Connect with us

Business

6 STEPS FOR BUSINESSES TO ENSURE THAT THEY ARE DATA COMPLIANT

By Alex Hazell, Acxiom UK head of legal

Data compliance can be a complex – and ever changing – consideration for marketers in all sectors.

And today, where a data-driven, personalised approach is the answer to create outstanding customer experiences that beat those of competitors – as well as a crucial governance consideration – it has never been more critical to understand data compliance, and get it right. This is particularly true in financial services, where neobanks and fintechs are using data-driven approaches to gain more and more ground in the sector.

GDPR, CCPA – understanding the acronyms and regulations that apply

With the volume of consumer data of all kinds growing exponentially, understanding how to use it effectively is critical to business performance; and a growing number of governance rules is in force to ensure legal, ethical and responsible use of personal data.

Ultimately these regulations are in place to compel organisations to review and improve how they collect, store and utilise personal data, and to place greater emphasis on ethical practice and individual rights.

For example, in the UK and the EU, the General Data Protection Regulation (GDPR) came into force in 2018 to accompany the e-Privacy Directive that sits alongside it, and is focused on protecting individuals from the unlawful and unfair use of their personal data. Note that the EU is in the process of replacing the current e-privacy Directive with the e-Privacy Regulation.

Equally, the California Consumer Privacy Act (CCPA) came into force as of January 2020 and is a state statute designed to enhance privacy rights and consumer protection for residents of California, USA.

Of course there are many other regulations to consider. For example, when in heavily regulated industries such as finance, firms may have a requirement to comply with other sector-specific regulations and codes such as FCRA, HIPAA, PCI – as well as CCPA or GDPR. Or, they may need to know how to manage sensitive or special category personal data which often requires a higher level of compliance.

And because of the breadth and complexity of these ever-evolving considerations – including, but not limited to eye-watering maximum level fines for non-compliance – data compliance can seem overwhelming. So, how can marketers truly understand what’s required, and stay on top of the rich tapestry of governance and regulations that applies to their organisation?

Six steps to ensure compliant customer data use

At a top level, data compliance requires marketers to take a transparent, considered approach to consumer data, based for the most part on providing varying degrees of notice and choice; for example, in the case of the GDPR, that may be via the consent or legitimate interest grounds.

With this in mind, and a focus on driving relevancy, value and impressive experiences, aimed to surprise and delight, both marketers and consumers can benefit from data compliance – it’s the ticket to better data driven experiences on all sides!

 

So how should data-driven marketers act to be certain of best practice data use, post GDPR and CCPA?

  1. Always put the consumer first. Consumer interests and customer value must always shape how marketers collect, use and protect data, to ensure trust, transparency and compliance.
  2. Work to communicate value. Keep data use balanced across the business, not just in marketing. Always orient toward driving consumer value – to demonstrate and explain the value return that consumers will achieve from a data exchange.
  3. Build trust through transparency. Clear, simple explanations are important to ensure understanding and build trust. So be open and transparent – data used for marketing is a far cry from personal data being used for other more intrusive purposes – and those doing the right thing have nothing to hide.
  4. Ensure responsible, balanced use of data. Organisations need to make sure it has clear internal policies around data ethics, privacy and work to ensure balanced data use everywhere, for true trust. Note that in the case of GDPR, firms need to be able to demonstrate accountability, and data protection impact assessments are often required to ensure the correct safeguards and balances are in place.
  5. Remove data silos. A fragmented tech stack with disparate data makes it hard to truly see what data a company has, where it is, and how compliant it is. Creating a unified data layer and removing silos is the best way to connect the data, ensure data accuracy and hygiene – and unlock seamless customer experiences through greater personalisation. This data combination also needs to be done in a compliant and ethical way.
  6. Prioritise data protection and compliance. Adhering to data privacy legislation is a ‘must-have’ consideration, not a ‘nice-to-have’. As such, it’s critical that marketers put in place a set of accountability measures to ensure responsible and compliant handling, whether they choose to do this alone, or with the guidance of a trusted data partner.

