Finance and Risk

Can you change privacy risk challenges into gains?

March 3, 2020

Research report

In brief

Accenture’s 2020 Privacy Study finds challenges ahead for the financial services privacy function—but opportunities for business gains.
Is it time for privacy to rise in stature? Yes, if financial firms can connect the security and data functions for a stronger value proposition.
By focusing on financial consumers’ dual need for privacy and for personalized services, the privacy function can help personalize financial offers.

Privacy regulations are changing, but are financial services firms prepared? Accenture's 2020 Privacy Study, a survey of 100 North American and European privacy executives, suggests many face residual privacy risk. Upcoming consumer rights regulations may leave financial firms more exposed—but not if they view new regulations as a chance to elevate their function and deliver broader business gains.

Increasing visibility, or increasing stature?

The privacy function at most financial firms is not new. Existing regulations have brought some visibility for the function, with headline-grabbing data breaches shining an even brighter light on privacy risk. But visibility is just a starting point.

Given the customer-centric nature of privacy risk, one can argue privacy accountability should shift to a firm's first line of defense, increasing its stature. Further, it may be time for the privacy function to mirror the post-crisis rise of compliance, or the more recent rise of information security. Privacy risk can gain its own prominence by building a sustainable operating model across the organization's first and second lines of defense.

Connecting the security and data dots

Information security and data management often are partners in a financial firm's first line of defense. But as consumer rights regulations come into play, with its associated dependencies on effective third-party management, firms are expected to more closely manage these inter-dependencies.

For some, "double hatting" the Chief Information Security Officer and Chief Privacy Officer roles works, but our 2020 Privacy Study found 70 percent of financial institutions organizing the privacy, information security and data management functions separately. One solution might be to adopt a "privacy by design" approach, emphasizing privacy as a key consideration of customer journeys, thus embedded in multiple functions.

What do privacy executives say about their function?

70_%

Of 2020 Privacy Study respondents say privacy is a key material risk for their financial firms.

72_%

Of respondents say their organizations use consent to tailor customer-facing offers, but leading firms are working to integrate privacy programs into the broader value proposition.

>50_%

Of respondents identify privacy risk monitoring as a key residual risk, highlighting the need for capabilities commensurate with privacy’s status as a material risk.

1OUT OF3

2020 Privacy Study respondents lack a clear road map and the resources to address their residual privacy risks.

A greater value proposition

Business happens faster than ever, complicating the risk scenario for privacy, data and security. But there's an advantage for financial providers ready to leverage privacy data into hyper personalized services.

Our 2018 Global Consumer Pulse Research found that 70 percent of customers surveyed won't do business with a provider they don't trust to protect their personal information. But more than three in four consumers are willing to provide their data if it means personalized offers, efficient services or competitive pricing. Privacy functions are well positioned to make the most of this balancing act, providing data privacy while being transparent about data that is gathered—and leveraging that data into custom offers.

Bold moves are required to accelerate the journey for privacy—built on a control framework that reflects the new reality of risk in the information age, and focused on delivering sustainable value to the business.

Ready to move your privacy function forward?

Do you have what it takes to raise your privacy function's stature? Are you ready to be bold and accelerate your journey to address the new reality of privacy risk?

Don't settle for a function that just meets new requirements. Learn how Accenture can help you build your privacy function into one that delivers broader business value.