Monday: Prepare for a data privacy battle on multiple fronts

Four compelling reasons why compliance chiefs should be focusing on the personal data your firm holds.

Hope you had a great weekend. It’s Monday, so our focus is on compliance – specifically, the tide of regulation being brought in to control what companies do with individuals’ data.

Here are four reasons why personal data should be top of your compliance agenda:

– EU GDPR is far-reaching: just because you haven’t fallen foul of it yet doesn’t mean you never will. “The supervisory authorities in the EU are indicating that we should see a significant increase in firms that are subject to monetary penalties,” one consultant tells us.

– California’s version is taking shape. It will likely apply if you have a physical presence in the state or if you have California-domiciled investors – which is a lot of private equity firms.

– Other US states are following suit, so if the California Consumer Privacy Act doesn’t get you, then a copycat law will.

– Regulation S-P has been part of your compliance program for a couple of decades, but the SEC is looking like it will place renewed focus on it, following its recent risk alert on the matter.

Elsewhere, with early debates among Democratic presidential candidates, now is a good time to be reminding your colleagues about pay-to-play rules. If you need reminding yourself, try this briefing from sister publication Regulatory Compliance Watch (paywall).

Email prepared by Toby Mitchenall