Do GDPR and PSD2 contradict each other?
To comply to both regulations and satisfy their customers, companies need a granular view of their customer data and use this data according to their customers’ needs.
Since GDPR came into force, businesses are still making mistakes and learning to navigate the EU regulatory waters. PSD2 asks banks to openly share consumer data with their consent, while GDPR requires that consumer data remains private and secure. How can businesses possibly juggle the two seemingly contradictory regulations?
Ultimately, this remains a data issue and relates to how well companies can visualise and use their data. To comply to both regulations and satisfy their customers, companies need a granular view of their customer data and use this data according to their customers’ needs. However, how can businesses accomplish that without a complete IT overhaul with potentially disastrous results?
Not as easy as it seems for Financial Services organisations
Financial Services organisations will need to be able to easily access, share and protect data - a challenge indeed! FinTech competition will not miss the opportunity the new regulations present to punish the old guard and poach the customers from the unprepared organisations.
Sharing customer data with third parties, as directed by PSD2, is a great idea but difficult to carry out for banks. Banks are challenged by legacy systems, operating in silos and current IT practices, which do not facilitate data management. EU GDPR only adds further complexity to data management processes because banks have to know the source of every single bit of data they hold in their systems.
In addition, the right to erasure (article 17 of GDPR) means enterprises are required to have a good handle on customer data in order to be able to delete specific information on request. The right to data portability (article 20 of GDPR) presents the challenge for businesses to move, copy or transfer data easily from one database, storage or IT environment to another.
All Financial Services organisations will need to be able to access and analyse the data of any transaction at any time. As part of regulatory audits, banks will need to be able to summon up specific customer data very quickly and they will have to understand what that data means in the broader context of their payment history.
Data protection and privacy will be particularly difficult for unprepared companies ahead of GDPR. At worse, it could mean an overhaul of the entire IT system. Businesses will have to detect and report data breaches within 72 hours once the breach is found to avoid being fined. This could mean working on weekends for some banks if they detect the breach on a Friday.
These challenges will require some help from technology. Banks and other Financial Services organisations will have to demonstrate true digitalisation. These organisations need to provide context-specific offers to the customer, which is helped further by Open Banking, as they will be able to track data from other banks catering to the customer.
However, this type of opportunity will only be seized by organisations capable of customer-centricity and building their own marketplace economy.
Looking beyond rules towards customer-centricity
Should they want to thrive, banks cannot have a narrow view and see regulations as checkpoints to be ticked off in order to be compliant, neglecting the wider picture.
GDPR and PSD2 do not contradict themselves; they both have the exact same objective. Both regulations want to push organisations towards customer-centricity in order for business to adapt to faster to the digital age and the rise of the platform economy. In the post-GDPR era, efficient data management will be critical in order to provide services as close as possible to their customers’ need.
This requires a system or platform flexible enough to dissect very specific data that is within the scope of client consent, while restricting conditional elements from being shared. This granular level of data management would truly push them toward customer-centricity.
This is crucial, as going beyond simple compliance and handling customer data with efficiency and transparency will go a long way to rebuild customer trust. The benefits of GDPR can be seized when financial organisations can convince not only regulators, but also customers, that their data is in a safe pair of hands. A greater understanding of who the customer is, what the product is and the price point will require better management of tangible and intangible data in order to better meet expectations in a post-GDPR world.
Reviewing data management processes to make them more efficient can directly lead to enhanced customer loyalty, which will come about by creating better deals for customers through the use of all the data held by a bank. This data can help create unique revenue models and pricing solutions adapted to the customer’s needs and spending patterns. These value-added services are sure to generate increased customer satisfaction.
Concerning the data security element of GDPR, organisations need to go beyond simply applying a turnkey cyber security solution. Businesses will need to keep internal records of data protection and show regulators and customers alike what has been done to keep their data safe. An audit log of public, private and personal APIs being accessed will need to be kept in order to keep track of any access to customer data.
The multiplication of RegTech solutions might seem like good news for businesses looking to avoid fines and immediate consequences of non-compliance. However, it often presents a short-term solution to a long-term, more nuanced problem. Banks need to manage their data in a way that puts customers at the centre.
Being customer centric enables these organisations to reap the benefits this year’s new regulations entail.
The benefits of being customer-centricity:
-
Reputational benefits: it will ensure customers their data is well-protected and showing transparency when dealing with customer data will increase trust. Avoiding brand image disasters like Equifax and becoming an example of a company making an effort and caring about the duties that comes with the custody of data could lead to immense reputational benefits.
-
Financial benefits: being customer-centric will improve customer retention and attract new customers. Knowing and tending to the needs of your customers will increase trust and customer satisfaction: while competitors are poorly managing their data and offering customers irrelevant offers, having the reputation of being an efficient, insightful business can bring immediate financial benefits.
-
Preparation for an increasingly customer-centric economy: digital transformation is leading businesses toward an increasingly customer-centric economy. GDPR is an attempt to regulate this wave of change and make sure some businesses are not left behind. Preempting the intent of GDPR and being customer-centric ahead of the curve through impeccable data management could give businesses a competitive edge.
While GDPR and PSD2 may seem to be contradictory in their requirements, they are in fact complementary, as both regulations guide high street banks, new banks and Financial Services organisations alike toward a much needed acceleration of their digital transformation process by placing the customer in the centre.
