Global companies still unprepared for GDPR compliance, EY survey finds

London, 31 January 2018

  • Share
EY - View the online version
  • 78% consider data protection and data privacy compliance a growing concern
  • Yet only 33% of respondents have a plan in place for GDPR
  • Increasing adoption of advanced FDA technology, including robotics and AI, likely over the next 12 months

Intensifying regulatory pressures are top of mind for business leaders, with 78% of respondents expressing increasing concern about data protection and data privacy compliance. This is according to the third biennial EY Global Forensic Data Analytics Survey, which examined the responses of 745 executives from 19 countries and analyzed the legal, compliance and fraud risks global companies face and the use of forensic data analytics (FDA) to manage them.

However, with less than four months to go until the General Data Protection Regulation (GDPR) comes into force on 25 May 2018, only 33% of respondents state that they have a plan in place to comply with the EU legislation. While the average response of those in Europe was more positive, with 60% indicating they have a compliance plan in place, there is still much more work to be done in other markets where significantly fewer companies indicated readiness for GDPR compliance including Africa and the Middle East (27%), the Americas (13%) and Asia-Pacific (12%).

Andrew Gordon, EY Global Fraud Investigation & Dispute Services leader, says:

“The pace of regulatory change continues to accelerate and the introduction of data protection and data privacy laws, such as GDPR, are major compliance challenges for global organizations. But businesses that adopt FDA technologies can achieve significant advantages, benefitting from more effective risk management and increased business transparency across all of their operations.”

Increased adoption of FDA to manage risks

According to the report, respondents expressed a strong belief in the value of FDA and its benefits for an organization’s governance program, which is evidenced by a 51% increase in average annual spend per respondent compared with 2016. Companies have significantly developed beyond relying on the basic FDA tools of the last decade, with 14% of respondents stating that they are already using robotic process automation (RPA) to manage legal, compliance and fraud risks, and a further 39% stating they are likely to adopt RPA within the next 12 months, followed by artificial intelligence (AI) at 38%.

The survey found that 42% of businesses believe that data protection and data privacy regulations have a significant impact on the design or use of FDA. The survey further revealed that 13% of respondents indicated that they currently use FDA to achieve GDPR compliance, with more than half (52%) of the respondents indicating that they are currently in the process of analyzing exactly which FDA tools they would use to assist them with achieving compliance.

Investment in people and skills key to unlocking the full potential of FDA

Overall, the report highlights how increased adoption of, and spending on advanced FDA technologies, needs to be matched with greater investment in skilled resources. Of the respondents surveyed, only 13% feel that their organization has the right technical skills in FDA, and only 12% believe they have the right data analytics/data science skills.

Gordon says: “FDA is not just about technology, but about the people who manage that technology and how they use it to manage risks. While it’s encouraging to see that investment in advanced FDA is increasing, companies need to hire the right talent and invest in core skills such as domain knowledge and data analytics in order to be successful in managing their risk profile.”

- Ends -

Notes to Editors

About EY
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.

About EY’s Fraud Investigation & Dispute Services
Dealing with complex issues of fraud, regulatory compliance and business disputes can detract from efforts to succeed. Better management of fraud risk and compliance exposure is a critical business priority — no matter the size or industry sector. With approximately 4,500 fraud investigation and dispute professionals around the world, EY provides the analytical and technical skills needed to quickly and effectively conduct financial and other investigations, and gather and analyze electronic evidence. Working closely with you and your legal advisors, we will assemble the right multidisciplinary and culturally aligned team, and bring an objective approach and fresh perspective to challenging situations, wherever you are in the world. And because we understand that you require a tailored service as much as consistent methodologies, we work to give you the benefit of our broad sector experience, our deep subject matter knowledge and the latest insights from our work worldwide.