The outcry currently surrounding Facebook and its use of data has important lessons for financial advisers and other financial services businesses, argues Marilyn Cole

If you really want to understand just what might be at stake in recent revelations about personal data, try speaking to someone who has decided to close down their Facebook account.

Not someone who has decided to deactivate their Facebook profile, which leaves the data with the firm, but someone who has decided to shut things down completely. Once you are committed to that process, Facebook invites you to download your data – and it is at this point that sparks really start to fly.

We are already hearing an outcry from people who are confronted with just how much information the company has been storing, including – in some cases – years of calls, texts, and associated friends’ details including phone numbers. Some of this information has been obtained through Facebook Messenger and Instagram. One of the things people find particularly horrifying is the interconnectivity of it all.

So far, the people actually doing this are either likely to be politically motivated and reacting to the #DeleteFacebook campaign (organised on Twitter!) or those spooked by the headlines and now ultra-cautious about their data. This is not your typical client or customer – at least, not yet.

But their horror at what they have found should give us all pause for thought. This is not something that is just happening in the world of social media. We are pretty sure it has important lessons for financial services and its operation in the digital world too.

Of course, no-one can operate a serious financial services business without data. Fund managers have arguably required the least customer data to date – though MiFID II demands much better understanding of who the end investor is. Since that is, necessarily, a data-driven task, things may be changing.

Pension companies, insurers and lenders all have very significant customer-information needs. Interestingly, recent research by the Syndicate, from Protection Review, suggested that while insurers fared pretty badly on several fronts including still not being trusted to pay out, one silver lining was they were trusted more with customers’ data.

In addition, financial advisers are increasingly talking about their role as trusted guardians of their clients’ information – something they should embrace, especially as the GDPR comes into effect. Yet even with this new regulation, financial services firms need to think carefully about their approach and how they are communicating with clients about their data in light of recent events.

One of the biggest nightmares for advice firms would be a data breach – either at their business or with one of their partners. This is not what we are mainly addressing here – even though we are big fans of what firms such as Beyond Encryption can offer to tighten up security around client emails, for example.

We would attach almost the same level of importance to reassuring clients about who their data is shared with and why. This is also addressed in the GDPR but it makes a great deal of sense to emphasise to clients this is intended to be what you might call a closed information eco-system – that is, between advisers, platforms, fund firms and pension companies – and that any data passed beyond this to regulators, for example, is generally anonymous and often in aggregate, except in the case of supervisory visits.

Financial firms – including advisers – also need to think about that sub-set of customers and clients who are happy to share their data more publicly and embrace developments such as open banking. They are not exactly signing up to a data free-for-all in any case. They will want strong reassurances backed up with strong communications too.

You could argue this is about contrasting how financial services firms deal with data in comparison with other firms that are essentially in the data business. Thus financial firms need to consider their commercial interactions with social media.

Individuals have been surprised about how data is shared, mapped and traded involving data not just about themselves but also their friends. It may well make sense then for firms to consider this in terms of their commercial profile on such sites, including what it means for their business contacts and customers too.

You and those you interact with on social platforms are probably fine with how information is being used and shared. But it is worth asking the questions and seeking the information. Just like some of these irate former Facebookers, it might unnerve you too – though whether you will want to adjust what you are doing is a different matter. It is surely best to be informed rather than surprised.

Finally, you may want to consider how you advertise and market to customers. We design websites – often with a view to how this will interact with a number of platforms and channels – but we do not generally buy the media space.

Yet at the heart of the recent furore sits illicit data harvesting and – wait for it – ‘psychographic micro-targeting’ based on that data. It is difficult to know much store we should set by the boasts of a political consultancy, which talks about secretly filming politicians as an underhand political tactic, while being secretly filmed. That said, we do not think it should be dismissed out of hand.

It may make sense for financial services firms to consider whether they are satisfied with how their sales and marketing works in the digital world or whether ‘know your potential customer’ is being taken too far – even if what you are doing is not called psychographic, micro-targeting!

There are so many excellent tried and tested techniques for marketing and digital has usually enhanced their effectiveness.

By and large, financial services operate within a strong regulatory framework for marketing and communications and now – admittedly a little late – data regulation is catching up.

As we said, though, some clients, customers and potential customers are getting alarmed. They do not like you knowing everything about them and using it in marketing unless they have played an active role in accepting their data will be used this way.

Yes, the GDPR addresses some of these issues but, along with complying, it makes sense that financial services firms and the intermediaries who recommend them give some thought to how they avoid being caught in the current backlash before it goes completely viral.


12 February 2018

It’s time to open your mind to open banking

10 July 2018

Could our pension dashboard hopes be dashed?