The Data Anonymization Solution

By Chandra Ambadipudi

How banks can solve their marketing and compliance headaches in one fell swoop.

We’ve all at one time or another gotten an alert from our bank when it thought fraud had occurred. But what about a heads up when someone is overcharging us?

Since last year, Capital One’s Second Look program predicpredichas alerted customers of suspicious activity like being charged twice for the same expense. Leveraging data for customer outreach like that can help reduce churn and build brand affinity. When applied to advertising and marketing, such data can make spending more effective and help marketers create more relevant, personalized messages that drive higher customer engagement.

Most banks struggle to harness their data like that.

One reason is that data is often siloed across their network so it’s hard to put into action. Another is that the data is of a sensitive nature so banks are bound by ethics and government regulations (e.g. PCI, NCUA, GDPR) that can create challenges for putting it to use.

But there’s a way to both ensure compliance and leverage the data—albeit in an anonymized fashion—for use in marketing.

Data for banks is a double-edged sword.

In 2018, all marketers use data—or at least pay lip service to the idea. Like many other sectors, such as retail, financial services firms have access to lots of high-quality, actionable data. For instance, a bank may see that a customer has taken a lot of trips to Home Depot lately and conclude that they’re up for a pitch for a home equity line of credit.

In the words of Voltaire and Spider-man though, with great power comes great responsibility.

Access to huge amounts of personal data increases the risk that some of it will run afoul of compliance standards—especially in highly regulated industries like financial services and healthcare/pharma. The looming implementation of the EU’s General Data Protection Regulation (GDPR) in May has upped the ante. Use of data that hasn’t been procured with an EU resident’s consent can result in fines of up to 4% of revenues. For countries like France and Germany, such stringent standards are nothing new.

How anonymization meets both needs.

Regulations ranging from the Gramm-Leach-Bliley Act (GLBA) to GDPR compel banks to audit their data on a quarterly basis and weed out data that is held without their customers’ consent.

Banks don’t need to dump that data wholesale though. Anonymizing such data can allow banks to still use it for marketing purposes with broad aspects and attributes on which they can do larger customized campaigns even if not at an individual level—and still stay on the right side of the privacy issue.

In a kill-two-birds-with-one-stone solution, banks can go about segmenting such anonymized data while they cleanse it. Better yet, they can automate the process and execute it on a regular basis to make such data available in real-time. Many systems designed for compliance continuously monitor data sources to ensure compliance. That same real-time monitoring can also mask data and then glean insights to apply to marketing.

Banks, of course, handle a huge amount of data, but that’s not unusual these days. Marketers focused around online marketing and customer data handle volumes that have grown to billions of transactions per day. These vast volumes of data have made it hard for banks (and other organizations) to understand what sensitive info exists in their ecosystem and where it exists.

In this case, the needs of marketing and compliance have dovetailed to make way for a solution that meets both needs. For customers of banks and credit unions, that means that they can trust their financial institutions to handle their data responsibly and to use it intelligently.

Chandra Ambadipudi is the CEO of Clairvoyant, a leading big data consulting company, and Kogni, a platform for companies to discover and secure sensitive data in enterprise data sources.