SDL sm FB GDPR Shard Adolfo blog 1200x630

Translating the GDPR Risk into Reality

An Unfolding Landscape

Looking out over the horizon, taking in the spectacular view from The Shard, one of London’s tallest and most iconic buildings, the sheer size and reach of London’s Financial Services (FS) sector is strikingly clear. What’s humbling, however, is realizing that London’s financial landscape is but just one pin on an extensive map of a mammoth industry, spanning every country, and expressed in every language.

Today’s financial industry is facing unprecedented regulatory pressures, not just General Data Protection Regulation (GDPR), but the likes of the second Payment Services Directive (PSD2), designed by countries of the European Union, and the second Markets in Financial Instruments Directive (MiFID II) along with it. Needless to say, the modus operandi for so many Financial Services businesses is having to pivot rather significantly.

With its arrival in May 2018, the GDPR will unilaterally define data protection like no other regulation has done before.  Indeed, the UK’s decision to leave the EU will not affect the commencement of the GDPR, and we can be sure that the new legal framework is mandating rapid compliance for all types of companies, across almost all industries. While none of this should come as a surprise to those who live and breathe finance, there is a critical factor being left out of the discussion when it comes to GDPR: How to secure personally identifiable information (PII) throughout the content and communication supply chain, and in particular, during the content translation process.

Financial Services Requires Expertise 

Aside from the hefty fines (up to 4% of a firm’s annual global turnover), companies (not just in the realm of FS) also face a range of challenges around critical issues such as mandatory explicit permissions, breach notifications, right to access, right to be forgotten, and data portability, amongst many others.

Banks and insurers often assume they are better prepared to respond to the evolving regulation, since they already operate in a highly-regulated environment. The content and communications supply chain, however, is still often overlooked because of its relatively low expenditure within an organization, though ironically, it now opens a company up to the potential for 8-figure financial penalties – enough to wipe out the profit of many organizations.

Risky Business

Companies fail at translation more often than any of us would comfortably like to admit, and it is a significant business problem – often only receiving visibility within an organization as the result of poor publicity or a regulatory fine. A recent data leak involving a free online translation tool highlights the issue. It shows that employees use free tools to translate sensitive information – everything from contracts to termination letters were found online. This demonstrates two key things:

  • “Quick and free" translation services are simply not secure
  • Companies and employees are not fully aware of the risks inherent in translating confidential information online through such portals

In light of the latest GDPR legislation, the fact that financial institutions are unwittingly putting many highly confidential materials at risk – including M&A contracts, passwords and other commercially sensitive documents – is worrying. There is a straightforward solution, and that is to work with a partner who can guarantee you the security you need.

We at SDL pride ourselves on our track record of supporting heavily regulated industries, and we would welcome the opportunity to start a conversation with any organization that is unsure how well they are currently protected – and compliant.