Only 2% of investment firms are prepared for tough EU data protection legal requirements which come into force in just four weeks.
A survey of over 250 financial firms by governance services provider Cordium and data protection services-provider AmberGate, revealed that over half of firms were unlikely to be compliant with the General Data Protection Regulations (GDPR) before the 25 May.
With time running out, a further third of firms have not even started GDPR preparations.
The GDPR comes into effect in May and introduces a demanding set of data privacy and security requirements on firms, with potential global reach.
Robert Baugh, chief executive officer of AmberGate, said the lack of GDPR preparedness in the industry was “concerning, particularly given the risk of regulatory action and the potential impact to a firm’s reputation”.
He added: “Firms will face growing pressure from an internal governance perspective, from investors, and from regulators likely to take an increasingly firm stance on the issue.”
©2018 funds europe