Source: itproportal
Latest Jobs
-
- Senior Cisco Network Engineer
- Italy
- Up to €550 per day
-
Key Skills Required: Cisco ACI, MPLS, Data Centre & Fluent English & Italian. Candidate Profile Work closely with business management to determine business process and productivity needs and an appropriate technology strategy to support business goals. Analyze technical needs, requirements, and state of the network’s infrastructure design, integration, and operations. Work with technical management to architect networks that effectively reflect business needs, service-level and availability requirements, and other technology parameters. Develop design principles, models, plans, internal standards, budgets, and processes based on industry best practices. Establish governing principles for network design and deployment. Participate in selection of networking technologies and products for implementation Lead teams of other network designers and engineers in developing detailed designs and quality-control mechanisms during implementation. Communicate the role and value of the network to the organization and present the business case for technology investments. Continually update understanding of business and technology status and objectives and respond to strategic design requests as the business evolves. Excellent client management skills Good knowledge of Service Management process’s In-depth knowledge of routing and switching, including LAN, WAN, MAN and WLAN technologies In-depth knowledge and experience with F5 LTM and GTMHands on experience with Cisco ACI is preferred Experience with Automation specifically Ansible is preferable Extensive experience deploying BGP, OSPF, PIM, MPLS, VPLS, IPVPN, with Cisco and Juniper technologies Demonstrated knowledge of Multicast technologies as used in financial sector (NG-MVPN desirable) on Juniper Knowledge of low latency switching technologies from Arista Knowledge of Fortinet and Juniper (SRX\Netscreen) firewall technologies Ref BD7761 Up to €550 per day Apply today for more information!
-
- Network and Infrastructure Manager - Client Services
- Corsham
- Up to £45,000
-
Our client is leading provider of secure and efficient data centers, they are currently looking for a Network and Infrastructure Manager to be site based within their Client Services team. As a Network and Infrastructure Manager you will be responsible for managing and controlling the deliver of Client and Carrier Cross Connects, provide network support to clients in the delivery of carrier circuits. Responsibilities: · Support the design & Implementation of CTO infrastructure strategy. · Manage and Maintain records for Meet Me Rooms (MMR’s) · Manage and maintain records for the site Infrastructure. · To provide first class internal support for all Internal Departments. (I, e Sales, Commercial, Finance). · Support the design & Implementation of CTO infrastructure strategy. · Manage the delivery of Client & carrier Cross Connects. · Manage the delivery of Carrier circuits to specific clients · Engage with and manage 3rd party suppliers. · Co-ordination and ownership of resource schedule. · Representation of Client Services at various meetings, i.e. Change Advisory Board, Customer Service Meetings etc. Skills and Experience: · Excellent understanding of Networks and Structured cabling. · Proven track record of customer satisfaction with a strong focus on results. · Must have full clean current driving licence. · Hold Industry Accredited Qualifications .i.e CCNA, CNIT or CNIDP. · Experience of successfully delivering numerous installations simultaneously. · Knowledge of structured cabling standards and Installations. · Experience of Telecommunications inside and outside Plant projects. · Understanding of Data Centre environments.
-
- Project Co-Ordinator - Client Services
- Farnborough
- Up to £30,000
-
Our client is leading provider of secure and efficient data centers, they are currently looking for a Project Co-Ordinator to administer and organize all types of projects. As a Project Co-Ordinator you will be responsible for working closely with a Project Manager to prepare action plans, which will include; resources, timeframes and budgets for projects. Responsibilities: · Analyze risks and opportunities · Incident management · Oversee project procurement management · Coordinate project management activities, resources, equipment and information · Break projects into doable actions and set timeframes · Liaise with clients to identify and define requirements, scope and objectives · Assign tasks to internal teams and assist with schedule management · Make sure that clients’ needs are met as projects evolve · Act as the point of contact and communicate project status to all participants · Work with the Project Manager to eliminate blockers · Create and maintain comprehensive project documentation, plans and reports Skills and Experience: · Proven work experience as a Project Coordinator or similar role · Experience in project management, from conception to delivery · An ability to prepare and interpret flowcharts, schedules and step-by-step action plans · Hands-on experience with project management tools · Familiarity with risk management and quality assurance control
-
- Project Co-Ordinator - Client Services
- Corsham
- Up to £30,000
-
Our client is leading provider of secure and efficient data centers, they are currently looking for a Project Co-Ordinator to administer and organize all types of projects. As a Project Co-Ordinator you will be responsible for working closely with a Project Manager to prepare action plans, which will include; resources, timeframes and budgets for projects. Responsibilities: · Analyze risks and opportunities · Incident management · Oversee project procurement management · Coordinate project management activities, resources, equipment and information · Break projects into doable actions and set timeframes · Liaise with clients to identify and define requirements, scope and objectives · Assign tasks to internal teams and assist with schedule management · Make sure that clients’ needs are met as projects evolve · Act as the point of contact and communicate project status to all participants · Work with the Project Manager to eliminate blockers · Create and maintain comprehensive project documentation, plans and reports Skills and Experience: · Proven work experience as a Project Coordinator or similar role · Experience in project management, from conception to delivery · An ability to prepare and interpret flowcharts, schedules and step-by-step action plans · Hands-on experience with project management tools · Familiarity with risk management and quality assurance control