Addressing a Global Organization’s Data Governance Practices
Data security is becoming an increasingly urgent problem for the fintech industry. Recent research has shown that nearly a quarter of phishing attacks worldwide target financial institutions, and the average cost of a data breach at a financial institution is almost $6 million. A core element of cybersecurity for any business is data privacy: protecting the privacy of the company’s own data, and – crucially – the privacy of its customers’ data. For businesses, protecting customers’ data is a legal requirement; for customers, knowing that their personal information won’t be misused or stolen is key to developing the confidence needed to become a regular and loyal client.
A successful US-based global fintech organization recently found itself in need of help complying with privacy regulations. This firm operates in many countries, and had many different requirements it needed to fulfill. But it faced a basic problem: Where to begin? The company brought in a Kalles Group consultant with regulatory, compliance and security expertise to provide support for “must-do” privacy requirements, and help lay the groundwork for a mature privacy program. In carrying out the evaluation, the consultant found the company was in need of a comprehensive data governance policy – meaning rules for how an organization stores, uses and manages all the data it collects. With the Governance, Risk, and Compliance (GRC) team's partnership, the consultant designed a governance policy that gave this organization a much better understanding of how to bring its practices into compliance with regulations.
A core element of cybersecurity for any business is data privacy: protecting the privacy of the company’s own data, and – crucially – the privacy of its customers’ data.
This fintech firm is in a much better position to determine where it stands, in terms of meeting regulatory requirements around data privacy, and is on track to developing the policies needed for compliance with privacy laws. After laying down an actionable data governance framework, Kalles Group began partnering with the organization on the next phase: life cycle management for policies across the organization.