The Customer Effect
Banks grapple with data-sharing concerns after Facebook, Equifax breaches
- In light of recent data breaches, banks are getting ready for the time when customers demand ownership of their data
- Along with enhanced security, banks are considering opt-in and opt-out options for customers

Facebook CEO Mark Zuckerberg's testimony before the U.S. Congress this week is forcing some tough questions on banks that use customer data to curate client experiences.
The recent Cambridge Analytica and Equifax data breaches highlight the dangers of customer data falling into the wrong hands. Banks are wrestling with how to use customers' personal information responsibly, while allaying concerns about data privacy.
"The more we learn about the client, the more we can add value [to their experiences], but at the same time, where is the limit? I use the example of Facebook, and many more may be brewing," said Amit Verma, global product manager of treasury and trade solutions at Citi, at an industry conference in New York.
As consumers' confidence in Facebook to safeguard personal data tumbles -- a poll released Wednesday found that 81 percent of respondents had "little or no confidence" that the platform would safeguard their personal data -- 62 percent of U.S. customers trust banks with their data. But financial companies in North America realize that customers will soon demand more control over their information, in part because of the influence of European data privacy regulations coming into force this year. The General Data Protection Regulation, which becomes law in all EU states next month, and the European Payment Services Directive that came into force in January are based on the principle that customers own their data and choose how and with whom it's shared. So while using customer data is seen as a must-have, bankers are getting ready for changing customer expectations around data privacy and control.

"There will be a time when customers start demanding their own data. ... One day we may have to give a copy of that data to the customer," said Vipin Gupta, evp and chief information officer of Key Community Bank at KeyCorp. Gupta emphasized that the use of customer data is a critical driver for success in today's digital banking context, and that it plays an important role in helping the bank shape products, frame processes and develop personalized experiences for clients. Over the past five years, Key Bank's operations have become increasingly data-driven, with the goal to offer the customer the most contextually relevant experience. But in light of demands for data ownership at the customer level, banks will need to work out a process to let customers actively consent to sharing their information with their financial services providers.
Banks and personal finance startups are increasingly using customer behavior data to tailor product recommendations or offer insights into customers' spending habits. Due to advances in machine-learning technology, they are able to crawl through transaction data to personalize the service experience. They’re also looking at how customers engage with the content that’s presented. Major institutions that are pushing data-driven customer experience outreach include Capital One, Citi and JPMorgan Chase on the banking side, and startups like MoneyLion and Credit Karma's business models are based primarily on use of customer data. The difficult question financial providers face now is how to give the customer the right to decline to have their data used.
"Eventually, we'll get to point where the client should be allowed to opt in and opt out in terms of what kinds of analytics are churned from their data," Verma said.
While some level of segmentation may be possible to address customers' varying comfort levels with sharing personal information, key challenges will be to build a robust enough security infrastructure and to convince customers that data sharing adds value.
"Entire [electronic] trails are accessible whether you want it or not -- it's a question of understanding what that data represents and how it can be used in a way that provides value," said Les Riedl, CEO of Meed, a startup that builds social platforms for banks.
When it comes to customer data-sharing between banks and fintech startups, key drivers that will build customer confidence are clear, transparent protocols.
"Banks need to put in place best-practice measures in securing data that they do collect; they need to be transparent with consumers before sharing that information and providing consumers the ability to consent or not consent; and anytime a bank will share information with a third party, both parties have a responsibility that the information is kept secure," said Steve Forte, CFO of Montreal-based small-business lender Thinking Capital.