A compliant approach to consumer data and privacy is a critical part of any business strategy – not an optional one – so it’s important to have a roadmap to compliance for the business.

Of course, knowing how to assess, consider, and (where needed) adjust how an organisation hosts, manages and uses data to remain compliant can be a challenge. For this reason, many organisations choose to seek external expertise and advice, and understand the assistance and competitive advantage that a data partnership can provide.

Ultimately, from providing clarity over governance and legislation, to ensuring data processes and technologies are compliant, secure and futureproofed – working with a data partner can help organisations understand and navigate regulations to execute ethical, legal and responsible compliance for seamless, trusted marketing.

 

Business

HELPING SMES ACCESS FINANCE IN EXTRAORDINARY TIMES

Tim Vine, Head of Credit Intelligence at Dun & Bradstreet

 

The closed doors of businesses have become a sadly familiar sight on the high street. With social distancing in force, many of the small and medium-sized enterprises at the heart of the economy have been lockdown was enforced. Unfortunately, it looks like we’re a long way from returning to business as usual.

Access to finance is critical for many small and medium enterprises (SMEs) right now. The government has recognised this with loan schemes that seek to inject much needed cashflow into smaller businesses, and financial services providers are equally looking to offer support.

However, in recent years SMEs have had a tricky relationship with borrowing, lacking confidence with the types of finance and options available. In 2018, nearly half of the UK’s small business owners viewed themselves as permanent non-borrowers (47%). Equally, lenders have sometimes struggled to access the information needed to make robust loan decisions.

Understanding the full range of lending options available will be critical for smaller businesses to make informed borrowing decisions in the coming weeks. Credit reference agencies (CRAs) can play a key role in supporting SMEs, as they secure the finance they need to weather the current storm.

 

Tim Vine

The double-edged sword

The borrowing decisions taken now will impact the financial health of SMEs for many months to come. However, even before the coronavirus outbreak, there were signs that these businesses  didn’t always have the awareness or the information needed to make confident borrowing decisions.

A survey commissioned by Dun & Bradstreet in late 2019 found that 46% of SME respondents seek business loans from the bank, with 25% turning to private investors and 23% to family members or friends. According to research from the British Business Bank in 2019, small business owners had misgivings about the cost (29%), strict conditions (26%) and difficulty (25%) of securing finance – that put them off applying for loans. This left many SMEs facing a double-edged sword when it came to finance: put off by the terms offered by their bank, but not willing to look elsewhere.

Perhaps as a result, finance has been used as a way to keep the doors open, rather than developing the business. Where SMEs were borrowing, it was most often for working capital to continue trading (56%) – rather than to invest or expand. In Dun & Bradstreet’s survey, over half (52%) of respondents believe there is a lack of financial support available to help small businesses grow and succeed. Today, the challenge to survive is tougher than ever in the wake of COVID-19, so it’s vital that SMEs can look beyond one provider to find finance on the best terms possible.

 

Lack of information

Importantly, in 2019 small and medium-sized enterprises were most likely to rely on their own knowledge – rather than external sources – when considering access to finance. When asked about their most common source of guidance, small business owners pointed to themselves – both for choosing the type of finance (35%) and the specific provider (30%). Right now, this could result in SMEs limiting their borrowing options and missing out on the best choice for the business.

On the other side of the fence, banks historically struggled to approve loans to SMEs due to a lack of information about the risk they represent. Unlike larger businesses, SMEs haven’t been required to register at Companies House or publish annual accounts.

However, since the Small Business, Enterprise and Employment Act of 2015, credit reference agencies (CRAs) have had access to information on how banks lend to small and medium-sized businesses. This means that CRAs can act as an independent intermediary between SMEs and lenders, offering information to support robust lending decisions during this critical time.

 

Linking SMEs to lenders

Credit reference agencies can act as an important link between SMEs and lenders. CRAs can provide banks with the depth of data needed to make qualified decisions about offering loans to SMEs, as well as providing greater clarity on how to handle marginal decisions. In other words, CRAs help lenders to say yes as much as possible, to the right business at the right time.

