Everybody wants data privacy, but bank customers are increasingly willing to unlock their data and share it with third parties.
Whether it’s a consumer wanting a faster way to apply for an auto loan, or a business seeking automated reconciliation in an accounting platform, the immediate benefit of clicking the “allow” button when prompted to give permission to share bank data usually outweighs any security concerns end users have.
It’s indicative of expanding trust of the financial services market, and the eagerness of customers to adopt third-party FinTech solutions that can make their lives easier though access to bank data.
But what happens when things go wrong?
In the U.S., watchdogs and industry players today are mulling how to allow the data-sharing ecosystem to evolve in a manner that keeps customer protections and data integrity at the forefront. Lisa Shields, founder and CEO of FISPAN, said it’s an issue more complex than merely having a regulator step in as gatekeeper.
Speaking with Karen Webster, she explored the current state of a financial services market increasingly willing to unlock customer data and considered the implications for who takes the leadership role in promoting user education, security and industry best practices.
An Educated Customer
As open banking frameworks proliferate in markets around the world, the U.S. financial services sector has grown more comfortable with the value proposition of unlocking bank data.
What consumer and business end users see is a service provider able to provide automation, speed and an all-around more enjoyable experience by connecting their bank data to another app or platform. According to Shields, the average consumer has a relatively good grasp on the concept of what constitutes “sensitive” data — their name and email address aren’t as sensitive as, say, their Social Security number, for example.
But there is a significant education gap among customers today that will be a key focus for how the ecosystem evolves moving forward.
For example, while customers may know what data they’re sharing with a FinTech, they may not entirely understand exactly where that data goes after the “Accept” button is hit.
“What we’re seeing is FinTechs and third parties hoovering up as much data as possible, extracting it from financial institutions, and then mixing it and analyzing it with third-party data sources to sell it back, either to a financial institution or to a consumer, in some way as insight,” she explained. “It’s not that that practice needs to stop, it’s that that practice needs to be made clear.”
There are limitations to how much a consumer does — and should — understand about how this data sharing works. For example, a customer wants to know that their data is protected, and an extra-savvy one may know that encryption may be best practice for that security. But asking them to understand the technological nuances of how that encryption works is “asking too much,” Shields said.
Similarly, as the regulatory landscape begins to take shape, it’s not appropriate for the market to expect the average consumer or business end user to hold a detailed understanding of these regulations. Rather, the burden is on the regulators and the financial service providers themselves to not take advantage of the trust that consumers have given them and form an ecosystem that both protects the customer without hampering innovation, said Shields.
Taking The Lead
When it comes to leading the evolution of a financial service ecosystem of unlocked data, today, FinTechs often take the lead.
Banks are happy to follow, said Shields, because they too benefit from the aggregate analysis FinTechs provide, which can be immensely valuable for banks when developing new products and services for their clients.
Perhaps the biggest kink in an open ecosystem today is the fact that, as consumers grow more educated about how exactly these third parties are using their data, they are not necessarily able to take back that data sharing consent they previously gave.
“Right now, there’s no ‘unclick’ for that other than going in and changing my bank credentials,” said Shields.
While regulation will be important, Shields also noted that it’s up to banks and FinTechs themselves to establish a market of gatekeepers that provide greater transparency to end users over who holds their data and what they’re using it for.
That gatekeeper won’t be the same for everyone. For corporates, she said, it will likely be the banks themselves that can offer control over data sharing as well as an audit trail. For consumers, Shields said she believes Big Tech firms like Facebook and Google are already stepping in to play this role.
Regardless, she noted, there will be a shift in the ecosystem. Whereas today FinTechs are at the helm, greater customer education, shifting end user expectations, and a more advanced regulatory landscape will reposition the banks to take the lead over how data is being shared and how value is extracted from it.
“The opportunity, as regulations become more clear and as standards start to evolve, and as consumers become more comfortable, I think banks will start to take the helm and own more of the value chain around data processing to deliver insights,” she said, adding, “It doesn’t mean that FinTechs aren’t a part of the picture. It’s that FinTechs are participating in the platform ecosystem of major banks — rather than banks needing to participate in the ecosystems of the FinTech platforms.”