Comparing Alternative Delivery Channels efficiencies for branchless banking

In the first article of this series, we discussed “How Alternative Delivery Channels promote financial inclusion” and their influence in low income economies. Today, we are going to compare different variables across the Alternative Delivery Channels (ADCs), highlighting Agents and Rovers as excellent drivers for branchless banking.

Agents and Rovers

Proximity, convenience, assistance, credibility and simplicity are critical to successfully attract and efficiently provide financial services to clients and geographies previously unserved. So among the Alternative Delivery Channels available, what are the most effective ones? In rural areas, agents and rovers are definitely a great option and are the most familiar channel to clients (as compared to branches or mobile apps). They are often valuable and trusted members of the community in which they work, guaranteeing a high level of customer experience and adoption which would be difficult in a 100% self-service channel. Let’s take a look at them.

Agents are people authorized to act on behalf of a Financial Services Provider. They perform transactions such as collect payments, manage cash-in/cash-out, collect documents for account openings and manage loan origination: often these transactions are enabled by a mobile device. They serve clients in an outlet or in the street (clients come to agent’s location).

Rovers are people that may or may not be associated to a particular branch and can manage deposits or handle account openings (other than loan origination). They assist clients in their place of residence or business (rovers come to client’s location).

Alongside improving customer experience and generating operational advantages (which we will explore further), agents can also vouch for newly onboarded agents and serve as mystery shoppers in hard-to-reach areas, collecting relevant Know-Your-Customer (KYC) information for the Financial Services Provider.

Alternative Delivery Channels vs Branch-based Banking Services

In the table below, we match each channel with critical variables, income segment and average transaction value:

Let’s now analyze some important data from the table to help us decide what is (are) the more suitable ADC(s).

If we think about convenience, agents are closer to clients’ homes or place of business and are trusted members in their communities. They can establish a personal and lasting relationship with clients, assisting them with product info and helping them perform their first transactions. All of this facilitates a positive customer experience and high level of satisfaction.

Also, the brand interaction is more valuable because they are official representatives. The agent’s range of operations is wider compared to other ADCs, since they can also deliver cash and mobile money services. Finally, because of their KYC knowledge, the agent can easily segment and onboard the customer.

In terms of proximity, agents are usually operating within a community or in a nearby town with limited coverage; therefore, the expenses to reach them are lower when compared to other ADCs (both in terms of transportation and time). This contributes to lower adoption costs. It also enables agents to help customers to understand banking operations and improve their financial education.

Roving staff presents the singularity of being a “push” channel, or the only staffed channel going to the client instead of having them going to a service point (which is the scenario when clients visit agents). Rovers have a personal and permanent relationship with various communities. They are trained in banking services and are capable of educating existing and potential customers on the product (cash and mobile money transactions). They are equipped with promotional materials – like posters and branded stands – thereby reinforcing credibility, attraction capacity and trust.

Rovers remain the least costly and time-consuming banking channel for customers, with no monetary or opportunity cost to perform a transaction. As they are mobile, they can reach locations with seasoned demand, identify unserved hard-to-reach areas and prospect for new agents.  If an agent network is already deployed in the region covered by the rover, he or she can serve as a mystery shopper to assess an agent’s compliance.

100% tech-based channels like mobile apps and internet banking guarantee full coverage/proximity by reaching almost everyone. The problem is that they both have huge adoption costs. The same can be applied to USSD menus and ISV services, which is a common delivery method from mobile money service providers. These channels – which have no human intervention – fail to provide financial literacy. To adopt them, the customer first needs to be educated about the benefits of having a bank or mobile money account. Second, the client needs to have assistance on how to perform basic operations, like transfers and payments. Lastly, the user needs to be encouraged to use his account when managing their finances in day-to-day life.

Conclusion

Using agents and rovers to reach clients in rural areas is critical for enabling Digital Financial Services providers to not only to expand their customer base but also to keep it active. Technology is crucial in facilitating agent’s, rovers’ and providers’ business – augmenting and enhancing the advantages of convenience and assistance that only humans can give.

