ValueStream Labs Blog The Looming Battle Over Customer Data

The key to the future of consumer financial services is data...but not in the way most industry veterans think.Note this article originally appeared in Banking Perspective, published by The Clearing House New technology is allowing companies to capture more data about customers and their transactions than ever before. As an industry, we are starting to put that data to use in smarter products and more data driven processes. Bank of America for example, tracks customers across multiple channel interactions, using the combination of website clicks, transaction records, banker notes, and call center records to build a full picture of "customer journeys". They use this data to make proactive offers to customers including credit card or mortgage refinancing, or cash-back deals to holders of credit and debit cards based on spending patterns. In insurance, Progressive offers Snapshot, a program where drivers earn discounts on car insurance by giving access to detailed vehicle driving data, which is being used to build better actuarial models. OnDeck Capital uses bank transaction data of small business to make better decisions about which small business are less likely to default on loans.It is tempting to think that the most important question about data is "How do we best use this data?" However, an even more pressing question - and one that underpins a major battle brewing in financial services - is "Who owns the data?" When a customer uses a credit card, who owns that information on what they purchased, where, and for how much? What rights do consumers have to access that data, to restrict access, to decide who can use it and how, or even to remove it?Data ownership has been a contentious issue for consumer internet giants such as Google and Facebook for years. Google and Facebook have sparred with the European Union over data privacy and "right to be forgotten" rules, culminating in 2014 in the Costeja case, where the Court of Justice of the EU ruled internet companies must consider requests from users to remove data about individuals from company servers. Both companies suffered a more recent blow from the invalidation of the data processing Safe Harbor by the Court of Justice - restricting internet companies' ability to export data collected on EU citizens to the United States for processing and analysis.It is no surprise then that as finance enters the digital era, the issue of data ownership is beginning to appear on the corporate agenda. Financial institutions face a slightly different challenge compared with consumer internet companies. Whether due to a lack of advertising driven business models, longstanding perception as a safe place to store valuable assets, or significant oversight from industry regulators, consumers have been less vocal over concerns about financial institutions storing data about them. Consumers main concern with data stored by financial institutions, is how easily can they access that data - and connect it to the financial app of their choice such as Mint, a personal financial management app, or Quickbooks, a small business accounting solution. While financial institutions seem to avoid some of the data-ownership headaches that Google and Facebook are dealing with they have an entirely different - and potentially scarier - problem...consumers are opting for external products over in-house software. The Utility MatrixTo understand why financial institutions are opting for non-bank solutions, lets consider something called the "Utility Matrix" - a rough plot of how focused a company is on optimizing for regulated transactions versus how focused it is on optimizing for User Experience (UX). Most financial institutions are in the lower right quadrant: highly focused on efficient and compliant transactions, while lagging behind on customer UX. On the other hand, most consumer internet companies are in the upper left quadrant: highly focused on UX, while lagging behind on compliant transactional efficiency. The key word here is "compliant", since many technology companies often attempt to gain efficiencies by introducing a new business model with uncertain regulatory compliance. The emergence of Peer-to-Peer (P2P) lending (and eventual evolution into marketplace lending) is a prime example. Lending Club and Prosper both created innovative loan origination and funding models that - while highly efficient from a cost perspective - proved to be non-compliant with securities laws until forced to register as securities dealers. Similarly, in equity crowdfunding, sites launched sizeable businesses allowing consumers to invest in private companies that tread closely to an equity securities transaction. In 2011, an early crowdfunding pioneer, ProFounder, shut down in face of mounting pressure from the SEC, who claimed the site was engaging in general solicitor and must therefore register as a broker-dealer. The passage of the Jobs Act has created a new category of securities regulation for equity crowdfunding portals, but still leaves many restrictions in place.Although many startups employ the "move fast, break things" strategy and rely on being too small to attract regulators' attention, it is impossible to avoid forever. Once startups attract the eye of a local, state, or federal regulator, they have only one choice: comply or else receive a cease and desist order from a judge that cares little for how disruptive their innovation is. As painful as it is to adhere to regulation, it eventually becomes a requirement for a growing startup; they must either bring the skillset and knowledge in house or partner with an industry veteran with established people and processes. Learning to maneuver within an increasingly complex regulatory system is often an under-appreciated advantage that banks hold over their younger, more nimble competitors. The Consumer HackOn the whole, consumers can be rather demanding. They seek out the best experience at the lowest price, and when the market fails to provide the product they want, they find ways to stitch together multiple products to give themselves the best "solution". In the innovation world, this is called a "consumer hack", and it typically means there is a gap in the market.Right now consumers are trying to optimize their situation by cherry-picking the secure, regulated transaction capabilities of banks and the slick, user-friendly UX of consumer internet companies. Essentially, consumers are saying, "Banks, you focus on providing fast and secure transactions, and internet companies, you focus on giving me a good user experience." In order to make this marriage work, consumers are starting to make use of data integrations between banks and internet companies through the use of Application Programming Interfaces (APIs). The issue now is the market has grown substantially - there are many more applications than just Quickbooks and Mint looking to access data and the banks are not thrilled. There are literally thousands of financial apps (and more created every day) that utilize transactional data from banks. The accounting, budgeting, lending, investing, and financial planning app verticals are increasingly crowded. These apps control the front-end customer experience while allowing consumers to conduct financial transactions by leveraging a financial institution's back-end via API. But, in order to function or to provide any value to users, these apps require customer data from the financial institution.In "hacking" together these sorts of financial interactions, consumers are drawing a line between companies that offer the user experience they want, and companies that offer the transaction capabilities they need. This poses a strategic quandary for financial institutions, as they must decide whether or not to provide easy, low-cost access to customer data and risk pushing themselves further into a transactional role with little to no control over the customer experience. Becoming a transactional utility with commodity products makes a bank easily replaceable and limits product cross-sell, the lifeblood of bank profitability. On the other hand, if banks restrict data access, they risk losing customers to other institutions that are more willing to collaborate with consumers' preferred applications via API. The Ownership DebateAt the heart of this debate is the question raised at the beginning of this article: "Who owns the data?" Banks argue that it is proprietary data that the bank generates as it goes about the business of serving its customers and therefore belongs to the bank. Internet companies argue that data should be a shared asset, and banks should allow startups to put the data to work, to provide new and innovative user experiences. At the center of this battle, consumers argue that they should have rights to control and remove their own personal data from bank systems if and when they want - preferably for free. The earlier mentioned Costeja and Safe Harbor rulings by EU Couth of Justice show how this debate can go from being a public relations nuisance to a real cost center. In both cases what was once a strategic asset has been turned into a liability. Companies such as Facebook and Google must expend time and resources serving requests from individuals about their data, and must restructure their internal data storage and utilization processes to adhere to geographic boundaries (a confusing concept in the digital realm). In a few pen strokes, customer data was transformed from a company asset to a regulated material along the lines of alcohol, tobacco, and pharmaceuticals.Although all sides of this debate hold merit, the argument may be moot in the end, unless you hold a Google or Facebook level monopoly within a category. Once you're engaging a consumer in a debate over something as complicated as data ownership, you're already delivering a sub-optimal user experience. The ShowdownA showdown is brewing between banks and consumers over