Time is ticking down for US-based firms to prepare to meet the demands of the EU’s General Data Protection Regulation, which goes into full effect on May 25.
Although firms without a presence in Europe may think that they will not be affected by the regulation, GDPR casts a long shadow, according to David Ross, principal, cybersecurity & IT risk at Baker Tilly, during a recent webcast.
“The EU is the third largest economy behind the US and China,” he said. “Europe is touching your business in some way.”
The regulation’s maximum fine of 20 million euros or 4% of a firm’s global revenue has generated a lot of fear, uncertainty, and doubt within US-based firms.
A poll of the approximately 800 webcast participants found that the majority of their firms (58%) were not compliant but are getting closer while 28% of the respondents said that their firms still had a long way to go. Only 9% of the audience claim their organizations are compliant and 2% of those polled did not know what GDPR is.
The trouble for US-based firms is that GDPR is vague in what it covers, according to Ross.
“The biggest problem is that it is broadly written,” he said. “Usually there is a regulation and the case law that comes from the regulation, but we do not have the case law yet.”
However, Ross expected that most US stakeholders, complying with GDPR would be a 30- to 90-day process depending on the firm.
He also noted that preparing for GDPR is a good warm-up for other data privacy regimes that are in the pipeline.
The UK Parliament is considering a somewhat stricter regulatory framework while Latin American nations are considering adopting GDPR or developing their own version of it, said Ross. “In the US, there are three privacy bills winding their way through Congress, two in the House and one in the Senate.”
Firms can leverage their experience with other privacy-related regulations, such as Privacy Shield, Payment Card Industry Data Security Standard, and Health Insurance Portability and Accountability Act, according to Ross.
“As long as firms can demonstrate they are making progress towards compliance, they should be okay,” he added.
NEWSLETTER SIGN UP
And receive exclusive articles on securities markets
The capital markets media outlet @marketsmedia covered Chainlink x ICE today
ICE, Chainlink to Bring FX & Precious Metals Data Onchain
“Marks a significant milestone on the pathway towards the mainstream adoption of onchain finance.”
Markets Media caught up with Kevin Duggan, Senior Managing Director of Beta and Global Trading at OTPP.
What's your biggest trading tech frustration? 🤔
Celebrating women shaping European finance
European Women in Finance Awards deadline is Aug 23
#WomeninFinance #Finance #WIF
Nominate here: https://www.jotform.com/form/250276204100339
Related articles
-
Data blind spots, specifically in private companies, have created challenges for institutions.
-
Brokers want to focus on adding value, rather than collecting and cleaning data.
-
This unlocks a new era of advanced financial products by bringing capital markets data onchain.
-
ICE Climate unifies spatial intelligence and nature exposure analytics in one platform.
-
Capturing a broader pool of market liquidity enhances the FX benchmark.
We're Enhancing Your Experience with Smart Technology
We've updated our Terms & Conditions and Privacy Policy to introduce AI tools that will personalize your content, improve our market analysis, and deliver more relevant insights.These changes take effect on Aug 25, 2025.
Your data remains protected—we're simply using smart technology to serve you better. [Review Full Terms] | [Review Privacy Policy] By continuing to use our services after Aug 25, 2025, you agree to these updates.
