最有看点的互联网金融门户

最有看点的互联网金融门户
国际资讯监管与政策

印度:数据保护制度来临,金融科技公司和消费者准备好了吗?

国际资讯监管与政策

印度:数据保护制度来临,金融科技公司和消费者准备好了吗?

印度B.N. Srikrishna 委员会提出新的数据保护制度之后,专家和金融科技公司针对新数据保护制度的影响发表了看法。

Naveen Kukreja,Paisabazaar.com首席执行官兼联合创始人

初步看来,金融服务公司,尤其是金融科技公司将受到影响。我希望国家能够给予组织足够的时间建立机制和流程,满足合规性要求。

金融科技来面临的一个巨大挑战是为客户提供"被遗忘权",除非得到客户的明确许可,否则组织机构将无法使用客户数据。

金融科技公司正在开发客户生命周期管理模式,根据消费者不断变化的生活方式、信用状况和生命阶段需求,为消费者提供分阶段的定制金融解决方案。很大一部分消费者无法完全了解定制产品可能带来的长期利益,因此不会主动同意数据请求。没有消费者的许可,真正有利于消费者财务健康的创新就可能会受到限制。预测称,健康等部分关键部门可能不受法规限制。我希望也能扩展到金融服务。

Alok Mittal,印度数字贷款人协会主席,Indifi Technologies联合创始人兼首席执行官

金融服务和保险业(BFSI)和金融科技公司需要时间来吸收数据保护指南。该草案规定了客户许可应当包含的内容以及哪些内容需要向客户强调。大多数银行和金融公司的条款和条件已经就位。但是,要满足规定的许可格式以及客户的可选性要求,就需要大量的设计和实施工作了。草案还建议应该给行业充足时间做好准备。

在印度,数据保护制度是一个全新构想,有一些法律解释方面的问题,至少在初期会是这样。随着投诉、案例和澄清出现,流程会得不断改进,通常需要几年时间才能完成以上工作。尽管要达到合规要求,并保持合规水平,会需要一些投资,但是我认为不会对可变成本造成太大影响,每笔交易成本不会上涨。

Amit Jaju,印度FTI咨询公司高级董事总经理

新提出的《2018年个人数据保护法案》(PDPB)出乎BFSI和金融科技公司的意料。许多公司仍在致力于遵守欧盟《通用数据保护条例》(GDPR)。如果PDPB成为法律,那么大多数BFSI和金融科技公司要遵守这一法规会十分吃力。此外,法案的各个方面的法律解释存在差异。

今年4月,印度储备银行(RBI)指示国际金融公司应当在6个月内实现所有支付数据的印度本地存储。还剩下不到两个月的时间,但是由于与PDPB重叠,期限可能会延长。这也影响到将印度公民的数据存储在境外云上的印度公司。金融服务保险业和金融科技公司需要重新审视其流程、技术和第三方合同,以确保整个生态系统理解并遵守新法律。对于大型金融服务公司而言,确保承包商的合规性至关重要,因为他们将成为主要数据保管人。

Mano Sehgal,德勤印度合伙人

最近进行的GDPR准备状态调查及其结果表明,各行业只有68%的BFSI组织着手准备GDPR就绪。因为治理、人员、流程和技术方面的成熟度不同,各组织在隐私准备状况方面面临的挑战也各不相同。

印度组织可能面临的隐私就绪状态挑战在于建立和维护隐私文化、维护隐私的合规性以及增加技术和管理程序。人们对隐私文化的接受将是一个巨大的挑战。

隐私和数据保护要求不是交易或一次性工作。需要持续努力以维持隐私环境并使之更加成熟。组织需要投入资金加强现有措施、实施足够的保护措施保护个人数据,因此成本可能会增加。

组织会接受这样的额外成本和工作建立信任还是把成本转嫁给消费者?仍有待观察。

In the wake of the new data protection regime, as proposed by the B.N. Srikrishna committee, we spoke to experts and fintech companies to understand how it can impact these companies and consumers

Naveen Kukreja, CEO and co-founder, Paisabazaar.com

Prima facie it looks that financial services companies, especially fintechs, will be impacted. I will expect enough time be provided for organisations to build mechanisms and processes to ensure compliance.

