Category: Ethics

Ethics GDPR Information Governance Privacy Professional Development

UPCOMING PRIVACY WORKSHOP IN LA 7/31: Leveraging a GDPR Compliance Investment for CCPA / Privacy By Design

By Rafael Moscatel, CIPM, CRM, IGP on

UPDATE: Presentation Slides Included Below

ARMA-GLA Summer Spotlight Workshop

LEVERAGING A GDPR COMPLIANCE INVESTMENT FOR CCPA / PRIVACY BY DESIGN WORKSHOP

Part I – Join European attorneys and privacy compliance experts from Brussels based law firm Ethikos to learn how to leverage GDPR compliance investments for California’s new Consumer Privacy Act. In this presentation they’ll review key data protection concepts and privacy by design strategies already in place across the EU and explain how they’re now spreading throughout the United States. Find out what you need to know about the rules of transferring data and records internationally, PII records retention requirements, rules for managing content on customer facing websites and the impact of these new records management guidelines in contract negotiations.

SELECT THE LINK BELOW TO VIEW THE WHOLE  PRESENTATION.

ETH-CAPP-2019-LA-PbD

Part II – Meet solutions engineers from Active Navigation who will show you real world examples of how state of the art privacy software helps apply concepts and rules from GDPR and CCPA directly into an information lifecycle program. Learn about machine learning classification, consent validation, uncovering dark data and many more intricacies of implementing a privacy framework as part of your Information Governance roadmap.

Presenters

Miguel Mairlot, Ethikos Law Firm, Brussels

Miguel Mairlot is a trusted compliance expert, with significant breadth of experience across Europe. He provides clients with advice and support on all aspects of their compliance program. His areas of expertise include Asset Management, Wealth and Insurance businesses to cover cross-border regulatory issues, risk management, contractual documentation and product development, advising and influencing senior stakeholders at executive committee level, enabling them to meet their responsibilities across a range of group policies and local requirements, including MiFID II, GDPR, AML, ABC and Sanctions. Before Ethikos, Miguel has worked for prestigious international law firms and financial institutions as Head of Compliance. Miguel speaks English, French, Dutch and is a Certified Compliance Officer (Febelfin Academy) since 2013 and a Data Protection Officer. He has written and spoken widely on compliance and financial law topics and teaches at the Cooremans Institute. He also serves on the Editorial Board of “la Revue de Droit Bancaire et Financier”.

Posted in: , ,
No comments
Artificial Intelligence Ethics Information Governance Privacy

20 Years After Google: In Search of a Better Way to Search

By Rafael Moscatel, CIPM, CRM, IGP on

From its inception the internet has always been about search…. searching for that answer, that perfect example, that one you love? But search has also changed the way we think about information, about primary sources and really about each other in wildly different ways that aren’t always, well….helpful.

In the wrong data steward’s hands the integrity of our records and information, both in the style and context in which it is delivered, can be easily and unfairly distorted. This has worsened over time and is horrifying when you consider the extent of “deep fakes,” “fake news” and other purposeful misleading propaganda being spread. A trend towards misinformation and bias is clearly what has happened over time with Google’s search results and it’s having disastrous unintended consequences on the pursuit and preservation of knowledge, wisdom and the humanities around the entire world.

With exciting new A.I. tools like Alexa and Siri becoming commonplace, search has entered a second renaissance and results have even more power to shape hearts and minds. Yet nobody, no one monopoly, should be in the business of brokering access to facts or opinions.

We need new tools that deliver intelligent results that protect the privacy of its users and promote resources which enrich our lives, communities and world around us without exploiting our vulnerabilities.

With proper regulation of monopolies like Google there’s going to be a better way to find what you “need” without being subtly persuaded how to believe and incessantly pestered about what you should “want” along the way. In other words, a return to search that offers a wealth of information minus manipulation.

