GDPR: Changing Lending Dynamics
Rejigging the lending function to align with GDPR provision
The lending function within financial institutions uses customer data from different sources to gain insights necessary to craft personalized offers. However, with the European Union’s General Data Protection Regulation (GDPR) coming into force in May 2018, restrictions have been placed on collecting information for profiling. In the rush to ensure compliance, banks may have opted for tactical fixes instead of a holistic strategy. This could leave banks open to regulatory scrutiny and penalties if their GDPR compliance processes are found lacking.
To avoid regulatory attention and continue to deliver personalized service, banks must assess GDPR impact on various aspects of lending and evaluate their existing processes to check if course corrections are needed. This will necessitate:
- Examining each stage of the loan life cycle to identify where data is collected, how it is used, and third parties with whom it is shared
- Assessing if the existing data processes and controls are adequate
- Implementing intelligent technology and process upgrades as required