Data Protection

Data Risk Solutions are supporting a leading Insurer within their Data Protection function through the creation and implementation of key GDPR artefacts. We are helping to ensure the business is complying with the Data Protection requirements; specifically, the role has involved:

  • Providing an assessment of compliance with the GDPR and DPA 2018 requirements providing a report listing areas of remediation and their regulatory significance.
  • Reviewing Cookies used across all Group websites and making updates to the Cookie Policy and online Banner in line with the transparency requirements of the GDPR.
  • Developing data flow diagrams which provided the business with a view of processes that involved personal information and developing controls to ensure these processes are managed in line with Risk Appetite.
  • Managing the roll-out of the Data Stewardship Model across key business functions such as Human Resources.

Data Governance

Data Risk Solutions are currently engaged as Data Governance & Assurance workstream leads at a large Financial Institution undergoing a complex Finance Transformation Programme.

The team are responsible for:

  • Managing weekly data governance meetings with senior internal stakeholders and external suppliers.
  • Helping to support regulatory reporting on how the Programme has managed business and customer impact from data migrations.
  • Leading data quality analysis work.
  • Ensuring appropriate controls are in place to protect Customer Personal and Sensitive data.

Regulatory Compliance

Operational Data support on an Interest Rate Derivatives (IRD) Remediation programme for a leading Financial Institution, a complex and very highly visible engagement. As Operational Data Lead, responsibility included:

  • Agreeing the mechanism on how an appropriate audit trail for changes to original Operational Data could be evidenced; whilst helping to ensure that customers were being treated fairly throughout the review.
  • Ability to track the progress of each customer along the Remediation (re-dress) process which was of huge importance to the programme leadership as they needed to provide regular updates to the regulator on the status of the Redress exercise.

Data Quality

The firms’ leadership team supported a regulatory review at a global insurer firm to provide an assessment, to the PRA, on the firm’s:

  • IT environment (data flows, risks, controls).
  • Data quality assessments (process, completeness, validity, etc.). The work included assessing the operational data validations for information used within the Solvency II Internal Model and an independent data quality assessment.
  • Data Governance – Board and Executive levels.