Customer Data Protection
The Temenos module for the General Data Protection Regulation (GDPR). The GDPR will be enforced in May 2018. Is your financial institution prepared?
GDPR changes the game on personal data protection - read on to get a full briefing of the situation.Read more
The GDPR, which the European Parliament and the Council of the European Union have published to replace the outdated terms of the Data Protection Directive from 1995, directly affects organisations established inside the European Union. Any institution based within the EU must recognise that personal data is to be processed in accordance to the GDPR. However, the scope of the Regulation also extends to businesses established outside of the EU; if they are providing services to, or monitoring the behaviour of individuals within the EU.
A focal point of the GDPR is the ‘processing’ of ‘personal data' such as financial transactions and marketing. The Regulation ensures the lawfulness, accuracy and legitimacy of all personal data that is stored and subsequently processed by businesses. The GDPR tightens a number of ‘rights’ for individuals and allows them to have a greater control over their personal data.
The GDPR will be enforced on 25th May 2018.
Main areas of the GDPR
The Regulation sets out a number of rights for data subjects.
How our solution helps
With the arrival of the GDPR, it is more important than ever to plan for the impact of regulatory rules and design an efficient response. Temenos can assist with our knowledge and experience. Our experience in developing and implementing regulatory solutions at various banks across the globe will benefit our clients; assisting clients to meet regulatory obligations with limited disruption to their business.
Key offerings as part of the Customer Data Protection module in Temenos Products
Temenos aims to provide a system that will assist a company’s capability in maintaining personal data and complying with the Regulation. Enabling the rights of data subjects to be performed in a simple and intuitive way. New functionality will be provided that addresses potential gaps identified in data protection impact assessments our clients may recently have undertaken.
The module will include:
Definition of Personal Data
Temenos functionality allows the bank to set a customisable definition of ‘personal data’ permitting the bank to manage and track such data. A predefined list of applicable fields holding personal data; including name, location data etc. will be provided and can be tailored per client; to be inclusive of company specific or local data that will be affected.
The module will provide a configurable consent management system, allowing different levels and types of consent to be recorded.
The module will enable the logical erasure of personal data which clients can decide is no longer legitimately required to be held from the Temenos system(s).
Customisable reports will be available, their output able to be exported into machine readable formats to satisfy Subject Access Requests, and allow data portability.
Additional functionality will be available to assist regulatory compliant processing; such as exercising objections or restrictions. A Rights Management tool will be provided to log and track ‘rights’ requests made by data subjects.