Nalini Haridas and Sandeep Reddy
It’s no secret that the banking industry is highly regulated and these regulations usually align with the dynamic nature of economic downturns and booms. The term ‘regulations’ often come with a negative connotation and is linked to restrictive controls that protect the economy and customers but create friction for companies.
What is usually overlooked is how regulatory frameworks are key drivers of transformation for the financial industry.
This is particularly true of data regulations for the banking industry. The graphic in Fig. 1 depicts the succession of global shifts in banking regulations. One will notice that there is a growing focus on regulations designed for data privacy and consent.
Figure 1 - Advancement of banking regulatory focus (* List of Banking Regulations is representative of the shifts in focus, it is a non-exhaustive list)
Let us look at this in the light of how financial data has grown over the years and couple that with how financial institutions have been managing their ever-growing data.
Incumbents’ tryst with the mindboggling data explosion that spans availability, volume and complexity began through organic explorations of their customer information caches. These inspections led to use cases such as performance measurement, risk analytics, customer, marketing analytics and more.
As banks recognized the monetizable data they were sitting on, there was also an increasing recognition by the financial sector and regulators that data privacy, cyber security and consent were significantly consequential. This led to regulations for both data protection and consent, and for harnessing the broader potential.
Examples of transformative data regulations
Data regulations have been centre stage globally, and in India for the last three to five years. The European Union’s General Data Protection Regulation (GDPR) finalized in 2016, for instance, was a forerunner in cross-industry data protection.
Around the same time, UK’s Competition and Markets Authority issued the Open Banking Standard. This move mandated nine major UK-based banks to allow outsider access to their account and transaction data. The move triggered a wealth of innovation and competition in the sector, giving the end consumer a much wider choice of products and services. Such regulatorily-prompted data sharing has market-wide impact and improves trust in the ecosystem as well.
Closer to home, India’s cross-industry Data Empowerment and Protection Architecture (DEPA) empowers Indians with control over their own data and also democratizes service providers’ access to customer data.
Specifically, for financial services, the Reserve Bank of India (RBI) created frameworks that envisioned both data empowerment and sharing. These frameworks are in the form of the Account Aggregators and the Public Credit Registry (PCR).
The Account Aggregators, newly licensed entities by the RBI, act as consent brokers of customer information. While customer data is securely shared, the regulator plays a part in standardizing the format of exchangeable data. This breaks down customer data silos that are currently held across various organisations.
Additionally, to ensure customers’ credit histories are easily available, the RBI announced the PCR. Regulated entities like banks and non-banking financial companies (NBFCs) submit information that provide a comprehensive credit view of the customer.
Advances in technology have also paved the way for these developments in the financial sector. Today, tech forms the digital backbone for broader applications of ‘organic’ use cases, that were once localized to bank-held data and bank’s proprietary algorithms. Technology teams have accomplished this by building a resilient and scalable data management architecture, modularizing data access through open APIs and developing consumer friendly applications and advanced analytics.
For incumbents to truly benefit from the transformative power of data regulations, they need to collaborate with technology enablers and subject matter experts. This will ensure they -
- Recognize data is at the heart of their digitization programs
- View data as an asset and data as a business to be able to monetize it
- Develop superior investment models, credit decisioning models and fraud detection models
- Understand the potential of cross-usage of data
- Design innovations within the regulatory sandbox
- Build strategic, scalable and future-perfect data infrastructures.
- Invest in the right technology and engineering processes that will deliver faster results
The role that data regulatory frameworks play, within the financial sector, in harnessing data-as-assets and pushing beyond the yoke of a single market-driven advantage is beyond question. This transformation is in fact leading to the evolution of payment innovations, lending models, an increase in credit penetration and a decline in fraud and criminal activity.Nalini Haridas, Domain specialist for Risk & Compliance and Sandeep Reddy, Head of Financial Services Practice at ThoughtWorks