Most businesses have a tentative relationship with regulation. They understand the need for protection and welcome it when the need arises. But are also frustrated by the hurdles regulation puts in their way, especially as we live in an age where simplification and immediacy rule.
But perhaps there is no need to have such a conflicted relationship with regulation. Could it be possible that properly followed, regulation might provide a best practice framework? That, far from holding companies back from delivering seamless customer experience, it enables it?
General Data Protection Regulation (GDPR)
Since coming into force in May 2018, much has been written about the General Data Protection Regulation or GDPR. Some have called it the Millennium Bug – 20 years on. But if some organisations were able to conclude that GDPR was a lot of fuss over nothing, the likelihood is that they were in the fortunate position of already having strong data governance in place. For anyone whose data management tended to be of a more ad hoc, organic nature, GDPR caused all manner of upheaval as companies tried to unscramble their data architecture by the deadline.
GDPR was all about cleaning house – de-duplicating entries, making sure systems were set up to collect data efficiently, getting permissions and policies in place. Certainly, punitive fines for lack of compliance are a significant incentive to comply. But surely the advantages of having a clean, collaborative data architecture are worth the initial inconvenience?
What about PSD2?
The revised payments services directive, or PSD2 as it is commonly known, seems to run counter to the aims of GDPR. Where the latter seeks to lock down customer data to the minimum number of handlers with the maximum security, PSD2 seeks to open up services in the financial sector to as many innovators as possible. In doing so, it creates a long tail of service providers, all of whom need access to… customer data.
On the surface, this is a contradiction – particularly if parties don’t have their data house in order. But again, if organisations take a regulation like GDPR and use it to triage their data operations, participating in something like PSD2 should present the opportunities the EU legislation was designed to create.
The Competition and Markets Authority (CMA) in the UK is actively supporting PSD2 as a way to open up competitiveness in the banking sector. This is expected to drive better customer experience as well as streamline business practices.
Of course, regulation continues to be a challenge. Companies have neither unlimited time nor money to spend on managing red tape when they should be serving customers. Additionally, not all regulations are equal. Compliance in China is very different to levels of tolerance in the EU. The simplistic solution is to aim to adhere to the ‘gold standard’ of regulation, regardless of market, to ensure the most stringent standards are met.