Although technology makes it easier, information sharing is complicated by compliance obligations whose purpose is strengthening IT security for banks, according to Hector Arias, who leads Red Hat's retail banking strategy globally including embedded finance, and is one of the authors of the IBM Institute for Business Value research mentioned above.
“Everything related to money is super confidential, so banks need to protect data and comply regardless of who is participating in the banking value chain,” Arias said.
Europe’s General Data Protection Regulation (GDPR) is the most comprehensive privacy legislation affecting the global banking sector because it applies to data held by financial institutions and protects consumers.
“Every vendor and every processor that is providing services to the financial entity is also obliged to protect that data,” Arias continued.
Since taking effect in 2018, GDPR has racked up a hefty total of eight- and nine-digit fines for mishandled data breaches. Although those paying the highest fines tend to be tech giants and not banks, financial institutions must be wary of risking their data security, banking relationships and brand equity as they tap into customer data to deliver enhanced services.
Another regulation of note is Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), which applies to private-sector organizations across the country that collect, use or disclose personal information in the course of a commercial activity. Several Canadian provinces have their own legislation that is like PIPEDA. In the United States, meanwhile, California in 2018 introduced its own statute to enhance privacy rights and consumer protection: the California Consumer Privacy Act (CCPA).
Despite the potential perils and pitfalls that have made regulations like GDPR, PIPEDA and CCPA necessary, consumers love online and mobile banking and financial institutions have an obligation to continue delivering them. As a result, “the race is on” to provide the best products and services without jeopardizing privacy protections, O’Dowd said.
Data Integration Requires a Framework
Although the technologies for digital banking have been around for a while, new technologies like AI and machine learning are creating opportunities for financial services providers to differentiate themselves, O’Dowd noted. With access to the right data, for example, AI can facilitate improved customer service via chatbots. Meanwhile, machine learning enables mobile banking apps to improve their performance over time by adapting to customers’ preferences and even anticipating their actions.
“The whole conversation about AI improving these digital channels is really interesting,” O’Dowd said.
In order to turn an interesting conversation into an awesome reality, banks and non-banking partners must find a way to integrate siloed data efficiently and securely.
“[Banks are] leveraging these new technologies in small, confined and compartmentalized ways,” O’Dowd continued, noting that there is a lot of potential for generative AI to help with data integration by tapping into data lakes and providing more unified views of customer information.