Abstract

The Accountability Principle of the GDPR requires that an organisation can\ndemonstrate compliance with the regulations. A survey of GDPR compliance\nsoftware solutions shows significant gaps in their ability to demonstrate\ncompliance. In contrast, RegTech has recently brought great success to\nfinancial compliance, resulting in reduced risk, cost saving and enhanced\nfinancial regulatory compliance. It is shown that many GDPR solutions lack\ninteroperability features such as standard APIs, meta-data or reports and they\nare not supported by published methodologies or evidence to support their\nvalidity or even utility. A proof of concept prototype was explored using a\nregulator based self-assessment checklist to establish if RegTech best practice\ncould improve the demonstration of GDPR compliance. The application of a\nRegTech approach provides opportunities for demonstrable and validated GDPR\ncompliance, notwithstanding the risk reductions and cost savings that RegTech\ncan deliver. This paper demonstrates a RegTech approach to GDPR compliance can\nfacilitate an organisation meeting its accountability obligations.\n