On May 25th, 2018, the General Data Protection Regulation (GDPR) came into full force impacting any bank in the world that stores or processes personal information on EU citizens.

GDPR, one of the most lobbied regulations in the EU, marks a significant development in the field of data protection law. It mandates banks to undertake a significant amount of change in terms of how they organize their processes, operations and technologies to help meet the stringent requirements that this regulation demands.

With extreme penalties at stake, GDPR poses a massive operational, compliance and technological challenge for banks due to the volume of data and documentation collected, stored and processed on private individuals. 

The date that GDPR came into effect will mark the passing of 23 years since the Data Protection Directive initially took root in 1995. the world has become a more digitalized and globalized place, and our data protection legislation must be strengthened to keep up with these advances.


GDPR - The Key Definitions

  • Consent

    A potential legal basis for processing, and a must-have for marketing purposes. Must be freely given, informed, and given explicitly by statement or action. Silence or inactivity may no longer be relied upon.

  • Data Breach

    A security incident relating to the destruction, misuse or loss of, or accidental or unlawful access to personal information.

  • Data Subject

    A natural person whose data is being processed.

  • Privacy by Design and Default

    GDPR calls for organisations to consider data protection and privacy by design and default, essentially requiring them to include data protection principles from the very beginning of a new project or system design, rather than as an afterthought.



GDPR: A Game Changer for Managing Data & Regulatory Compliance

This paper explores the 10 biggest challenges GDPR may pose with respect to the end-to-end Client Lifecycle Process, spanning compliance, onboarding, data management, client outreach and client offboarding and 8 ways in which banks can implement best practice guidelines.

download the whitepaper

Frequently Asked Questions about GDPR

Our frequently asked questions define the answers to several important questions relating to the General Data Protection and what these changes mean for organisations and individuals.

learn more


  • GDPR in Context: The 6 Legal Bases for Processing

    A legal (or lawful) basis for processing must be satisfied before an organization can process any personal data.

    Read more
  • GDPR in Context: 6 Key Data Protection Principles

    GDPR outlines six principles that organizations need to abide by, outlined in the 1995 directive and revised slightly under GDPR.

    Read more
  • GDPR in Context: 10 Data Subject Rights

    GDPR introduces ten new rights to data subjects. Section 1 provides for some of the transparency requirements placed upon data controllers as they communicate with data subjects.

    Read more