GDPR fines and how SMEs can finance the compliance to avoid them
Businesses are struggling to comply with GDPR and the focus of regulators is set to fall on SMEs. One of the main reasons why smaller firms are dragging their heels is the cost. Alternative finance can help them afford the upgrading they need to avoid a GDPR fine.
According to several new studies, a year after the introduction of GDPR, the majority of businesses are still not fully compliant with the legislation. The surveys show that only a limited number of companies have changed corporate policy in line with the regulation and that the likes of data storage methods, data retrieval systems and data storage and protection are in need of improvement.
This non-compliance has brought fines across the industry spectrum. While the focus of regulators so far has been predominantly on large corporations (Uber, BT, Google, etc.), which have been hit with some eye-wateringly high fines, it is only a matter of time before their attention turns to smaller companies.
The sluggishness surrounding compliance is attributed to a number of factors, including not knowing what full compliance entails, not taking GDPR seriously and the failure of regulators to properly enforce standards. Another factor that can be added to this list, which is particularly relevant to smaller businesses, is the cost.
Complying with GDPR can require considerable investment, including in reviewing and upgrading systems and practices, and in staff training. Given the current market climate and the pressure being applied by a raft of other policy and non-policy costs, finding the capital needed for such investment is far from easy for SMEs.
This is where alternative finance can help.
In the wake of prolonged caution from traditional lenders, a position that Brexit has helped to entrench, alternative finance facilities such as invoice finance, asset finance, peer-to-peer lending and crowdfunding are providing small businesses with access to capital for vital investment, including in new GDPR-compliant systems.
Looking through the findings of the various new surveys, it is not all negative with regard to GDPR compliance. Indeed, there are many positive takeaways: a study from Shred-it found that nearly 70% of SMEs are very aware of GDPR requirements and that many key aspects of operations have been reviewed. Furthermore, there’s still time to comply.
However, at the same time, it is clear that more action is required, both from small business owners and regulators. For example, more education on what full compliance actually means and the benefits of compliance would seem to be a wise move. And this point brings the focus, in part, back to costs.
In today’s marketplace, where the focus on cybersecurity grows stronger by the week, the need to protect company and customer data, and comply with the relevant regulations is clear. For small business owners to achieve this compliance and avoid fines, they need to be aware of all the funding options available to them, including alternative finance.
To find out more about A&T Business Associates services, contact Steve Bowles on 01903 602211 or steve.bowles@atbusinessassociates.co.uk.