Financial regulations: an opportunity for a better customer experience

A difficult balance between customer centricity and the associated need for customer data on the one hand, and the privacy legislation on the other

Today’s retailers and service providers collect loads of information during every purchase or transaction, even if they haven’t explicitly requested this information from the customer or if they don’t really need it. For instance, when buying liquor, you only have to prove that you are over 18, but your identity card also provides retailers with your date of birth, your name and your address. As a result, the retailer will obtain more information than he strictly speaking needs.

The same principle applies to financial institutions: during every basic transaction, for instance opening a bank account, personal data are transferred: the data on your identity card, your contact details, and shortly maybe even your fingerprint...

We perceive a growing awareness among our customers that the customer should be at the centre and that financial institutions should address their needs better, gearing specific products and services to the key moments in the “customer journeys”. To be able to do so, the financial institutions need to get to know their customers better and hence collect and retain more and more information about them. In this way, they can respond to their customers’ needs more efficiently and place them at the centre of their strategy. This explains the growing importance of advanced analysis, machine learning, cognitive data computing and data-driven personalisation.

When the “Know Your Customer” procedures were developed in the framework of anti-money laundering activities in 2015, this created huge challenges in various areas: technology, infrastructure, customer onboarding lead time, customer satisfaction, etc. We now see that the impact of GDPR, MIFID II and PSD II on organisations is much wider-ranging and much more transversal. These regulations are opposed to each other, in spite of a number of obvious points of overlap.

Banks and insurers will therefore have to seek the optimal way of collecting and retaining data without endangering their customer centricity.

Customer data: the primary challenge for financial institutions in 2018 and beyond

It is clear that, in addition to its co-workers, customers form the second main asset of any financial institution. Since the interaction between a customer and an organisation is founded on data, customer data (complemented by investing in co-workers) will constitute the main challenge for financial institutions in 2018 and beyond.

In the past few years, banks and insurers have invested massively in their staff through, for instance, flexible workforce/workplace schemes, which have thus moved to the centre of the 2020 plans of the financial institutions. A second priority on the 2020 calendar are customer data, which financial institutions now have to handle under the data protection legislation. For financial institutions, MiFID, PSD2 and GDPR are the main regulations governing personal data.


What do we advise you as financial institutions in this new context?

1) Develop a personal data ecosystem and opt for an integrated approach

As these regulations have one central reference point, it is important to develop a personal data ecosystem. Even though financial institutions are aware that increased end-2-end working is crucial, many of them are still operating in silos. Don’t consider GDPR, PSD2 and MIFID as separate projects but look for synergies: interaction, communication and joint solutions. Create a coordinating programme or offer more touchpoints for sharing experiences and improving alignment in terms of approach, architecture and systems, business organisation and processes.

2) Open up your data ecosystem to external parties and work out a comprehensive data strategy

Data are omnipresent today and will in the near future be shared among different sectors (private and public) within a common regulatory framework. For instance, data from the automobile or technology sectors (tech gadgets, motion sensors, etc.) are already made available to insurers today. That is why as an insurer, but also as a banker, you should develop a strategy which covers both internal and external data, while you should also make sure that you link external data to internal sources.

3) Ask customers for their explicit consent via each channel and explain to them what they stand to gain by giving their consent

If your customer states today that he is happy with tailored campaigns on, for instance, pension savings or investment products, this consent will lose its commercial value tomorrow if he hasn’t also stated that he is prepared to let your organisation retain his data. So ask your customers through each channel to give their explicit consent for retaining their personal data and, above all: explain to them what they stand to gain in doing so.

“Keep it simple”: don’t make this explanation too complex and too legalistic, so that: 1/ it remains understandable and 2/ it doesn’t endanger the lead time, and hence the customer experience.

4) View existing regulations as a commercial opportunity and position your organisation vis-à-vis “GAFA”.

Personal data infringements (data leaks, hacking, etc.) have a huge negative impact on the reputation of a financial institution. As a bank or insurer, you should emphasise all the efforts your organisation is making to prevent such infringements.

Demonstrate that your organisation is compliant and that you are handling customer data consciously and correctly. Show that you are committed to your customers and their data. In this context, banks and insurers have a much larger credibility than, say, Facebook or Amazon. Credibility generates confidence and at the end of the day, this is what customer centricity is all about!

5) Use the Personal Data Regulations for changing the internal mindset

During conversations with our customers, we often sense that they regard financial sector legislation as an external factor: “You have to be compliant because that’s what the regulator wants.” On the contrary, legislation should in the first place become a critical reflex among all co-workers when handling personal data. This legislation should therefore be used as a lever for making teams aware that their approach to and use of data can greatly harm the company (and its reputation).

6) Communicate internally to prevent criticism and incomprehension with colleagues

Compliance projects generate extra work pressure on a lot of employees. It’s a fact that employees spend 30% of their time on looking for information. By setting up the processes behind the scenes more efficiently, structuring data better, appointing a data officer with clear ownership, etc., we help our customers to fill in these 30% much more efficiently.


Compliance as an opportunity for reinforcing customer experience

The new compliance legislation only imposes rules on how financial institutions should handle data but does not prohibit customer data retention if applied smartly (explicit consent, transparency towards the customer, etc.). If financial institutions approach this in a positive way and demonstrate that they are worthy of their customers’ confidence, this can only reinforce their customer centricity model.


In a nutshell: zoom on 3 different data legislations


Stéphanie Struelens Business Manager, Financial Institutions Belgium
+32 2 895 55 36


We perceive a growing urge to collect and retain more and more personal data about the customer and his behaviour, accompanied with the introduction of more and more rules governing the way financial institutions are to deal with these data.