True search results should provide access to knowledge you can rely on for personal, professional and academic growth. A search engine should steer you away from groupthink and encourage critical thinking, not bully you into becoming a “follower.” We need independent thinkers to reclaim their independence as information consumers, as teachers and students, as citizens, as moms, dads, brothers, sisters and yes, even as politicians. After all, the internet has the power to be the great equalizer in spreading knowledge. But that knowledge can only bring light to our present darkness if it can shine through the praetorian ideologues that have begun to guard its boundless prism.

Google was perfect for its time and helped both connect and open the world to itself. Yet now, as our collective tastes become more refined, we realize our search time is equally as valuable as increasingly for-profit algorithms. Rather than wasting another moment sifting through information curated through a corporate or political filter, knowledge seekers should demand to be able to create their own!

We deserve new tools that deliver intelligent results that protect the privacy of its users and promote resources which enrich our lives, communities and world around us without exploiting our vulnerabilities.

Posted in:
No comments
Business Processes Ethics Information Governance Information Technology Interview Privacy

Establishing a Framework to Sustain the Coming IoT Tsunami – An Interview with Priya Keshav of Meru Data

By Rafael Moscatel, CIPM, CRM, IGP on

Establishing a Framework to Sustain the Coming IoT Tsunami – An Interview with Priya Keshav of Meru Data

Ninth in a series of in-depth interviews with innovators and leaders in the fields of Risk, Compliance and Information Governance across the globe.

Priya Keshav is the founder and CEO of Meru Data LLC, a software company focused on building solutions that simplify and achieve corporate information governance goals. Prior to Meru, she was the leader of KPMG’s Forensic Technology Services Practice in the Southwest United States. She received her MBA from University of Florida’s Warrington College of Business Administration. I had the chance to sit down with her this January and discuss IG, the Internet of Things, consulting, and software development.

Priya, you’ve written extensively, often in collaboration with thought leaders in IG including Jason Baron, about the enormous ethical questions emerging from IoT. Do you think there is yet a universal, cross-industry awareness of these challenges or are business drivers in this area primarily the result of European or US regulatory pressures?

I think there is universal recognition that the use of IoT will bring unique challenges and ethical questions. However, I would not call this universal awareness or understanding at this point. The use of IoT is rapidly increasing, the solutions being developed are integrating multiple industries and we are just scratching the surface of what is possible with IoT. I think today, we are at a point where we recognize that some unique challenges are going to arise. I do not believe we have fully understood the nature of these challenges, especially as the uses and applications for IoT are rapidly evolving.

Both industry and regulators are at the same point – thinking about appropriate frameworks for discussing and addressing these challenges. I don’t believe regulatory pressures from either Europe or the US are the primary drivers for the growing awareness. It does seem regulators have more of a focus on the challenges while the industry focus is more around creating newer solutions. There are multiple efforts underway to understand challenges with IoT, driven by both industry and regulatory interest. However, I do not think this is primarily due to regulatory pressure. There is regulatory interest that has industry taking notice but even the industry is realizing the need to manage the unique challenges from the use of IoT. Existing regulations like the GDPR, COPA etc. obviously would apply to IoT. There is increased scrutiny and regulations around data privacy and security in general and that might look like there is increased regulation around IoT. However, there are very few IoT specific regulations like the California SB327.

Regulatory efforts around IoT to date have been more guidelines focused and have tried to not slow down the uptake of IoT. Examples include the recently issued NIST draft report on IoT cyber security standards that provides a great discussion of how risks from IoT are unique and how organizations could adapt their policies to handle this. There have also been integrated efforts with working groups to review existing IoT security standards and initiatives in the US (by the National Telecommunication and Information Administration) and in Europe (Working Group 3 formed by Alliance for Internet of Things Innovation). Other agencies like the the Consumer Products Safety Commission and the FTC have also been gathering comments on their roles in regulating IoT.

With the Meru Data platform, you’ve strived to develop a functional and reporting tool that simplifies and sustains data governance programs for your customers. Is most software today built around policy frameworks, such as FINRA compliance or privacy-by-design, and are these types of approaches even feasible amidst shifting customer wants and seemingly prescriptive laws like GDPR?

