Today, many consumers live their lives online – something which has been accelerated further by the Covid-19 pandemic. You can shop, work, bank and even socialise all through the internet. But this reliance on the digital world puts a sharp focus on data protection and privacy.
With hefty fines for getting it wrong, protecting consumer data is an important responsibility for financial institutions. So what impact is digitization in banking having on data protection? As part of our recent Spotlight Session, our panel of experts explored just that.
“Customer trust around data security is a make or break factor, and especially in today’s increasingly digital world,” says Liz Pellegrini of Salesforce. “For me, it could be summed up in 1 motto, which is ‘no trust, no data’.
“Essentially what we’re seeing today – especially with the Covid-19 pandemic coupled with the technology-savvy, digital-native younger generations that are today’s teenagers and young adults – the trend to everything [being] digital has accelerated dramatically.”
Pellegrini believes that data considerations for business continuity and resilience should be three-fold. First there is transparency. It’s important for financial services providers to ensure that they have an easily accessible data privacy policy on their website, and that it’s updated regularly. It should be easy for customers to find out how, why, by whom and for how long their data will be processed and remain in the company’s systems.
Second is data strategy and internal governance. This should go beyond just the IT team to include the legal department, customer service and more. There should be investment internally in specialised resources for data security, business continuity and resilience. There should also be measures in place to manage a security incident such as customer data loss.
The final element is due diligence with suppliers. It’s vital to outsource the right specialised skills, as the stakes are so high. Some fintechs have made it their sole focus to help financial services with specific aspects of data regulation – be it Know Your Customer (KYC) or biometric identification. Make sure you pick partners with similar values – transparency, robustness, trust and agility – and ensure they comply with internal processes that are as good as yours.