US Firms Not Ready for GDPR04.03.2018 By Rob Daly Editor-at-Large
Time is ticking down for US-based firms to prepare to meet the demands of the EU’s General Data Protection Regulation, which goes into full effect on May 25.
Although firms without a presence in Europe may think that they will not be affected by the regulation, GDPR casts a long shadow, according to David Ross, principal, cybersecurity & IT risk at Baker Tilly, during a recent webcast.
“The EU is the third largest economy behind the US and China,” he said. “Europe is touching your business in some way.”
The regulation’s maximum fine of 20 million euros or 4% of a firm’s global revenue has generated a lot of fear, uncertainty, and doubt within US-based firms.
A poll of the approximately 800 webcast participants found that the majority of their firms (58%) were not compliant but are getting closer while 28% of the respondents said that their firms still had a long way to go. Only 9% of the audience claim their organizations are compliant and 2% of those polled did not know what GDPR is.
The trouble for US-based firms is that GDPR is vague in what it covers, according to Ross.
“The biggest problem is that it is broadly written,” he said. “Usually there is a regulation and the case law that comes from the regulation, but we do not have the case law yet.”
However, Ross expected that most US stakeholders, complying with GDPR would be a 30- to 90-day process depending on the firm.
He also noted that preparing for GDPR is a good warm-up for other data privacy regimes that are in the pipeline.
The UK Parliament is considering a somewhat stricter regulatory framework while Latin American nations are considering adopting GDPR or developing their own version of it, said Ross. “In the US, there are three privacy bills winding their way through Congress, two in the House and one in the Senate.”
Firms can leverage their experience with other privacy-related regulations, such as Privacy Shield, Payment Card Industry Data Security Standard, and Health Insurance Portability and Accountability Act, according to Ross.
“As long as firms can demonstrate they are making progress towards compliance, they should be okay,” he added.
Clients want consolidated data in midst of high volatility and price fluctuations.
Allowing algorithms to control the supply and demand of crypto was challenged by Terra Luna.
The move allows Euronext to fully control and directly manage its core IT infrastructure.
First products will include cash-settled Bitcoin and Ether futures and options.
Morningstar offers more than 25,000 indices calculated across all major asset classes, styles and strategies.