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: , , ,
No comments
Artificial Intelligence Data Governance Ethics Information Governance Information Technology Professional Development

Book Review: Infonomics – How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage by Douglas B. Laney

By Rafael Moscatel, CIPM, CRM, IGP on

Are CFO’s finally ready to heed the advice of their Chief Data Officers and begin adding information assets to the balance sheet?

Although the commonly used quote “There is nothing more powerful than an idea whose time has come.” is regularly and erroneously misattributed to Victor Hugo, originating from his account of the French coup d’état of 1851 that brought Napoleon III to power, I feel it’s almost appropriate for Douglas B. Laney’s passionate argument on Infonomics. It’s an idea he’s been meticulously developing and arguing for almost two decades and has at last fully articulated in his latest book published by Taylor & Francis entitled Infonomics: How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage. Laney previously published his thoughts on Infonomics in Forbes back in 2012.

This brilliantly researched book, supported by industry giant Gartner, is steeped in both a mastery of information technology as well as economics, in particular accounting methodology and complementing business disciplines that range from supply chain economics to compliance frameworks.

Laney, with brevity and unfailing pragmatism, weaves his impressive understanding of the business of information, it’s flow and it’s enormous potential into a convincing pleading that I believe is a must read for not just the aspiring digerati, but any CFO, Chief Data Officer or executive hoping to survive and thrive in the Information Age.

Continue reading “Book Review: Infonomics – How to Monetize, Manage, and Measure Information As An Asset For Competitive Advantage by Douglas B. Laney”

Posted in: ,
No comments
Data Governance Ethics GDPR Information Governance Privacy

The Olympics of Privacy in Brussels!

By Rafael Moscatel, CIPM, CRM, IGP on

Debating Ethics: Dignity and Respect in Data Driven Life, the 40th Annual Conference of Data Protection and Privacy Commissioners

Two Americans walk into a EU Privacy Conference…

Just a few weeks ago, a colleague reached out and reminded me “the Olympics of Privacy” were being held at the EU Parliament in Brussels in late October, and also if I’d like to attend. Well, how the heck am I supposed to turn down an invitation like that? After all, this is the year of GDPR, the NYDFS, the new California Privacy legislation and the ICDPPC has leaders like Mark ZuckerbergSundar Pichai, Tim-Berners Lee, Jagdish Singh Khehar and even the King of Spain all lining up to share their thoughts.

We want to stimulate an honest and informed discussion about what digital technology has done and is doing to do to us as individuals and as societies, and to consider future scenarios. We want to better understand the impact of technology on people of all generations, in all parts of the world, including the way people think, interact with others, develop their opinions, create art and write, how they buy and sell and how they participate in civic life.  – Privacy Conference Statement

Mark and Sundar are likely showing up because they realize the stiff penalties now associated with data security and privacy violations and the rest of the speakers realize that we are on the cusp of a digital and ethical revolution of sorts, one which will affect generations to come. In fact, Debating Ethics: Dignity and Respect in Data Driven Life is probably the most important privacy conference of the 21st century. My wife Abby Moscatel, an attorney and ethicist heard about this lineup and quickly said, yeah… I’m coming with you to this one!

Continue reading “The Olympics of Privacy in Brussels!”

Posted in: ,
No comments
Archives Ethics

Congratulations to Manual Arts High Eleanor Moscatel Scholarship Winner Nicky Lopez!

By Rafael Moscatel, CIPM, CRM, IGP on
Manual Arts High School

Eleanor Moscatel and a classmate practicing archery, circa 1950s
Eleanor Moscatel and a Manual Arts High classmate practicing archery, circa 1950s

Congratulations 2018 Scholarship Recipient Nicky Lopez!

