There can be no question that the value of data has increased in recent years. However, in 2018, how this data can be collected and used across all industries will change with GDPR regulation, and potentially enhance finance affordability checking, writes Shaun Harris, sales director at Codeweavers

Right now, businesses should be asking themselves: What data have I got? Have I got the right data? How and why do I have it? What am I using it for? Do I have permission for this? And can I prove that?

While businesses will need to adapt to the changing data usage world, so will customers and I suspect that – at least in the short term – there may be a level of consumer resistance or reluctance to provide additional data. Perhaps technology can help ease this load; we welcome everyone’s views here.

The Key Changes Ahead

Data management and protection

On 25 May 2018, the requirements for managing individuals’ data will change courtesy of the Data Protection Bill and GDPR regulation – although, somewhat frustratingly, right now the e-privacy requirements have yet to be finalised.


How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

This potential change is more subtle because it may not arrive in the form of precise regulation, but next year we expect a push in the world of finance to ensure that meaningful affordability checks have been completed.

This became more apparent in early December with the Financial Conduct Authority’s (FCA) announcement that it is to examine the way that Moneybarn processes are applied to customer affordability assessments for vehicle finance, and the treatment of customers in financial difficulty. It is hard to think that other companies will not be affected by this investigation.

A Few Key Steps

Privacy notice

Most privacy notices are ‘boilerplate’ driven – all very generic. This will not cut it under GDPR.

The needs for “fair processing” and “clear language” requirements mean businesses will need to give more information than ever, explaining how they will use and protect the data collected – all in a way that is simple enough for the intended audience.

Article 13 provides prescriptive guidance. In short, if you hoped the change would be easy, this one step should provide a foundation for identifying what further work is needed than you may have anticipated!

Data management and protection

Having talked about the foundation point, I can admit that when we initiated our project within Codeweavers, we were staggered by the level to which we would have to make changes to our processes and controls. This is not just a tick-box exercise.

To highlight three further areas, which seem to be underplayed:

  1. Data sharing: When a customer gives consent to their data being stored, they need to know with whom it may be shared; in our experience, this is often wider than you might think.
  2. Big data and customer profiling: Much of what constitutes ‘big data’ is personal data and there are clear implications under GDPR for data processing/profiling and the use of personal data. This is especially true where third-party data overlays may be in place.
  3. List rental: There is one area I would personally be very wary of going forward – list rental. As soon as you rent a data list, it is the user, not owner, who is responsible for ensuring that data is compliant. Candidly, I would not want to underwrite that any list has full and appropriate consents.

In summary

Data management must change, and that is a good thing. Databases should be smaller, more useable and more accurate, but above all more targeted.

People who give consent want to be connected to you, or at least know why they should be. Certainly, there will be some issues – data profiling being a clear one but – overall as a consumer I am a fan.

As a consumer, what I also know now – better than ever before – is that I will not respect any business that abuses my data.