Don Bergal, CMO, Avoka
In a digital age of consumer empowerment, the dynamic of power is moving increasingly into the hands of the individual. GDPR is no exception. The new data protection rules, coming into effect on 25 May 2018, put customers in control of their data, with the right to access, update and (in some situations) remove the data companies hold on them within their internal databases.
For financial services firms, GDPR provides a potential catalyst to regenerate key front-end systems and processes of customer engagement, acquisition and management. GDPR is not solely a compliance challenge – it’s a customer relationship opportunity.
Although the vast majority of customers will be unaware of the finer details of GDPR, firms that offer a simple experience, and those who make the process of managing personal information transparent, will be perceived as offering a better customer experience, better service and will be considered easier to work with. For an upcoming generation of customers who are more digitally savvy than ever before, a superior GDPR interface will be a competitive differentiator.
One of the core tenets of GDPR is putting control in the hands of the customer rather than the institution. The level of transparency, giving a customer visibility of the records held, is enhanced. As such, there is a need for systems which allow customers to access, update and withdraw their data, whilst holding this information securely and in compliance with regulatory change. Banks need the ability to rapidly adapt, quickly introduce new features, modify the customer experience and address variations across products and geographies.
Many banks currently hold data on disparate systems and, the more systems, the more difficult it is to hold, manage and grant customers access to their data securely.
In other words, firms need to make data accessible, available in one place, and secure.
Impact on future development
GDPR creates a long list of new requirements that push the cost and risk of “development from scratch” beyond the reach of some financial institutions. This also places critical importance on agility. With the new and complex regulation, there will be a steady stream of changes required in any institution.
With the right technology systems in place, new digital and mobile interfaces that allow customers to access all the rights allowed to them by GDPR, whilst keeping their data secure, are possible. For example, by creating systems of strong authentication, new technologies such as digital identity verification can be integrated into data management systems to prevent fraudulent access.
It’s also important to be realistic: the regulations are so wide, and coming so fast, that financial institutions will not be able to implement a perfect system on day one. They will need agile systems that allow their customer experience to evolve continuously, while not impacting the back-office systems of record that naturally move much more slowly and are difficult to change.
Customer facing systems are an opportunity for firms to move more quickly, show progress to their customers, and potentially differentiate – but only if they utilise and integrate new technology into their data management system. Brands that embrace GDPR and the opportunities it brings, not solely view it as an inconvenience, will win greater customer confidence and achieve more brand integrity and business growth.
For more information read our GDPR FAQs.