Data Managment

Question 1

• Why is it important to manage data correctly?

Answer 1

It’s essential to keep data safe from corruption and access is suitably controlled for privacy and protection.

Question 2

• What is your role?

Answer 2

Data processor, given data to perform analysis on. No DP fee but still follow GDPR and can be liable to action from ICO.

Question 3

• What is the EU GDPR?

Answer 3

Came into effect in 2018 – largest changes in dp laws. Ultimately gives people stronger rights on their data.

Question 4

• What are the key requirements of GDPR?

Answer 4

Key requirements: DP assessments, rights on data held and have it erased, data controller directly responsible for GDPR, new principal in place reports compliance to ICO. Breaches confirmed to ICO in 72 hours and fines of up to 4% of turnover or £20m

Question 5

• What are the individual rights under GDPR?

Answer 5

informed, access, rectify, erase, restrict, portability, object, profiling (insurers)

Question 6

What are the GDPR principles?

Answer 6

Article 5.1 - storage per data management
processed lawfully and transparently
collected for valid/specific reason not used after this
Adequate, necessary and limited to purpose
accurate and up to date
kept in form that permits identification as permitted
processed securely
5.2 - controller responsible and able to demonstrate compliance

Question 7

methods for data management/safety?

Answer 7

Encryption
Back-ups
Passwords
Use of antivirus
Firewalls

Question 8

Role of Data Controller?

Answer 8

High level of compliance, demonstrate GDPR principles
Responsible for processors
ICO can take action against for breach
Pay DP fee unless exempt

Question 9

Any legislation on Data Management?

Answer 9

New professional statement - Data handling and prevention of cybercrime

Question 10

Why is it important to manage your clients data correctly and professionally?

Answer 10

Professional and Ethical Standard

And the law - data breaches reported to ICO within 72 hours - fines of up to 4% of turnover or £20m

Question 11

What were some of the methods used by hackers?

Answer 11

USB stick

Phishing Emails

Question 12

What were some of the key metrics in your investor reports?

Answer 12

Number of investors contacted - Active, On-hold, Declines
Investor Status - contact, interest, meeting, DD etc.
Geography
Potential Investment and probability

Question 13

What were some of the key metrics in the debt tracker?

Answer 13

Quarterly:
Number of transactions
Geography
Volume of transactions
Lender type
Asset Class
Individual or Portfolio

Question 14

What were the debt pricing in your London overview?

Answer 14

Depends of the location and quality of the asset - Prime remained low 2% and even some slightly older stock remains between 2.5% and 3.5%. Dominated by senior lenders, insurers and pension funds.

Question 15

Why was knowing which lenders were active in the market important?

Answer 15

Supported understanding that senior lenders were on pause and debt funds were more active at higher price points - allowed us to give indicative feedback to clients on the likelihood of raising debt in the market and where this would be priced

Question 16

Example of GDPR?

Answer 16

In 2019, the ICO announced the intention to issue €204,6 million (£183.39 million) to British Airways for violation of GDPR (Article 32 and Art. 5 (1) f) ).

What was initially announced as the biggest GDPR fine ever issued ended up being reduced to £20 million, in light of the recent COVID-19 pandemic and its effect on the airline industry.

The incident occurred in July 2018 but was only discovered in September 2018. In those few months, the British Airways website diverted users’ traffic to a hacker website, which resulted in hackers stealing personal data of more than 400.000 customers.

Question 17

How are you and your company compliant with GDPR?

Answer 17

data storage and security (encryption, firewalls, passwords, file locations, back up, virus protection)
Data controller - report breaches within 72 hours to ICO.
Align to the individual rights