{
  "docId": "019dd923-5e88-73ef-bd58-07b375a7cd5b",
  "docSlug": "335ba522863769dc",
  "documentTitle": "Banking and capital markets trends 2020: Laying the foundations for growth",
  "authorId": "PwC",
  "authorName": "PwC",
  "documentKindSlug": "consulting-deck",
  "documentKindLabel": "Consulting deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "landscape",
  "aspectRatio": 1.414,
  "pageNumber": 27,
  "pageCount": 88,
  "prevPage": 26,
  "nextPage": 28,
  "slideType": "risk_register",
  "function": "diagnose",
  "density": "overcrowded",
  "nDataPoints": 0,
  "notes": "PwC internal audit planning slide from 2019.",
  "elementsJson": [
    "headline_text",
    "paragraph",
    "bullet_list"
  ],
  "metadataConfidence": 1,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5e88-73ef-bd58-07b375a7cd5b/27",
  "deckHref": "/decks/019dd923-5e88-73ef-bd58-07b375a7cd5b",
  "deckJsonHref": "/decks/019dd923-5e88-73ef-bd58-07b375a7cd5b.json",
  "deckAnchorHref": "/decks/019dd923-5e88-73ef-bd58-07b375a7cd5b#slide-27",
  "components": [
    {
      "bbox": null,
      "kind": "callout",
      "text": "GDPR is much more than a one-off change programme, or a series of business activities designed to avoid a fine – it's the reality of today's modern, customer-centric business.",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd952-3be5-7612-8a29-9e672a6f993b",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.03,
        "w": 0.1,
        "x": 0.05,
        "y": 0.42
      },
      "kind": "list",
      "text": "Key risks",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "29e3a8d4-8011-4ce3-b0db-ceff984eb30e",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.15,
        "w": 0.92,
        "x": 0.05,
        "y": 0.78
      },
      "kind": "list",
      "text": "Assess compliance; Review GDPR risk appetite; Assess adequacy of governance; Assess strength of policies; Deep dives into specific areas; Assess readiness for transfer; Assess ability to comply with other regulations",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "39dadd82-111b-440c-b2fa-fac4390497f0",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.25,
        "w": 0.92,
        "x": 0.05,
        "y": 0.45
      },
      "kind": "list",
      "text": "Lack of sustainability; Incomplete implementation; Cross-regulatory requirements not known or breached; Lack of ownership; Lack of, or incorrect consent obtained; Poor conduct; Data breaches; Data subject requests not processed; Lack of third party management; Brexit",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "48cecb9a-d6af-4b1a-b0dc-eb89c492efe4",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.03,
        "w": 0.2,
        "x": 0.05,
        "y": 0.75
      },
      "kind": "list",
      "text": "Internal audit focus areas",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "bbd915a5-6a8e-4d63-8fe2-804c3fcec33c",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.15,
        "w": 0.45,
        "x": 0.52,
        "y": 0.25
      },
      "kind": "paragraph",
      "text": "Recent enforcement actions from the Information Commissioner's Office (ICO) send two clear messages; firstly, that the ICO has a highly competent team of data protection, cyber security and direct marketing specialists; and secondly, firms holding personal data will be held responsible, regardless of why they, or a third party, were holding it or how they lost it. This has put data protection, and specifically data breach preparedness back to the top of Board agendas.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "737afcd0-ae65-49ef-8643-0cd99ab0c9b2",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.15,
        "w": 0.45,
        "x": 0.05,
        "y": 0.25
      },
      "kind": "paragraph",
      "text": "The General Data Protection Regulation (GDPR) in the EU introduced the largest change to data protection legislation since the European Data Protection Directive in 1995. The potential for heavy fines featured large in media headlines and firms undertook wide-scale privacy change programmes in preparation for the GDPR go-live date of 25 May 2018. But, GDPR is much more than a one-off change programme, or a series of business activities designed to avoid a fine – it's the reality of today's modern, customer-centric business.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "b63eaa4a-15d0-4191-8f3f-765f6354b0d6",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.05,
        "w": 0.15,
        "x": 0.05,
        "y": 0.06
      },
      "kind": "title",
      "text": "GDPR",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "07199815-66a3-4d2e-85ce-90d684d1b7c5",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [
    {
      "name": "List presentation",
      "slug": "list-presentation",
      "agent": null,
      "layer": "slide",
      "matchId": "5da5c3f4-8e01-4122-b6a0-38e8d7c75ef0",
      "evidence": "The slide contains multiple list/bullet components with several items, indicating a list presentation.",
      "confidence": 0.9
    }
  ],
  "frameworks": [],
  "arcBeats": [
    {
      "to": 66,
      "from": 18,
      "beatId": "88b6734e-092d-4991-8706-5639248f97fb",
      "arcName": "Problem-Agitate-Solution",
      "arcSlug": "problem-agitate-solution",
      "beatName": "Evidence",
      "beatSlug": "evidence",
      "evidence": "The document provides evidence and analysis on various topics, including governance, risk management, and regulatory compliance.",
      "position": 2,
      "confidence": 0.8,
      "parentBeatName": null,
      "parentBeatSlug": null
    }
  ],
  "loops": [
    {
      "to": 31,
      "from": 26,
      "name": "Cost Of Inaction",
      "slug": "27-cost-of-inaction",
      "bestFor": "Urgent budget requests, compliance, risk mitigation",
      "matchId": "12092501-2d7d-48e8-9f33-454d34cb634a",
      "evidence": "The document highlights the potential consequences of not addressing risks, such as financial crime and operational resilience.",
      "position": 1,
      "objective": "What are the consequences of not addressing these risks?",
      "structure": "The Status Quo -> The Hidden Costs Accumulating -> The Future State of Inaction -> The Tipping Point",
      "confidence": 0.6,
      "description": "Quantify what happens if the audience does nothing"
    }
  ],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}