capacity where the administrator can define thresholds and monitor the same.
In case of a discrepancy (say the administrator has defined 5 transactions in a month for the particular user and the user crosses the limit), an alert is be sent via email to the concerned authority.
Rebooting Consumer Relationships?
Information Security and consumer protection with or without the GDPR guidance are critical to all financial relationships between consumers (individual, retail, institutional) and providers of products, instruments and services.
For institutions that have strived hard to protect the consumer it is only a natural progression and evolution to strengthen the core premise – ‘trust’ and not necessarily a knee-jerk reboot.
Stay confident with OBOPAY.