The Global Data Protection Regulation applies from May 2018 and contains many requirements relating to the personal data. Controllers and processors of data in scope must comply with the rules wherever they are located, with heavy penalties for non compliance. The European Commission has issued this info-graphic which summarises the rules. This page on the UK’s Information Commissioners office provides more detail.
Some of GDPR intersects with the requirements of rules such as MiFID II. In particular parts of MiFID II relating to personal data may appear to contradict GDPR, for example in the amount of time that records must be kept. This article on the EURACTIV web site examines such intersections.
The issue of the intersection between MiFID II and GDP will be discussed on the regulatory panel at next week’s International Commodities and Derivatives Association conference being held at Bürgenstock(see here).