General Data Protection Regulations have opened the new avenues for the Regtech companies across the world. Here is an excerpt from the interview with one such global leader in GDPR compliance – Trunomi. Stuart Lacey, Founder of Trunomi discussed his thoughts on Regtech with Co-founder of Regtechtimes Vedant Sangit.
What exactly does Regulatory Technology mean to you?
“Regulatory Technology is the space in which we develop and implement new and innovative technologies that optimise existing processes in a regulatory environment. At Trunomi, we turn data privacy regulations (including EU GDPR) from a burden to a competitive advantage – our innovative proprietary technology proves accountability in consent management and transparency in data use to builds customer trust.”
Brief overview about your product/service offering ?
“At Trunomi, we enable businesses to comply with EU GDPR & ePrivacy Regulation, global data privacy laws by providing customer consent and data rights management technology. This enables businesses to request, receive, capture and prove the legal basis of data processing thanks to consent and data rights receipts and immutable audit trails. Our tools allow the user to automise compliance, replacing inefficient, costly legacy approaches and future-proofing for further regulatory change. Our end-users benefit from increased transparency and control over their extended data rights.”
What inspired you to build the above product ?
“We recognise that Data Rights are inherently difficult to manage when businesses are involved in large-scale collection and processing of data. At the same time, we are passionate about the extended rights of the end-user, who under GDPR has the right to improved transparency, data portability and erasure. As a result, we make it easy for both the business and their end-user. Although our focus lies around demonstrating audit-ready GDPR-compliance and simplifying data and consent management, the improved transparency ultimately leads to long-term trust and a better relationship with the end-user.”
What are the consequences of non-compliance?
“Under GDPR businesses can face fines of up to €20 Million Euros or 4% of global revenue, (whichever is greater) if they fail to comply. Recent high profile data breach or misuse incidents; including Facebook-Cambridge Analytica, British Airways and Cathay Pacific, have shifted the mood in public debate: people are increasingly concerned about the large-scale processing and use of sensitive information. GDPR non-compliance is therefore not just a risk of fines, but business reputation and consumer trust. Furthermore, business need to comply with the extra-territorial scope of GDPR: it is application to the processing of data subjects located within the EU, irrespective of where the business is located. Trunomi allows global businesses to easily demonstrate best-practice compliance with audit-ready certificates.”
How big is your team and who are the critical players ?
“We’re currently a team of 17. Since our launch in 2015 we’ve had the support of an amazing Board, Advisory board and Team Members – we celebrate all our team on our website and recently launched a ‘Meet the Team’ blog series!”
What was the most challenging aspect of your journey as the Founder of Trunomi?
“Time and capacity….balancing product and customer development, raising funds and building out an awesome team of empowered, amazing individuals. Very early on we created a Culture Deck which has been a major asset in our journey.”
How did you overcome initial mindset challenges of the regulators/supervisors?
“For us the biggest mindset challenge wasn’t from regulators – we are fully aligned with their vision for greater individual consent and control over personal data. Our challenge was in educating businesses on the opportunity of harnessing data privacy for better customer experience: better data, more targeted marketing, more trust.”
Where do you see yourself in next three years?
“We are expecting there will be an emerging trend of the individual being more in demand of these solutions as they seek to better control their own data. We believe the data privacy regulatory wave will likely be completed and harmonized by the customer. As such, amazing and simple customer experiences, personalization and other concepts will start to take center stage and those companies with large established B2B businesses will expand their offerings into these markets. At such time, we expect Trunomi to be operating at scale across Europe and with growing customer bases and footprints in LatAm and North America. The next waves of regulations will start taking lead with a continued focus on Consumer Protections relating to Data. Fines and enforcement will have been made under GDPR and related laws forcing large numbers of companies to start to use more robust technology solutions in operationalisation.”
Which countries do you feel you can expand to with your offerings?
“Although GDPR is a EU regulation, it applies to any business processing the data of citizens located inside the European Union. And Privacy is not just mandated by GDPR. We have a Global solution and are active in Europe, North America, South America, Australia and ASEAN. I think we’ll see more and more countries introduce GDPR-style legislation – we’ve already heard from CEO of Apple, Tim Cook’s vociferous support of the GDPR. In that sense, Trunomi is unique in that it has a global, future-proof offering.”
Have you built any consulting model for the consultants from different countries?
“At Trunomi, we do our best to understand our customer’s needs and demonstrate to them the ways in which Trunomi can help them achieve best-practice GDPR-compliance, and remove the complexities involved in large-scale Data Rights Management. Although our team members are IAPP (International Association of Privacy Professionals) certified ‘GDPR experts’; we focus on building and delivering specialist technology solutions, not consulting. We do partner with consulting firms to provide the best customer experience.”