Marketing in the era of GDPR

Since the advent of the digital wave, financial institutions have been focusing on user experience and personalization as a means to stay ahead of competition and drive revenue growth. For any financial institution, quality of customer insights serve as success factors across two key areas: 1. Creating an exceptional Omni channel customer experience. It plays …

by | July 30, 2018 | Maveric Systems Ltd

Since the advent of the digital wave, financial institutions have been focusing on user experience and personalization as a means to stay ahead of competition and drive revenue growth. For any financial institution, quality of customer insights serve as success factors across two key areas:

1. Creating an exceptional Omni channel customer experience. It plays a key role in creating awareness across multiple banking products and driving cross sell/upsell initiatives

2. Driving revenues through marketing campaigns aimed at reaching prospective buyers of the bank’s services and products

Needless to say, data is the cornerstone of any of these initiatives. Earlier, banks could glean user data through cookies, ‘free’ services and countless forms that rarely provided any clarity on how or where the data was going to be used. Not anymore. With GDPR coming into the picture, the need to provide transparency of data to the customer has been mandated. Companies – irrespective of their location – that collect data on citizens of EU countries have to comply with GDPR. Penalties for non-compliance are steep, with a maximum fine of up to 4% of annual global turnover or €20/$21m (whichever is greater), based on the severity.

In the subsequent sections, we have attempted to provide a bird’s eye view of the effects and advantages of GDPR across three key marketing areas.

Customer data

Until recently, a bank's customer data has resided on multiple systems. Banks have also depended heavily on third party providers to run their campaigns and so substantial data resides with them as well, mostly in cloud based environments. The modus operandi has been to get data across various sources and launch a marketing campaign based on segmentation and targeting to the collated database. However, this does not assure the relevance of the data to the campaign or accuracy.

GDPR brings along with it strict policies in terms of how customer data is collected and how it is stored. It mandates having an understanding of the entire work flow of the customer data. To put this in place, banks have to interface across multiple legacy systems, third party providers, as well as external data sources. Further, duplicate sources of data residing across systems have to be destroyed. They also need to have a critical look at systems and platforms that deal with data like email lists, data management platforms, data storage platforms etc.

What these measures guarantee is having a single source of truth and more importantly data trail or history. The customer data available at the end of the exercise is true, validated by the customer for specific use, and supersedes any data available across any systems, thereby ensuring accuracy of marketing campaigns. Needless to say, tremendous effort is needed from the bank in terms of creating the necessary interfaces and integrators for data gathering as well as validation mechanisms. All this stands justified by the gain in accountability and transparency in terms of the availability of data and its purpose.

Marketing campaigns

For marketing, building customer personas using behavioural data like browsing patterns, product selection patterns, and transactional data like purchase history. Such personas are used to create focus groups and target financial products like credit cards, loans, insurance plans etc. Banks have to date depended on third party and online data sources to get the required analytics done. However, with no boundary on the time duration of the data and minimal validation of data, the accuracy of such campaigns was questionable.

With GDPR coming into picture, banks have to revalidate customer data. They need to outline the purpose for collecting the data from the customer and get their explicit consent if they intend to target offers and campaigns at them. Further, another condition of GDPR is the right to be forgotten – meaning the customer needs to know the period beyond which his data will be deleted. The vendors on whom the bank depends for getting customer data or external data stores also need to adhere to these norms.

What this means is that the marketing database will be fine-tuned for each campaign. Banks will need to ensure that they filter the customer data only to include what is relevant for customers. Taking a closer look at the existing data set will help in removing the noise and only have the right audience open to receiving inputs. The scale of customer information will definitely reduce, however on the positive side, the available information is much more accurate. This way the marketing campaigns are more streamlined, focused and also command higher response rate since you are marketing to an audience that has opted in to your message knowingly. In short, the campaigns are sharper and success rates are higher.

Artificial intelligence (AI) for better customer experience

AI is increasingly finding use across marketing initiatives by augmenting/enriching customer insights. However, it depends heavily on data to draw the right understanding of the customer. The sources providing customer data are diverse ranging from website behaviour to biometric information. Validation of these data sources and ensuring they are in line with the GDPR guidelines is paramount.

AI plays a key role in enabling decisions regarding the creditworthiness of a person for eligibility for loans, dynamic pricing and applying credit limits. Prior to GDPR, such data was not restricted by customer consent and hence could be used by a bank to approve or reject a customer application. With the customer consent being a crucial part of GDPR, usage of data in arriving at such creditworthiness decisions need to be validated by customer. Hence, the bank needs to ensure that data stores and external vendors providing this information to the AI systems are GDPR compliant.

Increasingly we are also finding many banks using biometric systems for bettering customer experience. BBVA has already launched facial recognition payment systems. Right now the bank has limited this feature to its restaurants and customer consent is taken prior to pushing any promotional offers to them. Going forward, with multiple banks embarking on such initiatives as well as RFID and location based systems, customer consent in sending the right offers based on their preference will be crucial. The bank will need to justify how customer data is being used: is it being used only for access to their banking systems, or is it being used by the bank’s partner merchant establishments to detect when a person arrives at their outlet? The questions are many. While in the short run, these might prove to be a dampener to AI adoption, but in the long run it will help in making such systems more accurate and constantly updated.

Customer insights serve as the lifeline for all marketing campaigns, be it targeted ads, focused email campaigns, telephone campaigns or personalised customer experience. A February 2018 Hubspot research paper showcased that only 36% of marketers were aware of GDPR. It does not mean that GDPR might be the end of traditional marketing campaigns as we know it, on the contrary it enables marketers to create effective target marketing strategies and campaigns for users that directly engage with the bank. Customers are definitely are open to exchange data for a more personalised experience, banks just need to ensure that the data is put to good use. Although GDPR poses substantial challenge to financial institutions on gathering customer insights, it has given them an opportunity to be better at customer engagement initiatives.



The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice

Video | Banking The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice


The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice

Anyone can fall victim to cyberattacks, and the FBI is no exception. Earlier this month, their email servers were hacked… Continue Reading

View resource
eNewsletter Autumn Edition available now!

Brochure / Fact Sheet | Banking eNewsletter Autumn Edition available now!

Profile Software

eNewsletter Autumn Edition available now!

Profile, an international solutions provider, announced today the release of its quarterly eNewsletter (Autumn 2021) Edition, which includes the company’s… Continue Reading

View resource
Meet Praxent | Episode of NXTsoft's Podcast

Best Practice | Banking Meet Praxent | Episode of NXTsoft's Podcast


Meet Praxent | Episode of NXTsoft's Podcast

On this episode of NXTsoft’s podcast, our guest is Kevin Hurwitz, Managing Partner at Praxent. Kevin introduces us to his… Continue Reading

View resource
FX Exposure Tool

Video | Banking FX Exposure Tool


FX Exposure Tool

In just under two minutes you will see just how easy using this powerful customer engagement tool really is. Hedgebook’s… Continue Reading

View resource