Some Banks Are Using ‘Privacy’ as an Excuse to Avoid Innovation
Corner any banker with a question about a commitment to banking innovation and the response will be a full-throttled “Heck, yeah!”
But the truth is somewhere between that and “Who cares?”
What is more, there is a population of banks that are purposefully — and I mean, purposefully — creating a legal construct that prevents them from utilizing data-driven marketing, arguably the most valuable marketing tool available to banks today. Yes, I am shocked. Yes, I am wildly disappointed.
Let’s get the background first. Data-driven marketing allows for the presentation of product offers based on other data. An example of data-driven marketing would be the offering of a premium credit card to someone who is suddenly receiving a direct payroll deposit twice as great as it was the previous month. See Facebook for its most advanced form. The social network uses data to pinpoint target advertising, for example. Such advertising works, which is why ad revenue at Facebook is soaring.
Banks, too, have a unique opportunity to use data to create contextual, relevant, meaningful and useful marketing messages to their customers. They can, say, use that payroll data to offer a host of additional products, including an auto loan for a great amount (read: splashier car).
If you just gasped and reared back in your seat, appalled at the notion of peering into a consumer’s bank account for marketing purposes, allow me to point out that none other than the Federal Deposit Insurance Corp. has no problem with this. The FDIC explicitly says that consumers cannot opt out of information sharing with nonaffiliated third parties to “market the bank’s own financial products or services.” Here’s the actual text from the FDIC:
Exceptions to opt out: A consumer cannot opt out of all information sharing. First, the privacy rule does not govern information sharing among affiliated parties. Second, the rule contains exceptions to allow transfers of nonpublic personal information to unaffiliated parties to process and service a consumer’s transaction, and to facilitate other normal business transactions. For example, consumers cannot opt out when nonpublic personal information is shared with a nonaffiliated third party to:
- market the bank’s own financial products or services
- market financial products or services offered by the bank and another financial institution (joint marketing)
- process and service transactions the consumer requests or authorizes
- protect against potential fraud or unauthorized transactions
- respond to judicial process
- comply with federal, state, or local legal requirements
If a bank can share nonpublic information with a third party for marketing purposes, it can surely use nonpublic information for its own marketing. And yet, there are some banks that are purposefully constructing restrictions against such action. One such bank is Citizens National Bank, a one-branch bank in Virginia. Citizens’s privacy policy makes it clear that the bank could not engage in data-driven marketing, even if it wanted to.
We may disclose the following information to companies that perform marketing services on our behalf or companies with whom we have entered into a joint marketing agreement:
Information we receive from you on applications or other forms, such as your name, address, social security number, assets or income. Information about your transactions with us, our affiliates, or others, such as your account balances, payment history, and credit card usage. …
Account balances are OK, but not necessarily account transaction details. When I called Citizens National Bank, I was told that the bank doesn’t “product pop,” its term for selling products based on a customer’s transaction data or other information.
This compares to banks like Simplicity Bank, a California bank with around $870 million of assets, which clearly exclaims, “We automatically log personal data about specific individuals for the following purposes: Customer Administration; Marketing; Online Banking; and Online Bill Paying.
Why? Why would a bank like Citizens National Bank knowingly restrict itself from providing as great a service as possible to its customers ? There is, on the part of some bankers, a sense that such mining of consumer data upsets some consumers, that it “makes their skin crawl.” First, any consumer that thinks her banker doesn’t have full access to her account information is probably also a citizen of Mars. Second, if the data mining produces positive results for the consumer, I suspect that the “skin crawling” will stop quickly.
Something else is at play here, though. As I was looking into this, I reached out to the FDIC to confirm that the above explanation of its own guidelines, readily available on FDIC.gov, were accurate. Over the course of this week, I equal parts asked and begged for a response. I got none. There was a jarring message in the FDIC’s inability to respond to a simple confirmation of its own guidelines: if the FDIC is less than forthcoming about its privacy stipulations with me, it might be less than forthcoming with the banks it regulates. If that is the case, such incoherence is reprehensible.
But outside of the FDIC’s shortcomings, I would argue that turning a blind eye to data-driven marketing is equally objectionable to turning a blind eye to a customer in need. If you, as a banker, know that you can do better for a customer, but don’t, how have you fulfilled your commercial obligation to help your customer to the best of your ability? In other words, no more “Who cares?”
