How developments in AI intersects with data security, privacy and ethics, especially in light of your proposed analytics project. How the data can be sourced ethically and securely;

Report and Presentation

Your Task

Consider below information regarding the National Australia Bank data breach.
Read the case study carefully and using the resources listed, together with your own research, complete:

  • A (Industry Report)
  • Part B (Application for data access presentation)

Assessment Description

ECB sanctions ABANCA for failing to report cyber incident within deadline

The European Central Bank (ECB) has imposed an administrative penalty of €3,145,000 on ABANCA Corporación Bancaria, S.A. (ABANCA) after it knowingly failed to report a significant cyber incident to the ECB within the prescribed two-hour deadline outlined in the cyber-incident reporting framework implemented in 2017.

In February 2019 ABANCA became the target of a cyber-attack when its IT systems were infected with malicious software. ABANCA responded by temporarily suspending internet and mobile banking services, ATM services and SWIFT payment services, among other measures.

Despite being aware of its reporting obligation and the significance of the cyber incident as early as 26 February 2019, the bank submitted the required report on the incident 46 hours after the prescribed deadline. The bank`s omission hindered the ECB`s ability to properly assess ABANCA`s prudential situation and to react in a timely manner to potential threats to other banks, what could have had potential consequences on the reputation and the stability of the banking sector as a whole.

The entity promptly addressed the effects of the cyber-incident at the time it occurred. The ECB notes that the penalty relates solely to the breach of a reporting obligation in February 2019 and does not entail any assessment of the soundness of the bank`s existing IT systems.


As an analyst within ABANCA, you have been tasked with considering ways in which customer data can be used to further assist ABANCA with its marketing campaigns.

As a further task, you have been asked to consider how ABANCA could potentially assist other vendors interested in the credit card history of its customers.

Assessment Instructions

Part A: Industry Report (1800 words)

Based on your own independent research, you are required to evaluate the implications of the European legislation such as GDPR on ABANCA`s proposed analytics project and overall business model.

Your report can be structured using the following headings:

Data Usability

  • Benefits and costs of the database to its stakeholders.
  • Descriptive, predictive and prescriptive applications of the data available and the data analytics software tools this would require.

Data Security and privacy

  • Data security, privacy and accuracy issues associated with the use of the database in the way proposed in the brief.

Ethical Considerations

  • The ethical considerations behind whether the customer has the option to opt in or opt out of having their data used and stored in the way proposed by the analytics brief
  • Other ethical issues of gathering, maintaining and using the data in the way proposed above.

Artificial Intelligence

  • How developments in AI intersects with data security, privacy and ethics, especially in light of your proposed analytics project.

It is a requirement to support each of the key points you make with references (both academic and "grey" material)

Use the resources provided as well as your own research to assist with data collection and data privacy discussions.

Part B: Presentation (5 minutes)


You are required to prepare a presentation of 6 - 12 PowerPoint slides. You are an analyst at ABANCA
You have identified a way in which you can use customer data to inform customers of bank offers and offers from other vendors, based on their credit card spending history.

Although it`s ABANCA`s own data, regulators and legislators are becoming increasingly concerned about the way in which certain types of analytics projects can infringe on privacy, individual rights and potentially be in contravention of the GDPR and other legislation.

Create a presentation of approximately 5 minutes in which you discuss how ABANCA plans to use this data and the broad implications involved.

Discuss the issues below, and imagine you are communicating this presentation to government (regulators and / or legislators) as your primary audience.


  1. Why you want the data and the resulting benefits to your customer base;
  2. How the data can be sourced ethically and securely;
  3. How you will keep the data safe from the type of attack on customer data outlined in the article above.
  4. How you will use your analytical findings in an ethical way.