image

GDPR, Open Banking and Digital Products

In a post-GDPR era, compliancy is a priority. This entails huge changes in all industries, including the Finance and Banking sector. In this interview with Marija Nikova, Division Manager in the Banking and Finance division in Seavus, we cover the hottest areas in the banking industries: GDPR essentials, digitalization, the clash between GDPR and PSD2, and modern digital products that revolutionize customer relationship.

In a post-GDPR era, compliancy is a priority. This entails huge changes in all industries, including the Finance and Banking sector. In this interview with Marija Nikova, Division Manager in the Banking and Finance division in Seavus, we cover the hottest areas in the banking industries: GDPR essentials, digitalization, the clash between GDPR and PSD2, and modern digital products that revolutionize customer relationship. 

To begin with, what are the GDPR essentials?

GDPR is a new regulation that sets rules and guidelines on how companies should collect, store, transfer and process personal data of individuals within the EU. This means that all companies should implement new methods of operating with personal and sensitive data of their end-customers, but also change their internal systems and processes, overall data security and transfer it to third parties in a secure way. This will completely change the way banks engage with customers. It will create a more meaningful, loyal and long-lasting customer relationship.

What does this mean for the banking institutions?

Banks, as all other companies I would say, are largely affected by GDPR because they collect and process huge amounts of data - millions and millions of end-customer data which is personal and sensitive. So far, banks owned the end-customer data, but now the rules of the game have changed: the end-customers gain full control and own their data, and they are the ones who give consent for their data usage. For this reason, banks need to implement consent management system, and also pay special attention for handling the customer’s right to have their data permanently deleted. 

And how far will digitalization go in the banking sector? 

There are always new regulations and novelties in the banking sector – new concepts and digital products are on the market overnight. The new PSD2 regulation and Open banking open a new door for third parties, like account or payment information providers, to get direct access to customer data and create various digital products and services.
What makes things more complicated for banks is that the PSD2 regulation is happening almost simultaneously with GDPR and banks have to implement both of them. There is a point where GDPR and PSD2 collide; the GDPR requires strong security and access restrictions on the individual personal data, whereas PSD2 requires banks to open up their APIs and share the end-customer data with third party providers - TPPs, but only with the end-customer consent.  
  
So, are GDPR and PSD2 two sides of the same coin? Can one make a compromise between the two? 

A compromise has to be done, but it requires extra attention on how both regulations are going to be implemented within the same ecosystem. While PSD2 is promoting more open data sharing, the GDPR is tightening the rules of data processing and privacy. But at the end, both are placing the customers in control of their own data. Still, there are some loopholes that must be taken into serious consideration as they may cause problems in the future. For example, when we give our data to a TPP, we do not know whether it is GDPR compliant, and we cannot even know where that data is stored - it might be in a country that is not in the EU.

What Seavus has to offer as a solution to these new regulations?

In this digitalization era, we offer a PSD2 platform for banks. The good news is - it is GDPR compliant! We also have a PSD2 API Gateway for TPPs that can access bank API, first asking for customer consent and then collecting account and payment data - GDPR compliant, too. We have also implemented a Smart Mobile Wallet on top of our PSD2 platform which can function as a financial manager and can operate payments, transactions, and give suggestions according to user’s payment habits. 
We are especially proud of our Smart AI ChatBot which can operate as an electronic advisor to banks, or any other industry. So far, chatbots have been designed mainly for conversational purposes to answer a pre-defined set of questions. Seavus Smart ChatBot is more mature from the other chatbots because it is built using Artificial Intelligence, Machine Learning and Natural Language Processing. The Smart ChatBot can recognize user intent without having the question posed in an exact pre-defined manner. It learns from each question and gets more and more mature with every conversation. It is also a multi-service solution because it can initiate payments, transactions, exchange currencies and be used for analytics as well. Apart from banks, it can also be used by insurance, telco, healthcare, travel and real estate agencies, restaurant industries and e-commerce, and is integrated with web channels, Facebook and Skype. It takes customer relationship to a whole new level!