This annual academic scholarship was established in honor of Eleanor Moscatel, a graduate of the Manual Arts High School Class of 1949. Her multifaceted and successful career, from Actress to Entrepreneur and Real Estate Maven spans seven decades and includes important cultural and social service contributions to both the city and the people of Los Angeles. Her story is one of education, experience, patience and self-reliance. Essays were judged based on sincerity and clarity of thought and seeks to reward students who not only believe in self-reliance, but also can articulate in 500 to 1000 words, an experience in their lives where one door of opportunity may have closed but where another one opened because of their perseverance and commitment to a goal. Congratulations again Nicky and good luck on your academic and life journey!

No comments
Archives Data Governance Ethics GDPR Information Governance Information Technology Privacy

You Think You Don’t Know Enough About GDPR? You Are Right and Here’s How

By Rafael Moscatel, CIPM, CRM, IGP on

The EU has taken the first step in protecting the data and privacy of its residents. Through the enactment of the General Data Protection Regulation (GDPR), people are now able to have the protection they are looking for online. This means changes for businesses everywhere that are planning to reach consumers in the EU.

Companies need to look at the way that they are handling the personal data of their customers and have an action plan in place to ensure their privacy is protected. Without a strong understanding of what the GDPR means and how it affects your business, you could find yourself in a situation with the EU that you didn’t count on.

Fifteen members of Forbes Technology Council discuss some of the more unexpected consequences of the new GDPR regulation. Here’s what they had to say:

1. Restriction Of Privacy And Innovation

GDPR is the latest version of Y2K compliance — long on speculation and fear, short on reality. In my opinion, regional enforcement of global technology is an impossibility and will restrict — not enhance — privacy, freedom and innovation. The result will be regions of non-compliance (GDPR havens), enormous expense and uncertainty. – Wayne LonsteinVFT Solutions

2. Roadblocks For Blockchain Data Storage

GDPR could impact the decisions and data sets being stored and collected in emerging private and public blockchains. This may create roadblocks for companies looking to embrace blockchain to store any data that may fall under GDPR. – Aaron VickCicayda

3. Opt-In Fatigue

One of the most unexpected consequences of GDPR is the wave of new regulations in jurisdictions outside of Europe, including California, New York and perhaps soon in Asia. Another unintended impact is “check the box” fatigue where opt-in consent language is presented so frequently on websites and apps that consumers don’t read the consents and just check the box, waiving their privacy rights. – Silvio Tavares, CardLinx Association

4. Poor Customer Service

One GDPR byproduct distortion or unintended consequence is excessive regulation leading to poor customer service. The pendulum has swung too far and will be moderated by citizen feedback. – Jeff BellLegalShield

5. Small Businesses Getting Hurt

The companies that are best prepared for GDPR are the big ones: Facebook, Google, Amazon — those that have the money to pour into their tech and legal teams for ultimate compliance. The small and medium-sized businesses, however, may be less prepared, making them more vulnerable to potential fines and penalties. – Thomas GriffinOptinMonster

6. The Slow Death Of Free Services

If a service is free, then your data is the product. We all love using Facebook, YouTube and the many other social media platforms. However, we fail to realize how these businesses operate. If regulations strangle business, then the alternative is a paid model. Just look at YouTube and how it’s strugglingwith its paid subscriptions. – Daniel Hindi, BuildFire

7. Talk About Similar Regulation In The U.S.

The most unintended consequence has been the multitudes of discussions about a similar impending regulation in the U.S. In fact, reading between the lines of Facebook’s testimony to Congress, it is clear to me that tech leaders realize more care ought to be given to sensitive data, and users should have more rights. They are preparing for coming regulation stateside. – Michael RoytmanKenna Security

Read more on Forbes:

https://www.forbes.com/sites/forbestechcouncil/2018/08/15/15-unexpected-consequences-of-gdpr/#2ce5537f94ad 

 

Posted in: ,
No comments
Archives Ethics Professional Development

3 Timeless Business Lessons from a Real Life Superwoman

By Rafael Moscatel, CIPM, CRM, IGP on

Eleanor Moscatel in Superman
The Adventures of Superman (upper right, Eleanor Moscatel)

My Mother is 86 and doesn’t have a LinkedIn profile. But if she ever did, her headline would read something like… “Former ingenue, entrepreneur, dreamer, and the rest is none of your damn business, honey.” But to those who’ve had the privilege to know her over the decades her mantra has always been, quite simply, to treat everybody with dignity!

