With such increasing avenues of access to financial services, customer personal information also becomes easily accessible. Open Banking APIs make it easy for FinTech’s to work with traditional banking data. Combined, the unstructured data that is available on the internet could be mined to gain new customer insights. Being aware of the differences between B2B and B2C perspectives, the dark sides of digital technologies are underrepresented in the current rhetoric around digitalization of financial products and services.
The current debate in this context seems to be skewed towards the turf wars between old and new technologies, incumbent banks and challenging FinTech’s, and other competitive factors, but less towards the more important aspects of ownership and consumer rights on data.
For example, in a recent article, the Economist raises ownership issues related to the increasing digital content in everyday technology such as cars, washing machines, and even sex toys! The story goes – if producers of these increasingly digitized machines and devices embed the rights to consumers’ personal data in their products and services, consumer rights and abilities will reduce to symbolic power, making consumers incapable of claiming rights over the data they have been forced to share as they use and consume the products that they have righteously paid for. This topic becomes significantly important in financial services given the sensitivity and security considerations.
The same article concludes with a vivid call for debate, denouncing that “Ownership is not about to go away, but its meaning is changing. This requires scrutiny.” It is from this vantage point, we see several ethical considerations for Fintech that need to enter public debate.
Regulations vs Ethics
While there are regulations in place to control the exploitation of personal information, it would be interesting to see the extent to which FinTech’s enact these preventive processes and procedures against unauthorized or exploitative use of sensitive customer data. In the first place, it would be interesting to see if the current regulations are sufficient enough or new ones have to be put in place to ensure better control.
It is true that some recent voices have been raised against the inert legal and institutional regimes, that have so far been incapable of effectively regulating the scope of activity and intrusion of disruptive digital technologies on consumer and intellectual property rights. Can PSD2 bring about significant reforms in this front? As it stands, traditional banking is increasingly becoming regulated, which provides some degree of security to consumers of financial services. However, FinTech is still poorly regulated, which there is more risk involved for consumers of FinTech solutions at society at large.
For example, Know Your Customer regulations and Anti-Money Laundering and Anti-terrorist financing regulations, makes traditional banks less inclined to provide financial services to certain parts of the market. FinTechs have yet to be fully regulated by these laws.
Needless to say, as FinTech firms develop their technologies, customers are increasingly allowed to change their profiles online. However, in a recent report the Financial Industry Regulatory Authority (FINRA) states “If investors frequently change their profile, an effective practice is for broker-dealers to contact the investor to understand why the investor is making these changes.”
Technological empowerment of customers’ sense of ownership of their personal data is clearly a bounded choice, and should be legitimately questioned by FinTechs. The upside is indeed that FINRA is prompting FinTechs, albeit without coercive regimes, to comply with the regulations of traditional banking. The odd side is that it considers customer profile changes as harmful, assuming that FinTechs will unravel customers’ real intentions to prevent fraud or some other harmful activity. Such a skewed view on customer data risks creating yet another rigorous apparatus, disadvantaging customers vis-à-vis FinTechs.
Another rising concern is ensuring the consistency of implementation of regulations across FinTech’s, given their diverse offerings. While customers can get access to more personalized products and services, it also increases the risk of susceptibility to fraud if the information is not handled securely or is compromised. The financial ecosystem might be threatened even if a single untoward case is reported, unlike the traditional financial institutions where only the specific entity is affected. Customers might lose transparency on where their personal and publicly available information is being used and they might become more sensitive towards online social engagement, thereby creating yet more information asymmetries that disadvantage the customers’ right to their personal data.
There is also an increased risk of criminals and terrorists exploiting technology to aid them in their activities. A recent article on FT also raises a question if regulations should be in place for smart home-appliances – data compromise there would mean directly intruding into someone’s private space. Given the increasing trade in customer data, we find this development particularly alarming in the case of FinTech. We would therefore urge a debate and actions taken from FinTech’s to responsibly develop mitigating procedures.
Ethical considerations for FinTech
First, many online trade sites offer their customers a repository containing historical purchase data. FinTech’s could advance this practice, by offering their customers a log containing information on how their personal data has been used. Customers should be able to disable the use of personal data along a sensitivity scale, allowing FinTech’s to use certain type of data and prohibiting them to use other type of data.
Second, most online accounts contain asymmetrical advantages vis-à-vis customers. Account terms and conditions are rarely read in detail by customers and do often contain clauses that give the platform owners the right to use customer data for commercial purposes. FinTech firms, in fact all firms, should introduce logs available to customers informing them to whom their data has been sold (or shared). This level of transparency should be a threshold level for all online accounts.
Third, FinTech firms could do more than this – they could allow customers to freely choose with whom, if at all, the platform owner can share data, what type of data, and for what purposes. This would give the customers a chance to decide and control the spread of information about his/her deeds while at the same time allowing FinTech firms to develop services that are more closely aligned with emergent trends among customers.
We are aware that these points may seem inhibiting for business, but operating at the forefront of a data driven age comes with responsibilities as to what the core business of the FinTech firm is. We take it as given that most platform owners consider their core business to be information brokerage, but if this comes at the cost of customer integrity, it is questionable whether such opacity is ethical in the long run.
The increasing advancement of AI solutions that span multiple devices and technological platforms should serve as an initial warning. Customer first is a key aspect that every firm refers to these days and customer experience is at the heart of their strategy. In such a model, losing out on basic ethics might instantly pull the firm down on moral grounds. It is equally important for FinTech’s to consider running an Ethics Engine, besides their RegTech or Cloud or AI engines.
As of 2016, a WEF report states that the organization is already debating about the ethical use of customer information by FinTech’s, trying to ensure consistency across the industry and setting industry standards. Such an initiative should be welcomed by FinTechs and should be in their interest to engage in standard setting such that it complies with sound and ethical business practices.