On the business side, credit reference agencies can link SMEs to a wider range of sources for finance, suggesting alternative options and providing clarity over declined applications, to help as many SMEs access finance as possible. Solutions offered by CRAs can help smaller and medium-sized businesses to get a holistic view of their options to make informed decisions – and secure finance on the best terms for them.

Importantly, many CRAs are also taking steps to avoid unfairly discriminating against SMEs due to special measures taken during the pandemic. For example, rating systems will draw distinctions between where SMEs have negotiated approved payment freezes with suppliers and payment defaults, without an impact on credit ratings. This will support smaller businesses’ recovery in the long term.

 

In everyone’s interests

With strict social distancing rules in place, many of the UK’s SMEs may have to face this period of hibernation for a while longer. Access to finance will be vital for meeting financial commitments, protecting jobs and ultimately staying in business until more normal times return.

Right now, it’s vital that SMEs are able to make informed decisions about the finance that they access, including the lender that they choose and the form that it takes. Equally, lenders should be able to make qualified lending decisions, providing crucial cashflow to SMEs that can afford it. By opening up data on both sides, credit reference agencies can act as a critical intermediary and help to keep SMEs in business.

 

Continue Reading

Business

DO MESSAGING APPS PUT THE FINANCIAL SERVICES INDUSTRY AT RISK?

Ashley Friedlein, founder and CEO, Guild

 

Accelerated by the coronavirus pandemic, the use of messaging apps for professional communications has skyrocketed in recent months. Messaging apps have provided a lifeline to organisations, enabling them to support a remote workforce. However, consumer messaging apps have also seen an increase in adoption, and many will be using them for business, as well as personal use.

When using messaging apps in highly-regulated environments, organisations need to be aware of compliance issues in a financial regulatory capacity, while also adhering to laws relating to security, transparency, and data privacy, such as the General Data Protection Regulation (GDPR).

Not doing so puts banks and other regulated entities within financial services at risk of non-compliance, which can result in serious penalties.

In 2017, the UK’s Financial Conduct Authority (FCA) highlighted the risks of using WhatsApp. Guidance from the Securities and Exchange Commission (SEC) followed in December 2018 outlining its responsibility for monitoring electronic messaging, which included messaging apps.

Although regulators have been clear about the risks associated with using instant messaging apps, some financial firms seemingly failed to develop and implement robust guidelines around the use of these services for professional purposes.

Ashley Friedlein

Earlier this year, a senior credit trader at JP Morgan was suspended for communicating with colleagues via WhatsApp, with Jefferies, KPMG, and VTB Capital also finding themselves subject to investigations after employees were found to be using messaging apps as unofficial channels for communication.

Deutsche Bank took steps to ban all text messaging and communication apps to improve its compliance standards, with many others, including HSBC, Citi, and Wells Fargo following suit to move to a secure communications platform. However, while the financial industry is taking steps to prevent the usage of consumer messaging apps, some firms are failing despite the implications of not having a robust policy around the tools used to communicate within a bank or other regulated entity.

 

Data privacy and security

Data privacy laws such as the GDPR and CCPA make the use of consumer messaging apps in the workplace challenging for IT, HR, corporate governance and compliance teams. The financial and reputational cost of misuse in these ‘shadow communications’ channels can be significant.

WhatsApp, one of the most widely used consumer messaging apps, can result in organisations using the platform being non-compliant with the GDPR privacy regulation due to:

  • Lack of explicit consent – anyone can be added to a WhatsApp group without explicit consent. WhatsApp has added functionality to prevent specific users from doing this, but this is not enabled by default. Contacts can also upload data to WhatsApp/Facebook if they give access to their contacts/address book, even though those contacts have not given consent.
  • Lack of ability to delete information – after a certain time, content posted to WhatsApp cannot be removed.
  • Lack of ability to get your own data back (SAR – Subject Access Request) – WhatsApp cannot provide an individual with messages they have posted, only profile info.
  • Data being transferred outside the EU – it is not very clear where exactly WhatsApp/Facebook moves the data it collects.

The use of WhatsApp for business purposes potentially breaches GDPR in several ways.

