The British decided! On June 23, 2016, the people of the United Kingdom voted to withdraw from the European Union.
Now what does this mean?
Shared service centers, which should operate on a transatlantic level, are often located in the United Kingdom or Ireland. Here, the language is not a barrier, but a link between the old and new world.
If you look closely at the UK, it is obvious that the financial industry is of utmost importance to the country, and this industry processes a large amount of personal data. When Great Britain withdraws from the EU, and thus also from the EU General Data Protection Regulation, questions arise regarding the processing of this data.
From now until the completion of Brexit, companies will not face a gap in compliance for data transfers. However, things will get interesting when the EU Commission determines the appropriate level of data protection for Great Britain. The EU Commission makes this decision for every country outside of the EU/the EAW (the third countries).
European companies will likely regard Great Britain with suspicion as a member of The Five Eyes countries, and pass on the uncertainty regarding the level of data protection. (Read a colleague’s take on the retail implications here.)
The bottom line is that large parts of the banking world may turn their backs on the island. And should the IT functions of companies process the personal data of EU citizens, those companies would be well advised to move their processing capacities to Central Europe.
The costs for European customers will increase, and the financial industry — Great Britain’s prospering industry — could experience job losses as well as a deterioration of the economic situation.