Report Reveals Slow Compliance with EU Data Protection Regulation  

By Emma Okonji

With barely four months to the deadline on EU General Data Protection Regulation (GDPR) compliance, Global companies, including African counties are still unprepared to comply with the regulations, according to a survey report conducted recently by Ernst & Young (EY), a global leader in assurance, tax, transaction and advisory services.

According to the report, 78 per cent of those surveyed, consider data protection and data privacy compliance a growing concern, yet only 33 per cent of respondents have a plan in place for GDPR.

Increasing adoption of advanced forensic data analytics (FDA) technology, including robotics and Artificial Intelligence (AI), likely over the next 12 months, the report said, that intensifying regulatory pressures are top of mind for business leaders, with 78 per cent of respondents expressing increasing concern about data protection and data privacy compliance. This is according to the third biennial EY Global Forensic Data Analytics Survey, which examined the responses of 745 executives from 19 countries and analyzed the legal, compliance and fraud risks that global companies face and the use of forensic data analytics (FDA) to manage them.

However, with less than four months to go until the European Union General Data Protection Regulation (GDPR) comes into force on 25 May 2018, only 33 per cent of respondents, state that they have a plan in place to comply with the EU legislation. While the average response of those in Europe was more positive, with 60 per cent indicating they have a compliance plan in place, there is still much more work to be done in other markets, where significantly fewer companies indicated readiness for GDPR compliance including Africa and the Middle East at 27 per cent, the Americas at 13 per cent and Asia-Pacific 12 per cent.

EY Global Fraud Investigation and Dispute Services Leader, Andrew Gordon, said: “The pace of regulatory change continues to accelerate and the introduction of data protection and data privacy laws, such as GDPR, are major compliance challenges for global organizations. But businesses that adopt FDA technologies can achieve significant advantages, benefitting from more effective risk management and increased business transparency across all of their operations.”

EY Nigeria Forensic/Fraud Investigation and Dispute Services Leader, Linus Osita Okeke, said: “Businesses in Nigeria need to take over more than a passing interest in GDPR because of the significant impact of this piece of EU legislation on businesses outside of the EU”.

According to the report, respondents expressed a strong belief in the value of FDA and its benefits for an organisation’s governance program, which is evidenced by a 51 per cent increase in average annual spend per respondent compared with 2016. Companies have significantly developed beyond relying on the basic FDA tools of the last decade, with 14 per cent of respondents stating that they are already using robotic process automation (RPA) to manage legal, compliance and fraud risks, and a further 39 per cent stating they are likely to adopt RPA within the next 12 months, followed by artificial intelligence (AI) at 38 per cent.