Data protection is becoming central to the digital transformation of financial services businesses. Heightened awareness of data privacy issues is driving government policy on consumer protection — including a legal obligation for insurers to obtain consent for using consumer data for various purposes. Robin Wagner, Senior Vice President, International Insurance at TransUnion, walks us through the dynamics of consumer consent and shows how, by offering an ecosystem of additional services, insurers can gain consent while building customer trust and loyalty.
In today’s article we examine one of the most important variables shaping the development of insurance globally: consumer consent. The flow of data and the development of new analytics and AI technologies are increasing at tremendous pace opening many potential new benefits for consumers and insurers, but all is contingent upon consumer consent.
The number of people affected by identity theft, fraud and data breaches has spiked in recent years, resulting in growing costs for insurers. Insurers across all lines of business lose about $80 billion each year to fraud, and approximately 60% of insurers say fraud has increased over the last four years.1
A heightened awareness of the risks of fraud and the need to protect consumers’ identities, privacy and data are having a big impact on government policy, driving change in the legislative structures of many countries. Nowadays, consumers (and regulators) want to know how their data is being used, why certain decisions have been made about their insurance products, and how their digital identities are being managed, stored, secured and protected.
Around the world, the use of consumer data in the insurance process is governed by a variety of different sets of legislation, for example insurance, consumer protection and/or data privacy legislation. Most markets have some form of legal protection in place to govern access, use, process, disclosure and transfer of personal, sensitive and credit data.
Recently, there is a noticeable global trend of enacting or updating data protection laws to be on a par with the General Data Protection Regulation in the European Union. Examples include the California Consumer Privacy Act in the US, the General Data Protection Law (Federal Law no. 12,709/2018) in Brazil which is expected to be effective in early 2020, and the Personal Data Protection Bill 2018 in India.
It is important for insurers to be aware of what is permissible and where. Explicit consent may be required for certain purposes, particularly direct marketing and the use of sensitive data. Some jurisdictions may allow insurers to use aggregated data for developing products, as this practice may not necessarily compromise the identity of the individual consumer.
The table below gives a simplified summary of some key legislation pertaining to access, permissibility and exemptions that govern use of data in the insurance process. The chart details are indicative only and not wholly representative of all the laws and relevant legislation.
One challenge insurers typically face is that it takes time and resources to explain and capture consent, whether it’s online, over the phone, or face to face. While there are consumers who expect you to monitor their profiles in order to provide better services and products, there will also be those will be more sensitive about how their data is being used.
Transparency is key to establishing trust, which in turn makes consumers more willing to share their information. But how do you build in transparency and ask for and obtain consent in a way that’s compliant and consumer-friendly without obstructing the sales process?
One way is to incorporate consent at different points in the insurance lifecycle. If you need information for pricing, request it at the quote stage. Depending on the requirements of the data protection law in different countries, if you want to access credit information for a new purpose, for example policy management, cross-selling, direct marketing or repricing, you will be required to ask for the consent of the consumer.
Subject to the requirements of the data protection law in different countries, one, innovative, way to address the challenge of consent is by offering additional services (either free or subscription-based) that add value to the consumer. Adding new services could yield a set of consents enabling cross-selling, marketing and product development.
Many insurers are building an ecosystem of services that relate to their core products to strengthen customers’ perception of value and improve retention rates: roadside assistance and emergency services for auto insurance, for example, or healthy-living rewards linked to medical cover.
The demand for ecosystem services is high. The more you can wrap around your core offering, the more loyal (and less price-sensitive) your customers are likely to be.2
These ancillary services can be used to garner consent for different types of use of data after the sale, and they don’t have to be developed in-house. TransUnion’s CreditVision and myTrueIdentity — products that help consumers protect their digital identities — are examples of services that complement any insurer’s core offering and can be used to acquire consent while offering greater protection to customers
As consumer protection heightens the world over in line with growing consumer awareness and the rising amount of data being collected, the demand for consumer privacy will intensify. Data protection will become a core part of the financial services industry and legislative structures in many countries.
Future iterations of legislation that come with more layers of protection for the consumer and will require greater levels of transparency on the part of the insurer. Insurers that have robust processes for requesting, explaining and obtaining consent will be well placed to comply, earning the trust of their customers and building long-term loyalty.
Contact us for more information on how TransUnion can help you evolve and stay ahead. Our next article: How the life insurance industry is evolving its onboarding customer experience to match that of general insurance and retail.
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Readers of this website should contact their attorney to obtain advice with respect to any particular legal matter. No reader, user, or browser of this site should act or refrain from acting on the basis of information on this site without first seeking legal advice from counsel in the relevant jurisdiction. Only your individual attorney can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. All liability with respect to actions taken or not taken based on the contents of this site are hereby expressly disclaimed. The content on this posting is provided "as is;" no representations are made that the content is error-free.
1Coalition Against Insurance Fraud.
2Bain & Company, 2017. Ecosystems: How Insurers Can Reinvent Customer Relationships.