Digital onboarding: The Missing link in GDPR compliance

As the May 25 2018 deadline for GDPR compliance looms, financial institutions are busily preparing to offer their customers better data protection and consent options. The market trend seems to be prioritizing and investing in front-end systems first, before turning attention to back-end systems. There are two main reasons for this; the first is that front-end, customer-facing systems are the main way to obtain consent and data access rights from the customer, and the second is that it helps improve the customer experience upfront. They’re able to hit two birds with one stone.

Focusing on a digital customer onboarding solution can ensure that all future customer data is compliant with GDPR from the beginning. During the application, approval, and onboarding process, the customer’s access request, explicit consent, timestamps, and audit trail associated with these interactions can be captured in one place. The benefits of implementing a digital onboarding platform to help with GDPR compliance can be summarized in three critical areas to focus on; generating a single customer view, gaining unique business insights, and facilitating open banking.

Single customer view

It’s important to use a software with an open API that can sync directly to a CRM system, or whichever back-end system holds most of the customer data, so information related to customers and products can all be kept in one place. This single customer view (SCV) achieved during the onboarding process allows for data quality and consistency, making reporting much easier. Using third party data providers can help organizations fill in the gaps and verify existing data.

Along with keeping customer’s data private, GDPR also protects the customer’s right to only being contacted by electronic message by a company when they have provided explicit consent to do so. A SCV can provide easy access to information on the customer’s type of consent (explicit or implicit), the method with which consent was provided, and the date they did so. Should a company be taken to court for allegedly breaking GDPR, they are required to present these pieces of information to defend themselves.

Gain unique business insights

Over time, once the legal side of data capture and protection is in place, the data from a SCV can provide unique insights into how to improve the customer experience.  For example, some companies are setting up a data scoring system and using this to determine the risk level of their customers, based on parameters they set in place, as they come in through the onboarding process.

Facilitate open banking

Capturing customer data and consent upfront in the onboarding process and sharing this with the CRM for a SCV also has exciting implications for Open Banking. Eventually, customers will be able to indicate and provide consent for which companies they trust and want to share their information with. Indications of a customer’s explicit consent on a digital form, along with automatic date and time stamps and a digitally tracked documentation workflow can assist in GDPR compliance as sensitive information is consensually shared between two financial institutions. In return, the customer will have to fill out less paperwork and re-enter the same data fewer times, if at all, making it much more efficient and convenient for them.

For example, rather than asking a customer to record the date only along with their signature, some digital onboarding tools are date and time-stamping every step of the onboarding process to make sure they are compliant to GDPR. Each time information gets passed through from the customer to an employee, the next employee, or to a partner organization, the digital system instantly tracks the date, timestamp, and user ID to provide an audit trail.

Financial institutions have been looking at ways they can achieve digital customer onboarding either internally, or by partnering with a software vendor. They also recognize this is not a one-time build; GDPR is not the first regulation and it’s not the last.

Whether it’s done in-house or by an external team of experts, here are some best practices for a successful solution:

• Read more under:
• BankingTech
• Digital Banking