On May 25, 2018, GDPR went into effect in the US, significantly impacting how companies provide services and handle personal information. These regulations heavily impact companies in the US who have to implement and adapt systems to ensure privacy measures. In a perfect world, every company should have a CPO, CISO, or other privacy experts to take the lead on this huge endeavor. Unfortunately, I’ve seen a lot of companies go without these positions, leaving financial professionals to pick up the slack. In my opinion, CFOs and senior financial leadership are the best drivers for compliance with GDPR and its rollout. Bringing strategy, business acumen, and cross-functional understanding, they can ensure the right measures are put in place.
How Does GDPR Affect Companies?
Companies in violation are now subject to fines of 4% of their worldwide revenue or $20 million, whichever is greater. This is a huge impact on the bottom line, and businesses are affected by GDPR even if they don’t have operations in the EU.
For example, the “right to be forgotten” clause allows subjects to tell companies to delete their personal data, and it applies to any resident of the EU internationally. This now leaves businesses with the challenge of assessing where their data is stored, how it is used, when it can be utilized for marketing/financial analysis, and a list of other questions.
Financial Leaders Needed
Since CFOs and Senior Financial Leaders have experience in cross-organizational (and many times multi-industry) management, they are pivotal in partnering with legal, IT, and audit teams to develop a strategy with the correct controls. Taking that a step further, these financial professionals also have an ability to execute this strategy, as they have typically worked with internal control and ERP implementations.
With a strong understanding of “the numbers,” senior financial leaders can also create and analyze metrics to ensure controls, aligning these metrics with the budget.
Financial Leaders can bridge communication to quickly and effectively to put the correct changes in place. I believe that they have a thorough understanding of risk assessment and allocation of resources to ensure compliance is being met in alignment with the company’s goals.
GDPR is causing a major shift in the market, and as companies invest millions of dollars to ensure compliance, it calls for the right leaders to guarantee success. I feel that in the absence of proper privacy officials, the right people to lead this charge are the Senior Financial Leaders within the organization, bringing their unique knowledge and experience to the table.
ICS specializes in Accounting & Finance, Information Technology, Corporate Support and Legal &Compliance; as the market continues to change, we can help you find talented financial leaders and professionals that can help. Call us today.