The much anticipated moves by big tech firms into banking took center stage in 2019. Apple partnered with Goldman Sachs to offer a no-fee credit card embedded in the Apple Pay mobile wallet. Later, Google partnered with Citigroup and Stanford Federal Credit Union to offer checking accounts that can be accessed via the Google Pay app.
In between, Facebook announced its plans for its Libra cryptocurrency and Calibra digital wallet, followed later by several less controversial Facebook Pay enhancements. JPMorgan Chase, meanwhile, has developed an e-wallet product it is offering to Amazon, Lyft, and other e-commerce platforms.
These partnerships make strategic sense for both the tech giants and the banks. Goldman Sachs, for example, gets to grow credit card balances, accelerate loan growth, and solidify its foray into retail banking, while Apple gets to offer consumers a way to finance purchases while minimizing capital and risk exposure.
In the Google and Citigroup partnership, Citi gets to expand beyond its current limited branch footprint by offering checking accounts to Google’s users. This is potentially a way to digitally leapfrog competitors, since Citibank’s U.S. network comprises just over 700 branches compared to Bank of America, Wells Fargo and JPMorgan Chase which each have more than 4,000 branches. And for Stanford FCU, the Google partnership gives it enormous potential reach.
Partnerships Come With Built-In Privacy Conflicts
Despite the advantages, we must not overlook the risks these partnerships pose to consumers, and by extension to financial institution partners.
With a checking account, Google may also know how much money you deposit, where you spend and how much you spend. It is the next step in precision targeting.
By comparison, banks and credit unions generate the majority of their revenues from the spreads between deposits and loans, supplemented by fees for services. To win over consumers, financial institutions prioritize safety, security and confidentiality, attributes that rank significantly lower in importance for a search engine, mapping and video-sharing service.
PSCU’s sixth annual Eye on Payments study reveals shifts in consumer payments preferences and behaviors.
Does the value outweigh the risk? The three key considerations for evaluating whether to invest in growing an internal program or exploring an outsourced solution.
5 Potential Risks Posed by Big Tech/Banking Combinations
With more banking/big tech partnerships likely to appear, what are some of the risks when a company built on selling eyeballs has access to consumers’ banking data? Here are a few potential problem areas:
1. Data used to disadvantage consumers. A bank-tech entity can decide they will not extend loans to people who searched for marijuana dispensaries or have a sports betting app on their phone. Similarly, if your checking account balance is too low, the technology company might decide that you will have to pay in advance if you wish to subscribe to certain digital services.
2. Wrong data. Credit bureaus frequently have inaccurate information about consumers. According to a Federal Trade Commission study, one in four consumers found errors in their credit reports that affected their credit scores, and in 5% of cases the error was so serious that it affected their ability to get credit on favorable terms. We can expect this issue to be exacerbated when data from social media accounts, online searches and consumers’ digital lives is added to the mix.
3. Unintended consequences. The application of data can lead to embarrassing results. We’ve already seen this when Goldman Sachs and Apple were excoriated on social media because Goldman’s credit model led to women receiving lower credit lines than men of the same credit worthiness, according to many posts.
4. Data in the hands of third parties. Other red flags can pop up when the partnership sells or makes available consumers’ spending data to third parties. For example, the tech giant notices that you consistently buy fuel from a particular Exxon service station. This data can be used to send you advertisements from a competitor like the Shell station across the street. More alarming: data on your spending behaviors can be sold to your present or future employer, or insurance company.
5. Biased search results. Data collected on a person’s spending patterns can be used to curate search results. For example, if a big tech sees you consistently shop at Whole Foods, the next time you search for a supermarket it may display a competitor’s location first even though it is not the closest.
- Big Tech Firms Push Further Into Banking With New ‘Super Apps’
- 4 Out of 5 People Who Use Digital Banks Would Switch to Amazon
- Why Community Financial Institutions Make Perfect Fintech Partners
Ways to Mitigate Big-Tech Partner Risk
The risks may not slow the proliferation of bank-tech partnerships nor consumer uptake. Customers who like ease-of-use and fingertip access of digital platforms may be willing to tolerate or overlook the possibility of abuse.
“It’s difficult to imagine such a regulated industry avoiding a public relations disaster, penalties and more restrictions when things go wrong.”
— Leo D’Acierno, Simon-Kucher
Yet banks are held to a higher standard than Silicon Valley. It’s difficult to imagine such a heavily regulated industry avoiding a public relations disaster, financial penalties and more scrutiny and restrictions when things go wrong. We expect to see individual bank efforts and perhaps industry-wide initiatives to mitigate such disasters as digital partnerships take off.
For example, companies can employ user agreements to specify what they can and cannot do with customer information. These are already widely used and we can expect them to get denser and longer. The industry can also self-regulate by adopting an industry-wide code of ethics.
Without an effort to self-police, the industry will expose itself to much more stringent regulation on data protection and privacy like the General Data Protection Regulation already in place in Europe. In the U.S., the California Consumer Privacy Act, in some ways more stringent than GDPR, becomes law in January of 2020 and takes effect in July of 2020. Other states are already working on similar legislation.
The public sense that big tech is too powerful is growing, and the combination of big tech and big banks may invite a concerted effort to protect consumer data through more law and regulation. The banking industry needs to proceed with great care in this unfolding environment.