Companies do not even know what groups exist in consumer messaging apps, let alone who is in them, or whether former employees or contractors may still have access, increasing the risk of data breaches and leakage of confidential information.

 

A lack of oversight and transparency
Consumer messaging apps like WhatsApp, Signal and Telegram have provided unofficial communication channels that are difficult to monitor, resulting in a total lack of visibility for employers and regulators alike.

Access to these unofficial communication channels presents a serious risk by creating opportunities for employees to take advantage of situations This includes conducting business under the radar in a way that benefits them, or their clients in a manner that is immoral, or even illegal. In some cases, sharing information about clients without intending to cause harm can still result in serious consequences.

Firms have a legal obligation to keep a record of conversations between themselves and their employees, clients, or stakeholders. If legal challenges arise, it may be necessary to provide a record of these conversations. Many consumer messaging apps store data locally rather than centrally in the cloud, making it more difficult to provide a complete record of conversations.

In addition, there are also legal obligations and a duty of care to protect employees and ensure adequate levels of oversight, governance and control. This includes protecting them from bullying, harassment, or inappropriate behaviours in the workplace. The lack of visibility and transparency around consumer messaging apps, including the ability to delete messages, makes it more difficult for HR departments and legal teams to address issues promptly, while inhibiting their ability to collect evidence.

Terms of service

WhatsApp is used by over 40% of UK workers for professional purposes. This appears to violate WhatsApp’s own terms of service, as the app is not intended for business use.

WhatsApp’s terms state:

“WhatsApp is committed to using the resources at its disposal–including legal action–to prevent abuse that violates our Terms of Service, such as automated or bulk messaging, or non-personal use.

“We make no representations or warranties that our Business Services meet the needs of entities regulated by laws and regulations with heightened confidentiality requirements for personal data, such as healthcare, financial, or legal services entities.”

 

How can the financial service industry minimise risk when using messaging services?

The financial services industry requires a tailored approach to messaging in order to effectively minimise risk. Messaging apps are becoming increasingly ubiquitous, and do provide many benefits, such as increased productivity and collaboration. Excluding them from communications completely can close off channels that improve operational efficiency and build rapport between teams – something that has become even more important now that many employees are working from home.

Banks who have taken steps to ban all text messages and communication apps on work-issued devices in order to improve its compliance standards have sought alternatives, such as Symphony – a messaging service aimed at highly regulated financial firms. This enables banks to continue to communicate with clients in real time, while also maintaining thorough and rigorous standards of data security and privacy protection.

Security, transparency, and compliance are paramount in the financial services industry, yet it is easy for unregulated consumer messaging apps to go completely unnoticed. The sector must do more to acknowledge and address their use in order to adhere to these three fundamental principles.

Workplaces, working practises, and channels of communications have needed to change rapidly as a result of the COVID-19 pandemic. It’s critical that organisations address the issues and risks associated with messaging apps by implementing robust policies around workplace communication and seek out viable, compliant alternatives not only now, but as part of a long-term solution.

 

Written by Guild founder and CEO, Ashley Friedlein. Guild is a British, independent and ad-free messaging platform for professional groups, networks and communities.

Continue Reading

Magazine

Partner Events

Trending

Top 107 hours ago

WHY INDONESIA IS THE WORLD’S NEXT DIGITAL PAYMENTS BATTLEGROUND

Kelvin Phua, Global Head of Payment Networks at PPRO   The COVID-19 outbreak has seen the e-commerce sector surge. Despite...

Business7 hours ago

HELPING SMES ACCESS FINANCE IN EXTRAORDINARY TIMES

Tim Vine, Head of Credit Intelligence at Dun & Bradstreet   The closed doors of businesses have become a sadly...

Business7 hours ago

DO MESSAGING APPS PUT THE FINANCIAL SERVICES INDUSTRY AT RISK?

Ashley Friedlein, founder and CEO, Guild   Accelerated by the coronavirus pandemic, the use of messaging apps for professional communications...

Business20 hours ago

HOW PREVENTING AND MITIGATING FRAUD CAN IMPACT YOUR CUSTOMER RELATIONS

Matt Mascherin, Solutions Engineer, Enterprise Sales Americas   Texting has become a staple of modern life and is so pervasive...