Here are 3 timeless business lessons she’s taught me to go along with that mantra.

3. The worst “they” can say is “no.” – Opportunities were not exactly flowing in depression-era Los Angeles, but that didn’t stop one young lady from putting herself out there. She helped my father through chiropractic school by working long hours as a Hollywood extra throughout the 50’s and 60’s. Though never quite achieving stardom she knocked on enough doors to get a lot of work, save some seed money and establish relationships that would eventually transform her life. Mom leveraged her new, tough shell to find opportunities, sell her strengths and laugh off rejection.  “It’s no big deal,” she constantly told me as a kid. At the end of the day you should never be afraid to ask for what you want because the absolute worst “they” can say is no. And you still get to keep your dignity.

2. Get everything in writing. – Unurprisingly, Mom had to learn this lesson like most of us… the hard way. This was the mid-century after all and commonplace to make agreements on a handshake. But it only took a few rotten deals for her to realize that keeping good records was key to helping a business stay on track and prospering. Putting it in writing lets the other person know that you need to be, and you will be, treated with dignity.

1. Don’t burn your bridges. – The keyword in the old adage that you can’t make a lot of money without making a few enemies is few. Just as one door opens and another closes, Mom never wanted to find herself in a new room with an old enemy. By treating everybody with dignity she managed to avoid burning many bridges. And for every bridge she burned, she’s probably built a thousand more. When a job or a deal doesn’t go your way, take the high road and don’t make it personal. You never know what the future brings or who might be bringing it.

scan_20150704-15.jpg

Mom’s success, not just in business, but among the people she calls colleagues, friends and family is based on dignity. And while there were many times in her life where she was unfairly treated, put at a disadvantage and rejected, she never forgot that. I guess that’s why I never had much of a problem following the 5th Commandment. Anybody remember that one?

No comments
Business Processes Ethics Information Technology Privacy

Digital Bondage and the Fallacy Of Work-Life Integration

By Rafael Moscatel, CIPM, CRM, IGP on

Forget your elder’s sage advice on maintaining a good work-life balance. There’s a new patently absurd approach (promoted here by the time-strapped PhD’s at Berkeley Haas), and it’s spreading like wildfire throughout the business world. They call it… “Work-Life Integration!”

Digital Bondage

The term “Work-Life Integration” is so misleading because at this point we’re all enduring an increasing degree of overlap between our personal and professional lives. It may be sold to us as “convenience” but much of it is not exactly “optional.” This obsessive and all-in-one approach to time-management ends up usurping the little personal, spontaneous and family time we still have left.

It reminds me a little of Chris Rock’s famous bit on “Job v. Career.”

But not everybody is as fortunate as Chris and there’s a bigger impact to his lifestyle than he’s letting on in the above clip. And so “Work-Life Integration” also makes me think about Cecil DeMille’s classic The Ten Commandments and the famous scene where a worker is about to be trampled by a giant stone moved by “her colleagues.” Moses’ character, played by Charlton Heston, comes down from his managerial pedestal to save the poor soul, who later turns out is his own Mother! It’s a metaphor for how easily, often and unfairly, we as society, put work before family, friends and for believers, even God. And when it negatively impacts others it is arguably immoral.

