Banking

Delivering GDPR best practice to reduce regulatory risk

SpareBank1

Background

SpareBank1 is Norway’s largest regional bank, and the second largest Norwegian-owned financial institution. SpareBank1 works with 14 banks across Norway within the SpareBank1 Alliance, providing a broad range of support services across IT, Insurance, Finance and Regulatory functions.

 

The challenge

SpareBank1 wanted to ensure all of its operations were compliant ahead of the GDPR (General Data Protection Regulation) deadline and was looking to expand its in-house governance team. However, with only 6 months until the new legislation went live, SpareBanks1’s team was under-resourced and seeking best practice guidance. SpareBank1 needed to understand how GDPR would impact its business operations, and build an action plan to expand and upskill its regulatory team to ensure on-going compliance.

 

The solution

Our consulting team brought regulatory rigour, technical excellence and proven project management skills to SpareBank1, carrying out a detailed analysis across all banking activity and identifying major gaps with regard to GDPR compliance. Our team’s deep knowledge of up to-the-minute banking and data privacy challenges ensured that SpareBank1 rapidly gained a comprehensive understanding about the size of the challenge, while also developing a roadmap for ongoing GDPR compliance.

 

The results

We helped SpareBank1 to achieve:

• Increased awareness of GDPR compliance ‘gaps’

• A prioritised action plan to remit gaps and build new compliant solutions

• Embedding of best practice processes

• Reduced risk for data privacy breaches and reputational damage

• A knowledgeable and up-skilled alliance compliance team

All our client stories