Race Against Time to become GDPR Compliant
UBS SmartWealth had just a few weeks to become GDPR compliant.
We completed well ahead of the deadline, with streamlined systems, processes, a fully trained team and compliant customer journey
UBS SmartWealth, the digital wealth platform of the multinational investment bank UBS, had just three months to make sure their customer journey, systems and processes were GDPR (General Data Protection Regulation) compliant.
They needed to read and translate the regulations to understand what they had to change, create options on solutions that were compliant, translate these into technical requirements that the technology team could build from and make changes to both operational procedures for the global teams as well as update client communication
If you’ve read any regulations, you’ll know that they’re not the most exciting and not the most well written. Contradictions and jargon with multiple references for what can appear to be a simple paragraph.
GDPR introduced a lot of changes to existing processes. This meant new workflows such as a process for clients to request access to the information that UBS SmartWealth held on them (DSAR), being able to retrieve the information quickly and provide the information or delete it within the timeframes set.
The first part before everything was to read the published regulations by the UK government for GDPR. and translate them into simple language that everyone could understand.
Working closely with the UBS legal team to make sure our translations were correct and also complied with the UBS global policies on GDPR, we broke down the 261 page document into five or six pages of clear bullet points on what was required and what the regulations were really telling us to do.
We spent time with the impacted operational teams to understand and map out the process they put their customers through today because this would help us to understand which areas would be impacted and would need to be altered in order to become GDPR compliant.
At this point we now had a clear understanding of the business impact for GDPR compliance and UBS SmartWealth’s operational process. we started to identify what parts of GDPR had already been met, and what parts were missing in their customer journey.
We identified these by looking at the process flow we created of the current state and overlaid the GDPR requirements on top of them to filter the gaps.
Highlighting all the impacted tasks helped to define areas where changes were required and if those changes would impact other areas of the organisation.
It’s critical to draw out the target state in any project, so working from the current state flow, we developed the future state customer journey and onboarding model that would be compliant with GDPR. It identified all amendments that would be needed across technology and operations.
We made changes to the existing system to capture certain data and ensure requests were sent to the correct teams, that the data could be retrieved quickly from the systems where the client’s information was held and that deletion was done where it could be deleted.
UBS SmartWealth works with an agile approach to technical deliveries. We worked closely with the development teams to identify feasible options that were simple to implement and maintain, providing them with user stories and screen mock ups where required.
This was a great team to work with, one of the important things we always do is to maintain transparency in all communications across all impacted teams as a project is never successful in isolation. With UBS SmartWealth, we worked closely with Legal, technology, Wealth advisory and the operations teams so that not only everyone would be comfortable with the changes but also to ensure that nothing was missed.
With six weeks to spare, UBS SmartWealth was GDPR compliant well ahead of the deadline. All teams were fully trained on the new processes and documents were all prepped and ready to go with a new workflow to enable clients to submit and receive responses to DSARs within the deadlines stipulated by GDPR.
Miles to Freedom Score
Every Sunday evening, receive a boost in the right direction with our 5S Projects tips on simplifying your business and life.
As a subscriber, you can send in your challenges to Sonal as and when they come up with some tailored advice sent direct to your inbox.
Sign up here if you want to start your week on the right foot.
Need to Speed Up Your Business?
If you like what you’ve read so far and are interested in working with us, get in touch.
We’d love to hear from you.
Process Advisory & Consulting
This is for you if you need your creative agency to work harder for you so that you can work less, but don’t know where to start identifying and fixing the bottlenecks.
This is for you if you want to be coached in all aspects of your business and work towards a long term aim of making your business give you the lifestyle that you deserve.
This is for you if you’re ready to unlock what’s blocking you from making key decisions and changes for the better in your life and in your business.