Presently focusing almost exclusively on helping Cayman Isl./other offshore-domiciled hedge fund & private equity firms, as well as those onshore in the U.S., EU & the EU, comply with the EU GDPR, as well as its existing or about to become effective progeny on both sides of the Pond (incl. NY DFS cybersecurity rules, Cayman Isl. Data Protection Law, the CCPA, etc.).
Specifically, GCRCG's unique yet common-sensical, non-jargon low-cost, technology-based "two-step" approach seeks to help such fund's Boards/General Partners make fully-informed enterprise-wide decisions effectively manage cybersecurity, data protection & privacy risks posed by 3rd-party supply chain service providers/vendors to which are outsourced critical functions.
In an era of trusted partners in an inter-connected world facing this never-ending challenge due to ever-increasing hacker sophistication, this process resulting in independent, unbiased & objective adequacy confirmation will allow for such funds, amoung others, to meet the ultimate demand of regulators for market integrity.
As or more importantly reputation- & revenue/profitability growth-wise (part. if a competitive edge comes to exist for funds after adoption of GCRCG's "two-step" approach makes raising new money to grow AUM), it will look to address institutional investor safeguarding expectations to manage operational risk as to their PII- plus what is NOT covered by the scope of these mandates: equally highly confidential, market-sensitive buy-side trading and related information.