GDPR & Why Organizations Need To Be Thinking About Third Party Risk

Session 1 of 3 (approx. 18 minutes)

The new General Data Protection Regulation (GDPR) - which comes into force in May 2018 - may at first blush seem like “just another EU regulation”. However, organizations - and specifically third party risk management teams within them - would take a “tick-box” approach to compliance at their peril.

Join Simon McDougall, GDPR expert and Managing Director at Promontory Financial, and Anna Mazzone, Managing Director, International, and Global Head of Financial Services with Aravo Solutions as they discuss GDPR & Why Organizations Need To Be Thinking About Third Party Risk.

In this session, Simon and Anna will discuss:

  1. Are organizations looking at their Third Parties in relation to GDPR? What is the potential damage if they do not?
  2. What are some of the key considerations that organizations need to be thinking about through their Third Party lens?   
  3. What are some of the most common challenges that organizations are going to encounter, and how would you recommend they are approached?
  4. What are some of the blind spots – what are organizations not thinking about in the context of their Third Party suppliers/processors, that they should be?
  5. Should organizations be just looking at the critical suppliers or should they also be factoring in their long-tail and why?
  6. What’s the best way to approach managing this long tail?
  7. What kind of questions should board members be asking their executives around their approach to these issues?
  8. What kind of questions should the C-suite be asking their middle management about their approach to these issues?

Also enjoy podcast sessions 2 & 3, as they will be available soon.

Aravo Podcast - Simon McDougall.jpg

Managing Director, Promontory Financial, London

Simon McDougall is a Managing Director in Promontory’s London office, and leads Promontory’s global privacy and data protection practice. He is a Chartered Accountant and until 2010, led Deloitte’s UK Privacy & Data Protection and Payments Regulation teams. He specializes in privacy and data protection, information governance and regulatory investigations.

Simon has led engagements with some of the world’s largest financial institutions, technology firms, retailers and life sciences firms. He has developed rationalized privacy risk management models, built enterprise-wide privacy programs and managed in-depth data protection audits. He spent six months seconded as the Head of Privacy and Records Management for the retail half of a large international bank.

Simon serves on the IAPP Board of Directors and the IAPP European Advisory Board. He has previously served on the UK Data Protection Forum executive, the BSI Data Protection Editorial Board, the DataGuidance Panel of Experts, the President of the Law Society’s Surveillance Working Group, and a range of other consultative and advisory groups. He was the co-author of a paper to the Leveson Inquiry, addressing privacy and press regulation.

 Aravo - Anna Mazzone.png

Managing Director, International. Global Head of Financial Services, Aravo Solutions

Anna Mazzone leads and drives Aravo’s global expansion and is responsible for building operations and direct and partner channels internationally. She also leads growth initiatives and client engagement across financial services, bringing with her over 20 years’ financial services industry experience in the international markets.

The former Global Head of KYC Managed Services at Thomson Reuters, Anna founded and grew Thomson Reuters’ Org ID KYC Managed Service, leading a team of more than 150 staff and managing clients in more than 80 countries.
Ms. Mazzone’s deep domain expertise in Technology for Financial markets (FinTech), GRC (Governance Risk & Compliance technologies), and Know Your Customer (KYC) as well as Know Your Supplier/Vendor (KYS/KYV) has contributed to significant growth at companies including BAML, Thomson Reuters, CME Group, Markit and Trunomi.
Anna is on the Board of the Non-profit, Junior League of London, having supported the organization for over 14 years, on the Advisory Board for Trunomi, and is a business mentor for Level39 London Accelerator. In 2016 Anna was named in Innovate Finance’s “Women in Fintech Powerlist” which recognizes women who are playing a vital role in the development of the global Fintech sector. She holds a Bachelor of Science, Finance and Insurance from the University of South Carolina – Darla Moore School of Business. 

For more information about how Aravo can help improve your GDPR compliance programs, please contact us.


Related Content:

Expert Series Podcast - Session 2 - A Deeper Dive into GDPR & Why Organizations Need To Be Thinking About Third Party Risk

Expert Series Podcast - Session 3 - Looking toward the future with GDPR & Third Party Risk - with consideration to privacy regulations in other countries

Award Report - Aravo for GDPR wins award for third party GDPR compliance application

Executive Overview - The New GDPR: Taking A Strategic Approach To An Internationally-Focused Data Protection Rule

White Paper - Cybersecurity and Vendor Risk. The Third-Party Risk Challenge is Here Now

White Paper - Cybersecurity Regulatory Radar: Five Top Trends in Cybersecurity Regulation

Executive Exchange Series - The Business Case For Better Third Party Risk Management

Receive An Application Demo - Aravo for GDPR