I was most recently educated on this 24/7 mindset by an executive who boasted, “Say I’m on flight to Hawaii with my family for the weekend, and I’ve got to approve a purchase order for half-a-million. I can do it right here from my iPhone!” Well, that’s nice, but it highlights the disconnect between those who literally have the world at their fingertips and those who get interrupted with email from their boss on the weekends. The same technology fix that feeds the workaholic is now invading the space of almost everyone, not just the guy or gal with a “career.” It’s affecting their partner, their children, their social circle, people on the road. And in many cases it is invasive, counter-productive and unhealthy for the family and the self. Do we really want to live in digital bondage?

In many ways, this digital bondage is reminiscent of the days when men and women of all ages built the Pyramids until they dropped dead. Sure, the Pyramids still stand as a testament to architecture and ingenuity, but to many they will also always represent a chapter in history when there was seldom a break from work. Luckily today we have a choice.

We must stand firmly behind the importance of rest and personal space. Sure, working remotely through technology has given us flexibility. There’s no denying that. But half-baked ideas like “Work-Life Integration” have adversely impacted the very relationships and working-conditions they were meant to improve.

Some in the Jewish faith believe that one of the Ten Commandments, to observe a day of rest on the Sabbath, is a cornerstone of not just spiritual growth, but what ultimately may lead to success in other areas of one’s life. Most cultures share this important value but as it erodes across the globe and the lines between work and rest are blurred, we all suffer.

Stay off the devices this weekend as much as you can. Find true balance by freeing yourself from digital bondage.

Posted in:
2 comments
Business Processes Data Governance Ethics Information Governance Interview Professional Development Records Management

Directing The Flow Of Information – An Interview with Jones Lukose of The International Criminal Court

By Rafael Moscatel, CIPM, CRM, IGP on

Directing The Flow Of Information – An Interview with Jones Lukose of The International Criminal Court

Second in a series of interviews with leaders in the fields of Risk, Compliance and Information Governance across the globe.

Jones LukoseJones Lukose, MBA, PhD is the Information Management Officer for the Criminal Court in the Hague and has over twenty years of experience developing and implementing strategies to achieve operational effectiveness and regulatory compliance for engineering firms, in energy and utilities sectors as well as for international and judicial organizations in Africa, Europe and the Americas. I interviewed him this past February to learn more about his unique insights into information management fundamentals and our future.

Jones, your work and research has taken you to many corners of the world including Kenya, Rwanda, Botswana, Jamaica, Uganda, the UK and now the Netherlands. It’s there you presently direct an important Information Governance program for the International Criminal Court.

What do you consider the most common theme in the information management challenges you’ve faced across so many unique cultures and how has that experience shaped how you think about solutions for international organizations?

I have worked in organisations where data is everywhere but the common challenge has been that it seems no one is directing its flow. There is a lot of evidence of information collected and stored that does not fit with the organisation’s strategy. The organisation may say that it is going in a particular direction but the data it holds does not provide the required evidence or proof.  My experience in this regard has led me to reconsider my role in the organisation as an Information Manager. In such environments, it is my first priority to help determine the real purpose and value of data to the organisation. In other words lend a hand in crafting the strategy of the organisation by leveraging information management.

How can we, as information management practitioners, as data stewards, effectuate best practices in our workplace in the face of constant, sometimes paradigm shifting changes in technology?

We now live in a world where small sets of information can alter the economies of the most powerful organisation and states on the planet. It is a world, where small streams of sensitive information can digitally leak and cause violent reactions from people living far and beyond the source. Tiny words or images transported via exotic technology can lead to wide-spread panic across whole populations even wars. A world where information is fragmented infinitely raising an infinite number of world views and identities. It is a world where the same information is interpreted differently in space and time. It is a world where information is presented in constant flux with the only constant being surprise.

Whatever your personal convictions, I challenge you to consider that we need a new way of looking at information management. It won’t help to retreat to our old maps and models because the more frustrated we become. We need new information management techniques to navigate the chaos, filter the wrong and point us to the significant. The new information manager will thrive and even love to embrace the chaos of information by applying new lenses and insights. He or she should be ready to be inspired to experiment and try out new ideas and solutions.

