Story image

Six common compliance challenges A/NZ businesses face today

03 Aug 17

Hitachi Data System has released the findings of a new report prepared by technology law firm, Fieldfisher LLP.

The researchers reviewed data retention obligations in Asia Pacific and the principles that have influenced a rise in common requirements for data capture, storage and management.

New global legislation, such as the Markets in Financial Instruments Directive II ("MiFID2"), Dodd-Frank and, looking ahead to 2018, the General Data Protection Regulation ("GDPR"), further extend the influence and power of regulators, the report claims.

Paul Bruton, business director, data intelligence, Hitachi Data Systems, Asia Pacific says that regulators today have an even more sophisticated understanding of the power of technology in advancing the compliance agenda.

As the report explains, this results in increasing regulatory requirements, for example mandating more and faster reporting, real-time data capture, and strict management of the deluge of data introduced by digital transformation.

“Businesses in A/NZ face a significant challenge with the GDPR changes coming into effect next year, and let’s not forget the far-reaching consequences of Australia’s new data breach laws,” adds Bruton.

“Now is the time to determine the roles and responsibilities in the creation and management of data within the organisation, factor these requirements into an effective data strategy, and turn the compliance conundrum into an opportunity for digital transformation and innovation.”

The paper identifies six key compliance challenges that enterprises and government agencies need to address:

1.    Capture and management
2.    Access and availability
3.    Privacy and security
4.    Integrity and authenticity
5.    Retention and preservation
6.    Disposal and defensibility

The Fieldfisher report also looks at the implications of legal frameworks for Australian and New Zealand enterprises, including the Australian Privacy Principles (“APP”) and the Information Privacy Principles (“IPP”) in New Zealand.

Simon Briskman, partner at Fieldfisher comments, “In comparison with many countries in Asia Pacific, Australia is well advanced in access and disclosure requirements. Australian law in the area has a long evolution.”

“For example, the Australian Corporations Act 2001 lays down extensive obligations for the preparation of financial reports. Regulators such as the Australian Securities and Investments Commission and the Office of the Australian Information Commissioner ensure Australia meets broad international standards on information security, data management, record keeping, disclosure and data quality.”

He says both Australia and New Zealand have legislation allowing electronic communications to be admitted in evidence in court, and there have been significant changes to the privacy laws in both countries.

“Overall, the landscape is one of increasingly sophisticated regulation that requires specific compliance solutions. Technology has become a vital part of those solutions.”

In data retention and record keeping requirements, Australia and New Zealand are in the middle bracket, with the Australia Corporations Act 2001 and the New Zealand Companies Act 1993 requiring records to be kept for at least seven years.

The period of retention varies widely across the Asia Pacific region; in Singapore the minimum is five years, in Hong Kong and India 10 years, and in China records can be required to be retained permanently, depending on the nature of the record.

Will 2019 be the year of network evolution?
An A10 Networks exec talks 5G, software-defined networks, and the continuing evolution needed for a modern cloud environment.
ZTE takes the lead in the global race to 5G
ZTE took the lead in completing the IMT-2020 third phase 5G test for core network performance stability and security function.
IDC: Relevance is combining strategy, creativity and IT services
IDC reveals the Top 10 Asia/Pacific predictions to impact IT and business services sourcing in 2019 and beyond.
How IIoT is creating opportunities for RFID companies
The growing demands for automation and digitisation are creating considerable growth opportunities for RFID vendors.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
Exclusive: Why Australia’s IT industry needs to invest in SMBs
"With SMBs generating employment for over five million Australians, it comes as no surprise that they play a vital role in the nation’s economy."
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.