Strict consumer data Privacy and security regulations aren’t new to the financial services sector. However, the upcoming European Union General Data Protection Regulation (GDPR) and ePrivacy regulation add a new layer of complexity to existing practices, forcing financial service professionals to depart from business as usual when it comes to customer data. These regulations apply not only to banks and financial service companies in Europe, but also to U.S. banks that offer any services to EU residents and vice-versa.
For financial service marketers, GDPR’s tightening of data Privacy rules seems at direct odds with a simultaneous mandate to innovate their digital strategy and deliver better customer experiences with data. On one hand, customers demand highly personalized marketing, yet are rightfully concerned about the security of their personal and financial data across channels, devices, and data owners.
GDPR creates new challenges for marketers that use data to target customers. Two factors compound this concern. First is the increased power granted to regulators to enforce these new rules—and impose significant fines for non-compliance. Second is the expansion of regulations to companies that control data of EU customers—regardless of the company’s location.
However, for financial services brands that prepare today, there are corresponding competitive advantages and opportunities to seize when GDPR goes into effect next year. Better privacy of personal data and better personalized marketing aren’t mutually exclusive.
Here are three GDPR challenges and opportunities that financial service brands must tackle today to prepare for GDPR.
Post GDPR, financial service brands will no longer be able to fall back on implied consent or opt ins to collect, use, and share personal data. This is a challenge because behavioral data (e.g. general website browsing) and transaction-related data (e.g. logging into online banking to complete a transaction) are rich sources of information used to build customer profiles and segments.
Marketers can use profiles and segments to target customers with personalized offers for loans, accounts, credit cards, insurance plans, and other products. With GDPR, banks and financial service brands will need to obtain explicit consent (opt in) from customers before continuing to collect data for this purpose.
This challenge is increased by the fact that consumers may also at any time request the financial service brand to permanently delete their data across all systems.
While marketers have targeted customers with data for a long time, most customers are unaware how these practices work. GDPR provides an opportunity for financial service brands to increase transparency with customers. The opportunity goes well beyond compliance to avoid fines, and marketers can take a proactive stance with data protection and privacy communication as a true market differentiator.
GDPR mandates that companies redesign and change how they communicate privacy disclosures to customers. Doing so in clear and transparent ways will create more general trust. This will increase the probability customers opt in to have their data shared. It will also make customers more comfortable and trusting when transacting business and sharing data across multiple digital channels and devices, which in turn will provide better data for personalized marketing.
“Big data” has circulated the marketing world for years. More recently, “smart data” came to the fore, as companies realize that actionable data is most important.
Under GDPR, financial service brands will be required to get even “smarter” about their data. This is because they’ll only be allowed to collect and process the minimum amount of customer data that’s absolutely necessary for a specific purpose.
This is a challenge as it requires financial service brands to adopt a more lean and deliberate approach to all of their customer data.
