27 September 2013
If you operate in the financial services industry, you will be acutely aware of the challenge of growth in the current macroeconomic environment. In the midst of this slow or no growth environment, big data and analytics stands as an obvious opportunity for the industry - one capable of completely re-defining the playing field.
With the proliferation of internet connected devices and systems, and the explosion of new technology platforms like cloud computing, data is being produced and processed at a rate never seen before. By way of example, YouTube users alone upload more than 48 hours of new video every minute of every day. Looking forward, the McKinsey Global Institute projects a 40% global growth in the amount of data being generated each year.
‘Big data’ refers to the mass repositories of such data - whether it be structured, unstructured or semi-structured. This data is of such high volume, velocity and/or variety that it is beyond the ability of standard database software to structure and analyse it.
If exploited properly, it has the power to disrupt the status quo and transform the financial services industry. It does this by providing players with data-driven insights never before available. These insights, in turn, provide big opportunities for ‘value creation’ - whether it be the personalisation of financial products and services to drive customer engagement and loyalty, new marketing and lead-generation models to drive revenues, or the unification of disparate data sets to drive better risk decisions.
However, leveraging the value of big data also requires an understanding of the challenges - including, in particular, balancing the desire to use data-driven insights for the creation of immediate, real-time customer value with the need to protect the privacy rights of customers.
In the financial services industry, competitive advantage will come from those players who elevate the privacy issues to the fore, who architect their products and services with their customer’s privacy in mind, who put the customer in control of their data and who remain open and transparent in their use of that data.
After all, trust is the very foundation of the financial services industry. Customers want assurance that their financial information is in safe hands and that the organisations with which they entrust their financial affairs are reputable.
In a world where the financial services industry is becoming fragmented, and global technology players like Google are increasingly making inroads into parts of the industry, being able to promote oneself as a trusted financial services provider is key to defend against displacement.
Creating value from big data is not an entirely new phenomenon. We have seen examples of it with the growth of online behavioural advertising. For example, the practice of profiling the online behaviour of web users, through the use of technologies like cookies, in order to produce customised advertisements with a view to increasing purchase conversion rates.
In the financial services industry, the card schemes such as MasterCard and Visa have led the way in analysing credit card purchases to conduct customer profiling and to engage in targeted advertising.
For players in this industry, big data analytics has an increasing role to play in almost every major decision to drive revenue, to control costs or to reduce risks.
Examples of how big data analytics may unlock value in the financial services industry include:
- the personalisation of financial products and services: where different data sets are amalgamated to create a clear, 360-degree view of an individual customer. With that view in mind, the organisation can develop and deliver individually tailored products and services which meet the customer’s financial need at that point in time, thereby creating a much richer and engaging customer relationship.
- predictive analytics: where, through the combination of different data sets, an organisation is able to solve problems or predict outcomes and, through that process, garner insights to support decision-making regarding the ‘next product to buy’ for a particular customer or customer group.
- risk management: where, by having a clear 360-degree view of an individual customer and his or her financial status and needs at a point in time, the organisation is able to make real-time assessments of that customer’s risk profile rather than defaulting to generic risk frameworks and policy documents which are less reliable indicators of risk.
- increased productivity and efficiency: where analysis of big data sources can identify opportunities to reduce costs and increase efficiencies.
Seizing the opportunities requires organisations to be alive to the privacy and data protection risks associated with big data.
As customers continue to live more of their lives digitally, they are leaving behind a digital footprint of personally generated data. This includes such things as email traffic, internet search history, use of social media sites (including images and sentiments shared through such sites), payments and loyalty program transactions. This personal data is in addition to, and often combined with, data generated from a myriad of external sources such as business system transactions, social media conversations, public agencies and research bodies.
Whilst these data sets can be merged, consolidated, analysed and interpreted to produce intelligence never seen before and to open up a market for the development of more relevant, timely and customised products and services, the potential for misuse of that personal information is heightened.
From a legal perspective, the mining of big data presents a number of privacy challenges for the financial services industry. These include:
- the breadth of personal information subject to regulation: financial services organisations need to appreciate that the type of personal information which is regulated is not limited to information gleaned from customers completing application forms, filling out questionnaires or speaking with call centres. It also extends to metadata or event logs in a system which personally identify a customer.
- the collection of personal information: Australian Privacy Principle 3.1 dictates that an organisation must not collect personal information unless the information is reasonably necessary for one or more of its functions or activities.1 It does not matter whether this information is sourced directly from the customer. The principle is broad enough to capture personal information which is extracted from an information system, found in the public domain or generated using algorithms.
- notification and consent: Australian Privacy Principle 5 includes the concept of notice. It requires that the customer be made aware of how his or her personal information is being collected, the purposes for which the information is being collected and to whom such information will be disclosed.2 The intention is to allow a customer to make an informed choice as to the collection and use of his or her personal information, and to consent (or not) to that collection and use. The complexity of the world of big data challenges this notion of ‘informed consent’ because an organisation may not always know what personal information lies waiting to be mined and discovered, nor when this might be done, nor what insights it may reveal and, therefore, for what purposes it may be used. As for the individual, he or she is unlikely to understand where his or her personal information may end up, or that it can be merged with other profile data in a way which reveals more about him or her than that contemplated at the time of disclosure.
- anonymisation of data: one technique frequently used in the financial services industry for mitigating privacy risks is the de-identification or anonymisation of data sets. However, care must be taken. The nature of bringing together disparate data sets from various sources is such that it may well be possible to re-identify individuals in an anonymised data set.
- data breach: the above challenges need to be considered in the context of the proposed new laws on mandatory breach notification which were introduced into federal parliament in May 2013 and which, if passed will come into effect on 12 March 2014. These laws will require financial services players to notify individuals when a data breach affecting their privacy occurs.
CONVERTING THE CHALLENGES INTO OPPORTUNITIES TO SEIZE COMPETITIVE ADVANTAGE
The good news for the financial services industry is that the privacy risks do not need to be a barrier to the use and exploitation of big data. On the contrary, those organisations which have a rich understanding of the limitations and challenges which privacy poses - from a legal, community and ethical standpoint - have the most to gain from big data opportunities.
Competitive advantage will come from those who harness big data opportunities in an open, transparent and considered manner - that is, in a manner which is customer-centred, recognises the customer’s right to privacy and provides the customer with transparency over the use of his or her personal information. This includes:
- developing a privacy framework and methodology that ensures that privacy issues are addressed upfront, rather than as an afterthought
- undertaking privacy impact assessments to manage privacy impacts to projects and realise value for customers without the “creepy” factor
- being alive to changing community attitudes to privacy, not just the legal implications
- putting customers in control by providing them with increased visibility of how their data is being used, valued and leveraged, and educating them on privacy settings
- considering dynamic consent models, whereby customers are given new ways to opt out and opt back in again depending on whether they consider the benefits of data usage and sharing at a particular point in time outweighs the risks involved.
Innovation will come from harnessing big data opportunities. But developing much richer and more intimate and trusted relationships with customers will come from putting privacy to the fore. For players in the financial services industry - an industry founded on the very notion of trust, the powerful combination of big data and privacy cannot be underestimated.
1 The Australian Privacy Principles came into force on 12 March 2014. APP 3.1 is the equivalent of the existing National Privacy Principle 1.1.