Many businesses don’t yet have a handle on their regulatory requirements and responsibilities associated with GDPR, according to ID-Pal CEO James O’Toole.
With ID-Pal providing a digital KYC solution that enables businesses to verify their client’s identity, the company is keeping close tabs on the EU General Data Protection Regulation (GDPR).
O’Toole told RegTech Analyst, “GDPR is of critical importance to our solutions, given the sensitive nature of customer information that is being dealt with. Many businesses are still struggling to get a proper handle on their requirements and responsibilities arising from this far reaching regulation. This complexity creates a massive opportunity for RegTech firms such as ourselves to simplify the compliance process so that businesses can focus more attention on their core capabilities.”
GDPR, which will come into force on the 25th May 2018, will impact every business that processes or collects data from EU citizens. Failure to meet the regulatory requirements could result in significant penalties of up to €20m or 4% of global annual turnover
“Helping stakeholders establish and maintain trust with one another is a key plank of our mission. Businesses need to trust that their customers are whom they say they are… Customers need to trust that businesses will keep their personal information secure and private… which is why we have added a DPO and CISO to our team and formed a strategic partnership with cybersecurity and data privacy experts ISAS to ensure best practice is baked into every aspect of our end-to-end solution.”
Another regulation the KYC provider is getting tabs on is The Second Payment Services Directive (PSD2) according to O’Toole. PSD2 requires banks to open their payments infrastructure and customer data assets to third parties that can then develop payments and information services to customers. However, while the regulation will have huge implications on the financial services space, it is still unclear what the exact impact will be once the dust settles according to O’Toole.
“PSD2 is a very interesting one. There are many diverse opinions as to how the changing dynamics of open banking will impact industry players,” he said. “But in terms of ID-Pal, the regulation requires Payment Service Providers to provide strong customer authentication for senders who initiate electronic payments…which is perhaps why we’ve been getting the traction we have been from the payments industry more recently.”
With the industry moving faster than regulation can keep pace with, regulators are making greater efforts to ensure they understand the technologies which are now available in the marketplace. Regulators are also looking to provide more clarity around cloud and blockchain based offerings, as well as provide access to innovation support structures such as sandboxes and safe harbours according to O’Toole.
Read the full Interview on RegTech Analyst