With every change in business, technology and regulation comes an opportunity to innovate and differentiate. With consumers mistrusting brands with their personal data and the GDPR only a year away – now is the time to embrace the opportunity ahead. However, there are a lot of ideas that lack imagination, creativity and good sense. A case in point was an article in Banking Innovation this week. According to Mike Cook, CEO of XOR Data Exchange there are two types of data:

“The first is PII [personal identifiable information], so things like my name, my address, email, or phone number — so what makes up the consumer. And if a consumer says that I don’t want that out there, even if it is correct reporting, they should be able to take it off”

Agreed. The bank needs PII to service their customers but any other use of personal data at an identifiable level needs the consent of the customer. Cook goes on:

“The second kind of information is experiential: data on payments, shopping habits, and other behavioural aspects. That information, I think, is owned by the one who creates the data, whether it’s the bank, or the card issuer, or the wireless career. Banks can’t pass on my information, if they can’t match it to my PII, but if I am the bank, and someone is asking me for that financial data, I think I should be given the right to decide.”

Cook assumes the data is created by the bank. In part it is, but without the customer there would be no data. I would contend this is shared data between the customer and bank. As such, the bank has no right to pass this information to a 3rd party without the consent of the customer. This kind of behaviour will create high levels of distrust between the bank and customer.

Creating customer value

A more enlightened approach would be to bring the customer into the data sharing agreements. The bank, if it has its customers’ best interests at heart, should only think about sharing personal information with 3rd parties that can add value to the customer. Presuming this, the bank could orchestrate that “value” (e.g. a life outcome like buying a house) for the customer via its partner relationships. A strong value exchange and full transparency for the customer are absolutely necessary.

Cook’s final thoughts:

“If a consumer wants the data to better manage their financial lives, that’s good for the bank, but if they want the data to switch lenders, as a bank I wouldn’t want the data to go out there,” he said. “I invested in that consumer to get the data, and it shouldn’t be used to steal away from me. So FIs should be allowed to set permissions on what the data can be used for.”

If a customer wants to end it’s relationship with the bank that’s their choice and they should be able to use their data to find a better provider. This should be expected in markets that are acquisition driven and under-value existing customers (mortgages are classic example). The data created during the course of that relationship is shared between the bank and customer. The bank will be using this data to improve its products and services. The customer should also be able to use this data to improve their own position. The very idea of the customer “stealing” their own data from the bank is preposterous.

The customer or the data?

The statement, “I invested in that customer to get the data”, does not make sense. No one invests in customers to get data. The bank invests money to attract new customers to their services. But any profitable business would off-set those costs against the life-time value for that customer. If the bank is not making a return on the money they invest they are not a viable business. So this is not a valid argument.

To argue that Financial Institutions (FIs) should be able to set permissions on how the customers use their own data, is frankly, ridiculous. With the GDPR round the corner, the customer has to consent to specific uses of their data, including sharing with 3rd parties. Personal data will also have to be portable meaning the customer gets a digital copy of their data they create with companies like banks.

The opportunity ahead

The UK banks are already working on standardised personal APIs to give people access to their data. Banks should become more like data companies to help their customers get more done in life beyond the transactional. This is why thinking like Cook’s is not helpful to building products and services customers love and businesses can profit from. This is a huge innovation opportunity for banks that they should be embracing rather than fighting.

Photo Credit: Luis Llerena


Also published on Medium.