Editor’s note: The author is the CFO of SAP France.
With GDPR compliance less than a year away, some CFOs I speak with have yet to look past the risk of a big fine. If you’re one of them, then this article is for you.
Yes, GDPR — the General Data Protection Regulation, a measure intended to strengthen and unify data protection within the European Union, slated to take effect next May 25 — is a costly compliance matter that you absolutely cannot afford to get wrong.
That’s especially so because regulators will be looking to make early examples of companies that fall afoul of the new regulations. It casts a big shadow. Who wouldn’t lose sleep over potential penalties big enough to cripple or shut down European operations?
But if that’s all you see, you’re missing the wider, more strategic point: GDPR, if managed properly, is an incredible opportunity for growth.
The regulation represents a catalyst that’s set to create a fundamental shift in the digital economy. The problem is, many organizations have left responsibility for tackling GDPR solely to their compliance teams, based largely out of fear of catastrophic penalties. While we all must, of course, be complaint by May 2018, smarter CFOs are viewing GDPR compliance in the wider context of their company’s digital evolution and seeing the opportunity for both acceleration and growth. Let me explain.
Data is one of your company’s most valued resources, yet one of the most poorly managed. It’s the golden thread that runs through the entire organization, and in most instances it’s managed casually and inconsistently, depending on individual employees and departments. You wouldn’t let your revenue, products, or equipment assets be handled that way, so data (given its inherent value) shouldn’t be any different. It warrants the same due care and attention.
As CFOs, we should be leading from the front, looking at the best and safest ways to monetize this asset. GDPR legislation is unique in that it allows you — OK, forces you — to transform the way you handle data across the whole organization, managing associated risks and compliance. In doing so, it’s actually strengthening your ability to compete on the digital playing field, making you more agile for long-term success.
Governance excellence (underpinned by automated risk, compliance, and audit processes) combined with information excellence can yield significant efficiencies. For example, in our own SAP performance benchmarks, we’ve seen a 50% decrease in audit-cycle time with automated and continuous management of controls. That means, with the right systems in place, your business can run live: it can sense, respond, learn, adapt, and predict to meet and create customer demand — and do so in the moment of opportunity.
As power shifts to individual consumers, customers will favor those companies with sound governance and adherence to GDPR, as it will form part of your brand reputation in the digital economy. If you haven’t already done so, I urge you to look beyond simply avoiding a fine, and create a strategy for your finance organization and the wider business to harness the benefits it will deliver. It really is a transformational opportunity.
Data and its responsible management are at the core of this digital transformation, with GDPR demanding that all of us raise our game. In the proverbial carrot-and-stick scenario, don’t let the size of the GDPR compliance stick blind you to the sizable opportunities of the data-management carrot.
Emmanuelle Brun Neckebrock is CFO for SAP France.