The report released from a survey carried out by Accenture shows a third of financial services companies lack clear plans or resources to address customer data privacy risks within the next 12 months. The lack of protection mechanism hinders both the firms and customers from benefiting from data-centric value-added services. The reason being that firms were afraid of consumer privacy risks, thus preventing them from utilizing consumer data to provide tailor-made products and services to their customers. Additionally, due to their lack of proper data protection mechanisms, firms were afraid of incurring hefty fines from breaching data protection laws such as the European Union’s General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA).
The study on customers’ data privacy risks
The study “Privacy in Financial Services: Stature and Sustainability in the Information Age” involved 100 privacy risk executives in the banking, insurance, and capital markets in North America and Europe. The study focused on how financial services firms should store, protect, and use personal data in the face of the European Union’s General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA).
Current data protection status of financial services companies
According to the survey, 70% of respondents consider privacy as a primary risk concern within their institutions. Close to three-quarters (72%) indicated that their financial institutions obtained consent from their customers in the use of personal information to tailor personalized products and services. The report highlighted that financial services companies incorporated consumer data privacy mechanisms throughout their data-centric activities. The Accenture report also showed that financial services companies followed consumer erasure requests as required by the GDPR and CCPA regulations. The data protection laws empower consumers to request companies to delete their data upon request.
Most companies would rather lose the benefits of using consumer data in personalizing forward-looking products than risk compromising customer data. This precautionary approach towards privacy risks was because they have failed to put in proper data protection mechanisms. Being apprehensive of utilizing consumer data was hindering innovation in the financial sector. By having adequate data protection mechanisms, financial services companies would be confident that consumer data was safe, and their use of such data complied with regulatory requirements.
Future data protection efforts
The executives from various financial services companies indicated multiple areas that require more focus on mitigating data privacy risks. More than half (51%) indicated that monitoring privacy risks would require more effort in the future. In comparison, 44% reported that the accuracy and maintenance of records processing and information asset registers needed more push. Another 41% indicated that records management and data retention/deletion would require more attention. Over three-quarters (76%) noted that their companies would increase privacy spending over the next 12 months. However, the success of the extra privacy risk spending will depend on the clear strategies that the financial services companies have in place. A third of financial services companies have no such plans and therefore risk missing the benefits of their increased privacy spending.
Despite the increased efforts in mitigating data privacy risks, the advancement of technology in artificial intelligence and machine-learning algorithms is creating new privacy concerns. However, financial services companies can reduce this threat by building consumer trust through increasing transparency in dealing with consumer data.
Accenture’s Strategy & Consulting group managing director, Ben Shorten, said consumers are more willing to share information with the companies if such an effort is of value to them. He advises the companies to look beyond compliance risks and consider a “broader opportunity to elevate the customer experience around privacy.”