GDPR and the banks – the Swedes trust banks’ IT security the most

With recent reports of IT attacks and less than a year left to the introduction of the new data protection regulation GDPR, IT security is high on many organizations’ and corporate agendas. And the banks are at the top when it comes to Swedes’ confidence in companies’ ability to handle IT security. This is evident in a SIFO survey commissioned by software and service company Tieto.

Jimi Inge

On 25 May next year, the GDPR will come into effect within the EU. The new data protection regulation will strengthen the privacy protection of individuals, including giving citizens the right to have their stored data removed from the companies’ databases (“Right to be forgotten”). Companies exposed to cyberattacks where sensitive data have leaked should also inform authorities about this within 72 hours and inform affected customers as soon as possible.

Due to recent IT attacks and the impending introduction of GDPR, Tieto has commissioned to find out Swedes’ views on companies’ IT security. The survey shows that banks are at the top (71 per cent have high or very high confidence) before government, municipalities and county councils (60 per cent). Just below that we find insurance companies that 57 per cent consider having high or very high reputation in dealing with personal data and IT security.

Jimi Inge is an expert on digital banking and payment solutions at Tieto and he is not surprised that the banks are at the top.

– Banks are historically associated with high security. Earlier with large bank vaults, now with bank card readers and secure signatures. The industry has long been subject to strict requirements, checks and certifications. That part of GDPR is therefore not new to the banking sector, what will be a big change is that GDPR also means enhanced transparency, says Jimi Inge, Director of Risk & Compliance at Tieto.

GDPR is designed to give customers more control, which means that the lock-in effect will be lower and it will be easier to change banks. In the long run, it could mean a risk for banks that, although they have high reputation in terms of security, have low customer satisfaction (Swedish Quality Index 2016). Jimi Inge therefore believes that banks need to take advantage of the opportunities with GDPR.

– Bank customers today have record low confidence in how banks operate. With GDPR, customers get better insight, and it is then important for banks to transform GDPR into an opportunity instead of a costly “must”. Those who succeed with this are most likely those who will succeed in the future. Sweden has a very mature market and it also means that customers will be able to choose the bank that not only has the highest security but also best protects the interests of the customer, said Jimi Inge.

From the survey:
Which companies and organizations do you have the highest confidence in regarding IT security and management of your data?

Banks and financial companies.

Total

Man

Woman

16-34 yrs

35-55 yrs

56-79 yrs

Very high confidence (5)

34%

34%

33%

37%

32%

32%

(4)

37%

38%

35%

35%

40%

36%

(3)

17%

16%

18%

15%

18%

17%

(2)

4%

3%

5%

4%

3%

5%

Very low confidence (1)

3%

3%

2%

3%

2%

3%

Do not know

6%

4%

7%

6%

4%

7%

To know more about Tieto Compliance Cloud >>

Share

Contact

Jimi Inge
Director of Risk & Compliance
+46702559773