A big challenge for fintechs may be the provision of “right to be forgotten” where an organisation will not be able to use customer data once the purpose for which it was provided is met unless it has an explicit consent from the customer.

Fintechs today are developing customer life-cycle management models, where consumers are offered customised financial solutions at different stages of their life, according to their changing lifestyle, credit profiles and life-stage needs. A large segment of consumers may not be fully evolved to understand the long-term benefits customised products may have and, hence, may not provide their consent proactively. In its absence, innovations that are genuinely good for the consumer’s financial health may be restricted. It is being predicted that a few key sectors like health may be provided with certain exceptions. I would hope it is extended to financial services as well.

Alok Mittal, President, Digital Lenders Association of India and co-founder and CEO, Indifi Technologies

It will take time for BFSI and fintech companies to adopt data protection guidelines. The draft is fairly prescriptive in terms of what should be included in consent and what needs to be highlighted for a customer. Most banks and NBFCs already have terms and conditions in place. But the format of the consent that would be required here and the optionality to be given to customers, clearly require significant design and implementation work. The draft also suggests that the industry should be allowed time for preparedness.

Since this is an absolutely new construct in India, there will be interpretation issues around the regulations, initially at least. Such things normally take a few years to get implemented, as complaints, cases and clarifications come up and the process gets refined. I don’t think there is a lot of impact on variable costs, though there will be some investment required to be compliant and then maintain that level of compliance. But per transaction costs will not go up.

Amit Jaju, senior managing director – FTI Consulting, India

The proposed Personal Data Protection Bill 2018 (PDPB) has taken BFSI and fintech companies by surprise. Many are still working towards compliance with the EU GDPR. If PDPB becomes law today, then a majority of BFSI and fintech companies may struggle to be compliant. Further, there are gaps in interpreting various aspects of the bill.

In April this year, the Reserve Bank of India (RBI) directed international financial companies that all payments data should be stored locally in India within six months. With less than two months to go, this may get extended due to overlap with PDPB. This also impacts Indian companies that store data of Indian citizens on overseas clouds. BFSI and fintech companies will need to relook their processes, technologies and third-party contracts to ensure the entire ecosystem understands and abides by the new law. For large financial services companies, ensuring compliance of contractors will be crucial as they will be the primary data custodians.

Manish Sehgal, partner, Deloitte India

A recently conducted GDPR preparedness survey and its result indicated that among various sectors, only 68% of BFSI organisations have started their journey towards GDPR readiness. Challenges of privacy-readiness journey vary among organisations depending on their current state of maturity with respect to governance, people and process and technology aspects.

The likely challenges for Indian organisations to be privacy-ready are building and maintaining a culture of privacy, compliance for sustaining privacy and increase in technical and administrative procedures. People’s acceptance to the culture of privacy is going to be a huge challenge.

Privacy and data protection requirements aren’t usually transactions or one-time efforts. Continued efforts are required to sustain and mature a privacy-enabled environment. Doing so is likely to add cost as organisations will need to invest to implement or strengthen sufficient safeguards to protect personal data.

It remains to be seen whether organisations consume such additional cost and efforts to build trust or pass on the cost to consumers.


用微信扫描可以分享至好友和朋友圈

扫描二维码或搜索微信号“iweiyangx”
关注未央网官方微信公众号,获取互联网金融领域前沿资讯。

发表评论

发表评论

您的评论提交后会进行审核,审核通过的留言会展示在下方留言区域,请耐心等待。

评论

您的个人信息不会被公开,请放心填写! 标记为的是必填项

取消

栀航 | 未央团队未央编辑团队

41
总文章数

TA还没写个人介绍。。。

又一家苏格兰大学推出金融科技加速器项目

高旭 | UNIVERSITY... 1天前

致力发展金融科技,新加坡再推两大革新措施

渺渺 1天前

阿布扎比联合酋长国推出数字沙盒监管计划

高旭 09-19

非洲小额贷款平台Jumo获5200万美元融资,从新加坡切入进军东南亚市场

Jon Russel... 09-19

Yoco:非洲金融科技值得关注的一颗新星

栀航 09-19

版权所有 © 清华大学五道口金融学院互联网金融实验室 | 京ICP备17044750号-1