Tips for smaller firms on how to apply GDPR

/
Tips for smaller firms on how to apply GDPR

By Patrick O’Kane, lawyer, data protection officer and author of the book GDPR: fix it fast

It has been said that more data is created every two days than was created from the dawn of civilisation until 2003.  We are awash with data. However, there is a new regulation coming into force on 25th May that changes the rules in relation to personal data.   The General Data Protection Regulation (‘GDPR’) has been described as the most important regulation for a generation. The maximum fine for breaching GDPR is 4% of annual turnover or €20 million for smaller companies. The new rules will apply in the UK regardless of Brexit.

Here are five compelling reasons why SMEs urgently need to align their processes with GDPR

Point #1

Read More

Three Entrepreneurial Ideas to Bring to Compliance

/
Three Entrepreneurial Ideas to Bring to Compliance

“Iterative,” “Failing Forward” and “MVP” were unfamiliar phrases for me when I started my company two years ago.  In reading about successful entrepreneurship, I realized that many ideas that help make entrepreneurs successful can also help make compliance officers successful.  Ready to challenge your entrepreneurial self?  Try out these three ideas.

1.     Iterative

“Iterative” is defined by the Cambridge Dictionary as, “doing something again and again, usually to improve it.”  When one takes an iterative approach, it means that the original version doesn’t have to be perfect.  In fact, the first version may not even be terribly good.  Instead, it serves as a place to start. 

Read More

The Changing Tone at the VERY, VERY Top

/
The Changing Tone at the VERY, VERY Top

Last week, former President of South Korea, Park Geun-hye, was sentenced to 24 years in prison for her involvement in a corruption scandal.[1]  The year before, former president Luiz Inácio Lula da Silva, of Brazil, was sentenced to 12 years for corruption. He was convicted of receiving a renovated beachfront apartment worth some 3.7m reais ($1.1 million), as a bribe from an engineering firm.[2]  Former President of France, Nicolas Sarkozy, is facing charges of corruption and influence peddling. Sarkozy is already under investigation for alleged bribe-taking from Libyan sources in the 2007 French general election.[3] The world is changing, and it is changing fast. 

When I started in compliance over a decade ago, people would routinely say, “that’s how it’s done overseas,” or, “everyone knows the only way to get government business is to give bribes.”  The tipping point has come, and anyone not noticing will get swept up in the change.

What’s happened?  For starters:

Read More

What to do when they WON'T LISTEN!

/
What to do when they WON'T LISTEN!

Sometimes, no matter what you do or how persuasively you try, the answer is simply no.  Perhaps you know that the company’s current due diligence process is deeply underfunded and therefore not picking up risks that should be caught.  Perhaps you’ve tried to convince the Board that they should invest in measures so that the company can be compliant with the new European General Data Protection Regulation.  Perhaps you’ve written three reports detailing the need for sanctions screening software, but are still left with an Excel sheet and no capacity to reliably screen for customers that might be sanctioned bodies.  When this happens, try these three reactions:

Read More