Large International Financial Institution
Setting a global best practice in data privacy
Tags
Projects funded by this large International Financial Institution (IFI) are changing lives in over 80 developing countries. With a vast range of project sponsors, the institution must maintain an excellent reputation amongst international financial institutions. Even though the institution doesn’t have to follow data privacy regulations, it wanted to embark on a major programme to modernise its IT systems and digital assets and demonstrate global best practice in data privacy. Our approach helped establish the institution's reputation as the leading supranational organisation on data privacy. It also helps raise data privacy standards in the many countries where the institution invests.
Key successes
- Developed a solution aligned to all international standards for data privacy
- Enabled the institution's clients and customers in 80+ countries to raise data privacy standards
- Established the institution's reputation as a world-leader in data privacy
A unique data privacy project
The institution uses investment as a tool to build market economies and invests in projects that strengthen developing economies by making them more competitive, well-governed, green, inclusive, resilient and integrated. Since its creation in 1991, the institution has invested over €130 billion in more than 5,200 projects.
The institution holds personal data for some 30,000 current and previous employees. It also holds highly sensitive data generated by pre-investment due diligence. The institution isn’t required to follow any data privacy regulation worldwide, due to its supranational status making the organisation exempt from any local or national laws, but wanted to adhere to global good practices. With clients across three different continents, the institution sought to be a leader in data privacy. So the institution needed an approach that took account both of data privacy regulation in Europe (GDPR) and of different approaches in other jurisdictions.
Our team began by mapping (across 11 different departments) how the institution generates, stores and shares personal data. We also reviewed 40+ directives and policy and procedural documents to understand existing data privacy arrangements. Then we made recommendations on how to incorporate world-leading data privacy practices into the ongoing IT and digital transformation.
This work demanded leading-edge expertise in data privacy, skills in data analytics and IT transformation, and considerable ingenuity: we needed a solution that set the standard for all the institution's international clients and customers, whether in Europe, Africa or Asia. We based our approach around architectural patterns in the institution's new IT systems. As a result, our recommended data privacy requirements can be replicated in any systems where the same patterns occur.
Our work not only creates a practical template to help the institution achieve the most appropriate standards in data protection. It also establishes the institution's reputation as the leading supranational organisation on data privacy.
Enjoyed? Share this story
Working with a large international financial institution, @PA_Consulting created a practical template to help the institution achieve the most appropriate standards in data protection whilst establishing the institution's reputation as the leading supranational organisation on #dataprivacy