Many businesses in the United Kingdom will still be responsible for complying with recently introduced European Union data protection rules despite the UK’s historic vote to leave the EU, a decision dubbed “Brexit” (British exit).
UK businesses will be subject to the upcoming General Data Protection Regulation (GDPR) that goes into effect in April 2018.
As they try to figure out what happens next, compliance officers can best help their companies by remaining level-headed and calm and advising business leaders not to make any snap decisions until the situation becomes clearer, says Louis A. Sapirman, associate general counsel and Chief Compliance Officer at Dun & Bradstreet, in a blog post by Ben DiPietro in the Wall Street Journal’s Morning Risk Report.
Suki Dhuphar, managing director for EMEA at Lavastorm, tells DiPietro that to stay ahead of the expected changes in existing regulations due to Brexit, companies must quickly adopt an agile ETL approach to their analytics workflow.
An agile ETL and analytics approach lets analysts rapidly pull data from disparate sources and create reusable analytical assessments that are flexible and can be easily changed, according to Dhuphar.
“For example, a company might build an analytic application now to ensure compliance with the EU General Data Protection Regulation, realizing that requirements will likely change over the next few years due to Brexit,” Dhuphar notes. “Regardless of those changes, that company will have all the data it needs to provide quick answers when auditors come knocking.”
Compliance teams also have to look at how strong the culture and risk-assessment processes are in their companies’ UK units, and be prepared to handle any decisions that could relocate those UK operations, says Sapirman.
But the companies that can’t or don’t want to wait and see what happens have to ask where the regulatory regimes in which they have the most confidence are located, he adds.
From the UK regulatory perspective, regulators are all too aware that business may very well leave the country, according to Sapirman.
“I would expect that UK regulatory bodies will take whatever actions are necessary to keeping operations in the UK as easy as possible,” he says.