The Chief Executive of the FOS has recently expressed worry over the protection of customer data. Cashfloat explores the increasing concerns about online data protection.
- What the Data Protection Act is
- What the FOS said about data protection
- Why there’s concern about online data protection
- Addressing the issue of online data protection
- How this affects UK payday loans
What is the Data Protection Act?
Data refers to any personal details held about an identifiable living individual. It includes information such as your name, address, email, phone numbers and credit card/bank account details.
All organisations are bound by the Data Protection Act of 1998. Whenever companies collect, process, record, store or dispose of data, they must do so under the terms of the Act. Companies must above all keep data secure to prevent unauthorised or unlawful access or processing.
What Ms Wayman said about Data Protection
The CEO of FOS said in January 2018 that easier access to financial services was an extremely welcome development. She explained that access to a wider range of products at the click of a button was a great improvement. However, she felt that there was rising tension between the convenience offered and the need to keep data secure. Finally, she predicted that this would be ‘an area to watch’ in the future.
Increasing Cases of Fraud
One of the reasons for the concern is that, according to ONS crime figures for 2017, fraud is the most common criminal offence. ONS revealed that in the year up to November 2017, online fraud alone increased by 226%. There were 2 million cases of computer misuse up to September 2016. In total there were 3.6 million recorded fraud attempts.
The Responsibilities of Financial Institutions
Although Financial Fraud Action UK states that banks stop £6 of every £10 of attempted fraud, are they doing enough?
There’s a feeling in the sector that more could be done. Two-factor identification has been available for years. Yet, there has been criticism that many financial institutions still haven’t made it standard banking practice. This dual-security system combines the use of a password as well as a one-off code generated by a device in the consumer’s physical possession.
Another worry is the number of data breaches that occurred throughout 2017. These occured in many different organisations holding personal data, from credit reference agencies to email accounts. If the data breach weren’t bad enough, there has been criticism about how firms dealt with the security issue. Many seemed to have no measures in place to identify and rectify the breach. Also, there were delays – sometimes of months – in notifying those who were affected.
Open Banking Schemes
The EU regulation ‘Payment Services Directive II‘ and the UK version ‘Open Banking’ aim to offer consumers a similar service.
In brief, with the permission of account holders, these regulations would allow authorised firms to access a consumer’s banking and spending history. This would enable them to see if th consumer would benefit from cheaper financial services from a rival institution. As a result, consumers would have access to more competitive deals and aid online shopping. Instead of typing in their payment details, customers would see their bank balance on the screen. They could even apply for an instant loan to fund their purchases.
Despite its obvious advantages, there are security fears about open banking. Consumer groups have expressed their concern about the potential misuse or loss of personal data. Also, there’s worry that third parties with access to data (such as retailers and fintech start-ups) won’t have the same stringent security safeguards as banks. This could potentially put people’s data at risk.
Addressing the Issue of Online Data Protection
One of the strongest deterrents is for firms to receive a fine for non-compliance. The new ‘General Data Protection Regulation’ has set strict regulations for organisations which store, process and share personal data. Fines can be as high as 4% of their annual global turnover.
The FCA is also concerned to play a role in ensuring compliance. To ensure that only viable third parties access data through Open Banking, firms will have to be approved by the FCA since they’ll be offering financial services. Although complaints can then be directed to the FOS, the supervisory body for ensuring the security of personal data will remain with the ICO (Information Commissioner’s Office).
Because of fears about accountability and liability following a data breach, it’s thought that the main banks will only deal with third parties which have stringent security measures in place. There are plans to draw up their own security criteria before they share customers’ data.
How Does This Affect Payday Loans
Unlike retailers or fintech start-ups, payday lenders already have safeguards in place to protect borrowers’ sensitive personal information. This new system of Open Banking will still have a major impact on how short term lenders operate in the UK.
First of all, being allowed direct access to a customer’s bank account will make their obligation to check creditworthiness much easier. Affordability checks will be much faster and much more accurate. Instead of relying on a borrower to tell them of their income and outgoings, they’ll be able to see for themselves.
Another change in the industry is how loans will be managed. If borrowers take out a loan to fund a major purchase, this could be paid directly to the retailer by the lender.
Online data protection concerns – Conclusion
Online data protection is something that concerns all of us. Financial institutions must put safety measures in place so that no breach occurs. Equally importantly, the last year has shown us how crucial it is for them to have contingency plans in case there is a hack. This can help to limit damages to their customers.
Companies are always improving online security measures. However, the problem remains that hackers are also becoming more and more sophisticated in their methods. The key to success for all financial institutions – including payday lenders – is staying one step ahead.