John Byrne, CEO, Corlytics: “It won’t be all about GDPR in 2019. We expect more stringent data security requirements to come into force all around the world – most notably in the state of New York, which is currently out of step. There will of course also be big preparations for the California Consumer Privacy Act which comes into force in 2020.
“In addition to the proliferation of new rules and regulations, cyberattacks on financial services firms jumped over 70% in 2017, putting data privacy firmly on the agenda at board level. This led to greater identification of breaches that otherwise might not have been found and, importantly, reporting of those breaches to regulators. In 2017/18, the number of cyberattacks against FS firms reported to the FCA rose by more than 80%.
“A focus on bringing in consistent global standards will help the industry be more trusted and more transparent. But this does put pressure on large organisations to keep pace and manage compliance costs, which now add up to between 5 and 10 per cent of revenue. The focus for these firms in 2019 needs to be using technology to reduce regtech overheads and improve outcomes with stakeholders.”