Its been six months since the General Data Protection became law of the land at least in the European Union and yet the majority of companies that must be in compliance with that mandate are woefully unprepared A report from IT Governance at the end of last week showed that only 29 percent of firms in the EU have fully implemented the GDPR tenets and the lack of full compliance means that possible penalties loom to the tune of four percent of a fined firms annual top line The report surveyed more than 200 firms across a range of industries As reported by TechRepubiccom as many as 60 percent of the firms that responded said they were aware of the fact that they must respond to data subject access requests but only 29 percent said they had concrete plans in place to address the rules by which they must respond to those requests If those requests are not handled per the GDPR rules complaints can be filed and the hefty aforementioned fines could be in the offing In other findings of the IT Governance report 75 percent of firms said they had conducted at least some parts of a data flow audit used to gain insight to data risks As far as security is concerned the roughly 61 percent of firms said that they had basic controls in place to contend with data breaches with 50 percent of firms stating that they have plans in place to notify supervisors in the event of such breaches It is discouraging to see so many organizations understanding the GDPR and its applicability to their businesses but failing to comply Alan Calder founder and executive chairman of IT Governance said in a press release that accompanied news of the report May 25 should have been the wakeup call but its not too late to begin your compliance journey The time is now Elsewhere in Europe and in company-specific news regulators in the European Union have looked at Apple Pay in reference to market dominance The verdict No market dominance is evident but the issue could be revisited again in the wake of any future formal complaints That comes as the mobile service has expanded to 10 countries in the EU after its 2014 launch The examination came in wake of some outcry over the fact that the tech giants iPhones use embedded near field communication chips that select Apple Pay automatically and to the exclusion of rivals payment offerings Said European Commissioner for Competition Margrethe Vestager when we were looking at it at first glance we couldnt see Apple being dominant That doesnt exclude in the future that we will have a second look But when we looked some time ago we didnt find the necessary evidence to start a case she said Obviously if we had official complaints we would take that seriously because the entire payment market is a very important payment market The issue is currently being investigated by the Danish Competition Authority Separately The Financial Times reported that the UKs Financial Conduct Authority has placed in force new rules that are geared toward helping victims of authorized push payment fraud Push Payments Fraud in the Crosshairs In those instances fraudsters convince victims through the use of text messages purportedly from banks to make payments to the bad actors accounts There have been more than 43 000 documented cases of such fraud in the UK in the past year and the cost has been tallied at more than 236 million pounds Now banks and payment services providers may have to step in and compensate victims of such schemes The Financial Times reported that FCA Executive Director of Strategy and Competition Chris Woolard said in a statement that the FCA takes APP fraud and the harm it causes to consumers very seriously Now victims of APP fraud can make a complaint to the PSP receiving their payment and if theyre not satisfied with the outcome can refer their complaint to the Financial Ombudsman Service LATEST INSIGHTS Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation thats reshaping the payments and commerce ecosystem Check out the latest PYMNTS report on driving gas pump payments to the C-Store compliance Cybersecurirty data privacy FCA GDPR IT Governance News Push Payments regulation regulatory tracker