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

Posted in: ,
No comments
Archives Business Processes Ethics Information Governance Information Technology Professional Development Records Management Uncategorized

Directing The Flow Of Information – Interview with Jones Lukose of The International Criminal Court

By Rafael Moscatel, CIPM, CRM, IGP on

Second in a series of interviews with leaders in the fields of Risk, Compliance and Information Governance across the globe.

Jones LukoseJones Lukose, MBA, PhD is the Information Management Officer for the Criminal Court in the Hague and has over twenty years of experience developing and implementing strategies to achieve operational effectiveness and regulatory compliance for engineering firms, in energy and utilities sectors as well as for international and judicial organizations in Africa, Europe and the Americas. I interviewed him this past February to learn more about his unique insights into information management fundamentals and our future.

Jones, your work and research has taken you to many corners of the world including Kenya, Rwanda, Botswana, Jamaica, Uganda, the UK and now the Netherlands. It’s there you presently direct an important Information Governance program for the International Criminal Court. What do you consider the most common theme in the information management challenges you’ve faced across so many unique cultures and how has that experience shaped how you think about solutions for international organizations?

I have worked in organisations where data is everywhere but the common challenge has been that it seems no one is directing its flow. There is a lot of evidence of information collected and stored that does not fit with the organisation’s strategy. The organisation may say that it is going in a particular direction but the data it holds does not provide the required evidence or proof.  My experience in this regard has led me to reconsider my role in the organisation as an Information Manager. In such environments, it is my first priority to help determine the real purpose and value of data to the organisation. In other words lend a hand in crafting the strategy of the organisation by leveraging information management.

Read more in the upcoming book, Tomorrow’s Jobs Today.

Posted in: , ,
No comments
Ethics GDPR Information Governance Interview Privacy Professional Development

The Future of Compliance – An Interview with Miguel Mairlot, Professor of Financial Law

By Rafael Moscatel, CIPM, CRM, IGP on

The Future of Compliance – An Interview with Miguel Mairlot, Professor of Financial Law

First in a series of interviews with leaders in the fields of Risk, Compliance and Information Governance across the globe.

Miguel MairlotMiguel Mairlot is the Risk and Compliance Officer for Lombard International Assurance and a Professor of Financial Law.  I sat down with him at the beginning of the year to learn a little more about his experience in the field of Risk and Compliance and pick his brain on issues like GDPR, the future of privacy rules, the role of A.I. in “fintech” and any advice he can offer millennials looking to get started in the business.

What is it about the business discipline of Risk and Compliance that originally attracted you to the field and keeps you interested?

I spent the first 10 years of my career working in litigation, specializing in banking and finance laws. My expertise and knowledge of the MiFID regulation (Markets in Financial Instruments Directive) led me to work on its implementation for various financial institutions. At that time, legal and compliance tasks were usually performed by the same department. Although I’m interested and continue working on several aspects of the MiFID regulation, I devote most of my time on issues related to money laundering and the detection of serious tax fraud in the event of repatriation of assets.

How do you think companies should approach implementing GDPR and what do you think will be the greatest challenges here?

Any company subject to GDPR should take great care when implementing the requirements set out by this new regulation. Before its entry into force, data protection was not a top priority for many European companies. Now, the paradigm is about to change, due mainly to the hefty fines which can be imposed and the potential reputation damages which may result from a violation of the GDPR provisions.

Among all these tasks, raising awareness among employees about the risks related to the infringement of the rules set out by GDPR might constitute the biggest challenge since this new piece of legislation is considered as a important cultural change in Europe.

The implementation of GDPR will require the revision of internal procedures, the appointment of a Data Protection Officer in some cases and a mapping and assessment of all the data processes, as well as contractual changes. Among all these tasks, raising awareness among employees about the risks related to the infringement of the rules set out by GDPR might constitute the biggest challenge since this new piece of legislation is considered as a important cultural change in Europe.

Read the entire interview and more in my new book on leadership in the information age, Tomorrow’s Jobs Today.

No comments