Sri Lankan Parliament confirmed the enactment of the much-awaited Data Protection Act (DPA) on 10th March 2022, empowering Data Protection Authority to impose penalties of up to Rs.10 million per non-compliance and providing individuals with ‘data subject rights to exercise their ‘Right to Privacy’. To a large extent, the new privacy law is in-line with global privacy regulations such as EU-GDPR (General Data Protection Regulations) requiring organizations to appoint Data Protection Officer (DPO); process data in a transparent, lawful, and fair manner; conduct Data Protection Impact Assessment (DPIA); report breaches to authority and implement appropriate safeguards to protect personal data from unauthorized use, modification and disclosure.
In this context, CFA Society Sri Lanka in collaboration with Ernst & Young will be hosting a panel discussion with Mr. Jayantha Fernando, General Counsel, ICTA, Director, Sri Lanka CERT and Mr. Nakul Chopra, Associate Director, EY Global Delivery Services, Ms. Suhadini Wickremasinghe, Head of Compliance, NDB Capital Holdings Limited with Mr. Shanaka De Silva, Senior Director of EY Sri Lanka as the moderator on Sri Lanka DPA to provide a viewpoint from industry experts on the salient requirements of the newly enacted privacy regulation, journey of other organizations who have undergone similar transformation due to enactment of EU-GDPR and share insights on privacy framework and methodology organizations should consider.
Mr. Dinesh Warusavitharana CFA President of CFA Society Sri Lanka commenting on the Panel discussion stated, “The world of finance is progressing through rapidly expanding technological advances resulting in the creation of new business models like crowdfunding, peer to peer lending, digital currencies, mobile banking, online investment, and new-age digital payment systems. The application of intrusive technologies like artificial intelligence, robotic process automation, blockchain, cloud computing has enabled a data-driven culture in the financial services sector. In this context, a discussion on the DPA is of critical importance to assess the impact of it on the industry.”
Arjuna Herath, Partner and Head of Consulting of EY commenting on the event stated “With the help of data analytics techniques fintech organizations utilize large sets of personal data (demographic, location, cookies, online purchase history, credit history, etc) as a revenue-generating stream to generate better customer insights, offer personalized products, tailored digital marketing and many more. Additionally, cloud computing has enabled the storage of petabytes of data in online repositories and accelerator processing speed through on-demand computing power. Hence, EY is pleased to be associated with the CFA Society Sri Lanka to enlighten the financial services industry on how to grapple with the DPA in the context of the progressive nature of the industry”
Board audit committee members, risk committee members, internal audit risk and compliance professionals, human resource personnel, IS/IT professionals, other decision-makers, and interested parties are invited to join this panel discussion organized by the CFA Society Sri Lanka on 08th of April 2022 at 3.30 pm.