How financial institutions can address the data privacy dilemma
While data regulation, privacy, and ethics have been top of mind for financial institutions and fintechs for years, concerns around these issues have become more mainstream, with consumers and the general public paying closer attention.
Consider Netflix’s The Social Dilemma; this popular documentary dives deep into the issue of data, bringing to light just how much BigTech has commoditized consumers’ information.
This realization has caused a big reaction—more than ever before, consumers want to know how their data is being used and protected. Institutions and fintechs must be prepared and readily able to answer these questions, ease concerns, and offer transparency if they want to maintain trust with their users.
And not just everyday concerns, either, but new concerns that emerge in the face of the ongoing global pandemic.
As a result of the second and, in some countries, third wave of the COVID-19 pandemic, financial institutions and fintechs are being forced to adopt remote working strategies.. This in itself introduces another vector for a potential breach of data privacy, with collaboration tools like Zoom, Slack, and more that are being used to facilitate business operations and communications.
Data shared on these platforms is not bound by the same level of controls implemented by a financial institution or fintech required to maintain compliance with respective geographical data privacy regulations.
To understand how to best address data privacy concerns, it’s important to understand what’s happening at a macro level. Only about 10 percent of the world has strong privacy regulations in place, like the EU General Data Protection Regulation (GDPR), but will other countries follow their lead? This is currently the biggest unanswered question for the U.S. as countries like Brazil, India, and Canada are tightening regulation.
Though significant traction was made in 2019 to enforce several privacy regulations across North America and Europe, much of this has slowed down due to the pandemic. As we move into 2021 and towards a more stabilized economic landscape, these types of regulations will likely be reprioritized.
Although regulatory issues must still be more clearly defined, there are steps financial institutions can proactively take now to help address data ethics and privacy. Let’s dive into two key steps institutions can take, starting today.
Establish a dedicated data privacy position or team (or, tap an outside partner for help if the internal resources aren’t available)
To monitor activity in the organization and its impacts on individuals’ privacy, annual privacy assessments should be conducted to audit the treatment of data from an ethical and regulatory perspective.
These assessments should also be completed every time a new product, software, or feature is released that will impact the general public.
Practice regular privacy evaluations
These evaluations aren’t only critical for institutions, but for their partners too. Fintechs should take proper steps to ensure data privacy and integrity is being evaluated when new features or functionalities of their products or services are released.
Institutions and fintechs must work together, taking active steps to protect data, which includes ensuring this responsibility is clearly defined within their contracts. If such details aren’t established outright, there is a risk that the data won’t be protected as strongly as it should.
Data privacy and regulation is a hot topic (and it’s not going anywhere anytime soon)
Data privacy, regulation, and ethics will continue to be a hot topic as we close out the year and head into 2021. While issues around regulation and enforcement still need to be outlined, there are actions financial institutions and fintechs can take now to mitigate potential concerns.
By working together and investing in the proper tools and processes, financial services organizations can maintain (and even increase) transparency and trust among their customers.