Bank of New York Mellon : Kirsten Mycroft, BNY Mellon Global Chief Privacy Officer on GDPR One Year Later

May 16, 2019

AAA

Kirsten Mycroft, BNY Mellon Global Chief Privacy Officer on GDPR One Year Later

BNY Mellon was recently spotlighted in a Deloitte research study that reported financial services companies were quicker to adapt to the European Union's General Data Protection Regulation (GDPR) compared to companies from other sectors. The report titled, 'After the Dust Settles: How Financial Services are Taking a Sustainable Approach to GDPR Compliance in a New Era for Privacy, One Year On' found financial services companies were better positioned to meet evolving privacy and data protection requirements because it is their mandate to operate in a highly regulated environment.

The research study of data privacy specialists in financial services companies across Europe, features comments from Kirsten Mycroft, Global Chief Privacy Officer, BNY Mellon on how GDPR can help benefit BNY Mellon's business and clients. 'Banks have taken GDPR seriously and implemented meaningful changes to their controls and processes,' said Mycroft. 'Now the focus needs to be on ensuring that these changes are properly embedded into 'business-as-usual', that there is accountability and an effective operating model across the first and second lines of defense.'

Responding to how GDPR can help benefit clients, Mycroft said GDPR 'has offered opportunity to engage with customers and give them the assurance that banks have privacy programs in place.' She added, 'like any of our compliance programs, while they are intended to meet the requirements of a regulation, they are also very much driven by the need for us to maintain customer trust and to meet our customers' and employees' expectations. GDPR compliance strategies need to be customer centric and employee centric to guard against 'tick-box compliance.'

How do companies effectively measure compliance? According to Mycroft, 'companies need to ensure sustainable compliance and weave it into the fabric, into the DNA, of the organization.' Speaking to the importance of internal partnership and collaboration, she added, 'very often there are different silos for data security, data governance, data quality, records management, etc. and to get privacy right you need to be collaborating across all those disciplines, as well as with the business lines, technology, risk, and compliance.' Mycroft concluded, 'effectively protecting client personal information is a team effort.'

Kirsten Mycroft is BNY Mellon's Global Chief Privacy Officer and leads the firm's global Privacy program. She manages a global network of Data Privacy Specialists who work to ensure that BNY Mellon is protecting personal information, considering and mitigating privacy risks throughout the information lifecycle.

• Risk and Regulation
• EXPERT VOICES