Finance1 day ago

2020: THE YEAR OPERATIONAL RESILIENCE AND CYBER-RISK TAKE CENTRE STAGE IN FINANCIAL SERVICES

Miles Tappin, VP of EMEA for ThreatConnect, explores how financial providers can build a cyber security strategy that enables operational...

Wealth Management1 day ago

HOW RESILIENT IS YOUR ORGANISATION’S SECURITY?

Kimon Nicolaides, Digital Services Group Head at MASS   Organisational security can be thought of like peeling the layers of...

News2 days ago

INTERNATIONAL BANKING NETWORK EXPANDS AS IT WELCOMES STANDARD CHARTERED BANK

IBOS Association (IBOS), an international banking network, is delighted to announce its newest member to the group, Standard Chartered Bank....

Wealth Management2 days ago

HOW TO CATCH UP ON YOUR RETIREMENT SAVINGS

By Gerard Visser, Certified Financial Planner at Alexander Forbes For many South Africans who were already finding it difficult to save...

Technology2 days ago

ARTIFICIAL INTELLIGENCE AND FUTURE OF TECHNOLOGY

Ashish Jain, CEO, Future FX   Artificial Intelligence refers to machine intelligence that is programmed to think like humans and...

Finance2 days ago

GROWTH OF FINANCIAL MARKETS AND TECHNOLOGY

Ashish Jain,CEO, Future FX   The economic development of any nation completely depends on its financial structure both in long...

Banking4 days ago

NO SAFE HARBOUR FOR DIGITAL BANKING

by Konstantin Bodragin, Business Analyst and Digital Marketing Officer at Bruc Bond   At the beginning of 2020, the future...

Business4 days ago

CAN TECHNICAL INNOVATION HELP FINANCIAL SERVICES FIGHT BACK AGAINST FINANCIAL CRIME?

By Charlie Roberts, Head of Business Development, UK, Ireland & EU at IDnow   It’s no secret that the financial...

News4 days ago

ARE MIDDLE EAST ENTERPRISES PREPARED FOR THE FUTURE?

Deloitte releases 2020 tech trends report   Deloitte’s 11th annual report on technology trends captures the intersection of digital technologies, human...

Wealth Management4 days ago

ONLINE STOCK BROKERS ARE BENEFITING IN 2020

2020 has changed our lives in dramatic ways. Thanks to COVID-19, many of us now work from home. Rather than...

AI AI
Finance6 days ago

COULD COVID-19 BE THE CATALYST FOR DIGITAL TRANSFORMATION IN FINANCE?

By Simon Bull, Sales Operations & Business Development Manager at Aqilla   We are all now living in a new...

Banking6 days ago

WHY OPEN BANKING SHOULD BE EVERY MARKETER’S BEST FRIEND

By Kathryn Wright, CSO, Upside   To date, Open Banking has been mainly utilised to help consumers with account switching...

Finance6 days ago

TOP TECHNOLOGY TRENDS FINANCIAL INSTITUTIONS SHOULD INVEST IN TO BRIDGE THE GAP IN REMOTE WORK

Chirag Shah, Senior Vice President, Fintech & Innovation Lead, Publicis Sapient   More than ever before, technology is critical to...

Business1 week ago

TOP 5 LINKEDIN PROFILE OPTIMIZATION HACKS FOR ASPIRING BANKERS

According to Firmex, finance professionals cannot afford to be not on LinkedIn. A significant number of organizations acquire talent in...

Wealth Management1 week ago

TAPPING INTO THE DATA GOLDMINE: THE FUTURE OF DATA-DRIVEN CREDIT MANAGEMENT

Willand Brienen, product owner at Onguard   Data, and the insights it reveals, can offer organisations a vast number of...

Finance1 week ago

ENLISTING TECHNOLOGY TO HELP FIGHT FINANCIAL CRIME

By Rachel Woolley, Director of Financial Crime Fenergo   Million-dollar properties, private jets and parties on luxury yachts with celebrity...

Trending