IBS Journal January 2018

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

26

Ravindran from Virtusa says: “Again, it is about giving that control back to the customers – we’re talking to quite a few customers about how we ensure that customer data is stored privately. Not only from a data regulation perspective, but something as simple as an Excel sheet that is on the SharePoint. There could be a disgruntled employee, who could just leak or manipulate data. There’s a lot of the social element as well, and the company would be liable for that! Look at how Donald Trump’s verification check was disabled by a Twitter employee!”

GDPR requires that there be one copy of customer data, rather than scattered, unconnected records throughout the institution. That puts pressure on traditional “silo oriented” systems, where the loan origination records are completely separate from the credit card data and from the deposit accounts, according to Bergal from Avoka. “This is a complex problem, and not one that will be remedied by the May 2018 deadline. GDPR will put pressure on banks to gradually move to integrating their customer records.”

Re-thinking data through tech

It’s hard to say if individual banks are ready, as few of the capabilities have been publicly exposed to date. It appears as if banks are still trying to understand the regulation, and what can be realistically deployed. “I don’t think anyone expects full compliance across the industry as of May,” states Bergal. This is interesting, as Watson’s view is quite the opposite. He believes that there will be very little room to wiggle by May, and that financial institutions should be more than ready!

“Make personal data transparent and easy to access, but keep it absolutely secure. The two sound like they are diametrically opposed,” Bergal sayss. Avoka’s CMO sees a few areas where banks will have to work on: firstly, digital and mobile interfaces, so as to keep up with all of the rights prescribed by GDPR; secondly, digital identity verification to prevent fraudulent access, using biometric factors; and thirdly, agility in the implementation of features that doesn’t impact back-office systems, to keep up with the quick pace of regulation change.

As Bergal told us, the more systems, the more complex the problem. He believes the back-office systems will necessarily evolve more slowly in response to GDPR.

Customer facing systems are an opportunity for banks to move more quickly, show progress to their customers, and potentially differentiate. That also implies a potentially bigger problem for the bigger banks, as they will naturally have more numerous and larger systems.

Don Bergal, chief marketing officer (CMO) Avoka

“In fact, the whole GDPR process would be impossible without fintech systems,” says Bergal. “So, the compliance effort will involve creation of new customer experience systems to deliver the customer Rights directly to them, and to implement them in the back office.”

Bergal believes that tech and new regulation go hand in hand; “Because much of GDPR is technology dependent, the challenger banks which have grown up around technology as a delivery vehicle will be in best position to comply. Newer systems, service based architectures, and experience rapidly innovating will put them in a position to lead. This may mean greater market appeal for the challengers, as customers could see the greater openness that they project as outweighing any perceived risk from being a non-traditional financial player.”

Watson points at how even some fintechs may face unexpected bumps in the process of being fully compliant, despite the fact that many of them were created in the light of the new possibilities that regulation presents. As Watson explains, some of these fintechs will need to re-evaluate the process by which they utilise consumer data, as it is likely that a good share of them don’t match GDPR standards. However, in most cases, the solution will be as simple as going back to the customer and requesting explicit consent.

www.ibsintelligence.com | © IBS Intelligence 2018

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44