Safety and soundness is mainly a function of managing risk, yet marketers at banks and credit unions use it all the time to set their institutions apart from unregulated (or lower-rated) competitors. Security may not be the sexiest factor, but it’s critical to many consumers. So is data privacy. Why not do the same with that?
“Well, that’s a compliance issue,” many marketers would reply. In fact, they often feel the whole privacy issue gets in the way of efforts to use personal data to tailor offers and services at a micro level. Marketing, and all the various business line clients it serves, need more — and more detailed — data all the time and the notion of having to ask permission for it scares the heck out of them.
They look to Compliance to keep track of what federal rules require along with relevant provisions of Europe’s General Data Protection Regulation (GDPR) and, for some institutions, the California Consumer Privacy Act (CCPA) and the new California Privacy Rights Act that amends it. More than that marketers would just as soon avoid. “Don’t tie our hands,” many say.
That view could turn out to be a mistake in terms of a missed opportunity to strengthen existing customer relationships and attract new business. Further, it may not be sustainable.
Bank and credit union marketers need to move away from the idea that privacy is purely a defensive play — all about compliance and data breaches, advises Sam Friedman, Insurance Research Leader of the Deloitte Center for Financial Services. Those two concerns are, of course, vitally important, but Friedman urges banks and credit unions to think of privacy beyond maintaining a “data fortress.”
“Instead,” he says, “think, ‘Is there a way we can go on offense and get better access to data with the full knowledge and cooperation of our customers by delivering extra value in return that they wouldn’t get otherwise?'”
“To remain tied to the status quo and not be any more proactive about privacy than you have to be is probably not sustainable in the long-term as a business model,” Friedman believes.
There are several reasons for that. First, even though a new federal privacy law is unlikely (although not beyond possibility), other states could impose their own CCPA-like requirements. Maine already has and New York is considering it. Second, changes in the private sector keep the data privacy environment very fluid. Digital marketers are already coming to grips with the eventual elimination of third-party cookies on Google’s Chrome browser, for example. Third, and arguably most important, consumers are growing increasingly restive about what data they’re willing to share, and with whom.
Deloitte explored this point in a survey of more than 2,000 consumers in June 2020. The resulting report explores how financial services companies can make privacy a competitive differentiator.
Key Findings from Consumer Privacy Research
Deloitte’s research finds that privacy concerns remain top of mind for most consumers and seems to have grown stronger since the pandemic. This has made people less willing to share more personal information unless they are given a clear reason why the information is needed, how it will be used and what’s in it for them.
Other highlights from the research findings:
- Sharing financial information topped the list of privacy concerns, with 56% of respondents saying that worried them the most, followed by 27% who said sharing health information was of most concern.
- Consumers clearly want to have control over the data collected by their financial institutions: 83% want the opportunity to opt out of sharing certain types of information.
- 79% wanted to be able to verify information used by their financial institutions.
- About 80% want their banking providers to be clearer about what types of data they are collecting and how that information will be used.
Addressing these concerns will be challenging, says Deloitte, because privacy covers a great deal more than Social Security numbers and bank account data. The firm identifies eight types of privacy that have surfaced through use of advanced technology. Consumers’ level of concern about each of these, varies considerably, as shown below.
One of the subgroups within the survey was credit card holders. Sharing location data was not an issue for many of them if it resulted in lower fees or interest rates. 59% are open to such tracking at all times, the report states. The situation was much different regarding sharing social media posts, comments and likes, however. Just 37% agreed to that.
The Financial Brand probed further into the concept of data privacy as a competitive differentiator in an interview with Sam Friedman and his colleague Val Srinivas, Banking Research Leader, also at the Deloitte Center for Financial Services.
- Digital Banking Transformation Begins With Quality Data
- Growing Privacy Fears Threaten Financial Marketers’ Use of Data
Many marketers may be concerned that if you engage with consumers about sharing data, they’ll just say ‘No’ by default. How do you overcome that perception?
Val Srinivas: Most consumers want to be informed of what is being collected. They want to be able to give their permission to use the data in a particular way. In the long term, I think the premise has to be that customers should have control of their data and that marketers should get permission.
Sam Friedman: The secret lies in being very transparent so the consumer understands why the bank wants this data. And, most importantly, making it a mutually beneficial interaction: “What’s in it for me? How am I going to benefit from this?” That has to be very clearly communicated and there must be a tangible value there. Otherwise it’s a one-sided transaction and is probably not going to fly with a lot of consumers.
Will more consumers come to a particular financial institution if it is transparent about the exchange of value?
Sam Friedman: That’s the end game. You start with your own customer base, find more information about them and deliver better value through this new information ecosystem that you’ve developed.
And then you spread the word through marketing and advertising. But also through word of mouth, where a customer says to a friend, “Hey, you should check these guys out. They’re going to ask you for more information, but they deliver for you. I got a better rate on my credit card.”
That’s the type of thing that could happen if data privacy is viewed properly.
Val Srinivas: Trust is at the core of this value exchange. And I think financial institutions can lead the way here because they are very good at taking care of customer data.
What role do financial institution privacy policies play in building a marketing opportunity?
Val Srinivas: Privacy at most institutions is typically a compliance function. And because of that, privacy statements tend to be pretty risk averse. “Legalistic and boring” is perhaps the best way to describe many of these policies.
Instead, they need to be written to make privacy more about customer engagement. And to make it clear how the institution will interact with customers in collecting data and give something back in return.
Sam Friedman: We’re urging financial institutions not to depend just on an annual privacy statement to get their message across. Privacy should be part of a relationship. Otherwise, consumers feel that somehow companies are taking information without telling them or not explaining why they need it. That undermines trust and tarnishes the brand.
How do banks and credit unions create a better approach to dealing with data privacy?
Sam Friedman: They’re going to need to bridge their organizational silos. You’ve got marketing people who are very keen on differentiating in the market. You’ve got business units that demand more and more data. But it would be better to get that data with the cooperation of the customer. If you can explain to these and other groups the benefit of doing that, then data privacy can become a competitive differentiator.
We’re not suggesting in any way that you toss Compliance overboard. It’s always going to be a critical component because of all the new privacy and data security laws. But being more transparent about data privacy is not an easy discussion to have with the compliance folks because they don’t see the risk in just saying “no.” Whereas in saying “yes” to being more forthcoming there are risks, such as” “Are we in compliance?” “Are we prepared to deliver on what we’re promising?” “What if the consumer objects?”
So who should lead the charge?
Val Srinivas: Chief privacy officers should be empowered to become orchestrators. And we see the role of the CPO evolving. But marketing is going to be key to the future of privacy management in financial services or any industry.
That’s because as institutions move from mass marketing to microtargeting using unique customer data, the only way to get that data using new tools and technologies is to give something of value in return. Marketing, more so than any other function, can figure out what that value should be because they understand customer needs — and that the value that I want in return could be different from what you want.
All that said, however, to make privacy management a competitive differentiator, financial institutions need to establish a collaborative effort across Marketing, Risk, and Compliance.