One main characteristic separates agents and rovers from the rest of the ADCs: as humans, they have the power to make a difference in the financial literacy of the consumers and have the ability to promote active account usage, actively contributing not only to financial inclusion but also for economic empowerment.

Have you already started to consider Alternative Delivery Channels for your business, specifically agents and Rovers? Subscribe to our blog to keep updated on the ADC‘s content series.

 

Subscribe to our blog

 

 

Mobile Money: How customer onboarding can help you maximize service delivery to millions of unbanked

How Alternative Delivery Channels promote financial inclusion

,

This is the first in a series of articles which will share insight about the important role of Alternative Delivery Channels in financial inclusion for Digital Financial Services providers, compare efficiencies of various channels and highlight use cases and lessons learned from the field.

Who are the Unbanked?

The Unbanked are consumers who don’t have regular access to basic financial services. Most unbanked live in Africa, Asia and Latin America – where the informal economy is king. The Global Findex (World Bank’s financial inclusion database) shows 3/4 of the world’s poor do not have a bank account; this is not only because of lack of income, but also due to monetary (transportation costs) and opportunity costs (time to reach nearest branch), travel distance to a bank branch or outlet and bureaucracies, like obtaining the required paperwork to open a bank account (eg. Utility bill to serve as proof of address). Women, youth and rural residents are at the greatest disadvantage.

With the exception of high income economies, borrowing from friends, family and community lenders is the most commonly reported source of credit for current loans in all geographies. This informal source of credit ranks high in convenience but lacks in security, structured products and regulations which protect both lender and borrower. IMF (International Monetary Fund) suggests the informal economy in Sub-Saharan Africa represents an average of 40% of GDP.

The informal financial system varies accordingly to country, but it’s commonly characterized by the lack of supervision by the Central Bank (or equivalent institution) and is usually composed by money lenders and saving groups within a rural or urban community. All transactions are made with cash, increasing the chances of theft or other loss (e.g. natural disaster, fire).

 

What is financial inclusion and why is it critical?

A basic bank account gives access to products and services that have the potential to enhance the unbanked life. Mobilizing deposits contributes to macroeconomic development, and secure savings and credit can end the poverty-cycle in low income economies. Consider as an example rural farmers: with support from financial institutions, small account holders can increase their income, reduce their vulnerability to risks and evolve from subsistence farming to commercial agriculture.

Today, there are 2 billion unbanked. This number has been dropping since 2011, from 2,5 billion due to the remarkable investment of the financial inclusion ecosystem, including banks and other formal financial institutions (like microfinance), Governments, NGOs and private companies which are strongly investing in important initiatives to increase availability of banking services. Governments and regulators are shaping their regulatory frameworks to support these financial inclusion initiatives. NGOs are frequently a direct point of contact with local population, assessing their needs and consulting with partners to promote best practices targeted to the unbanked. Private companies develop technologies and products to support the whole network. Banks and other formal institutions are the last mile of the financial inclusion strategy by connecting the unbanked to the formal financial system.

 

The role of Alternative Delivery Channels (ADC)

Traditionally, banks and other financial institutions deliver services to  customers through branches, where it’s possible to physically perform operations like opening accounts, deposit and withdraw cash, apply for loans, etc. However, to reach the unbanked, banks need to adapt their products and services, their communication and, more importantly, their delivery strategy. For unbanked consumers, a branch can be located many kilometers away from his or her home; this prohibits access to many who might need it due to time and transportation costs to reach the nearest branch.

This is why it is critical for banks to have low cost and easily scalable channels to efficiently address the unbanked. These channels are the so-called Alternative Delivery Channels (ADCs): they include all the ways of serving customers outside of physical branches and are often enabled by technology:

 

Alternative Deliver Channels are strategic for banks and other DFS providers, as they enable:

  • reduced operating costs – branch costs are much higher than any ADC
  • improved client convenience – enabling access to financial services nearby or locally
  • exploration of new market segments (low-income segments)

 

Conclusion:

A basic bank account can have a powerful impact if it can bring the remaining 2 billion unbanked to the formal financial system. This impact could be felt across the all ecosystem:

The McKinsey Global Institute has conducted extensive research on estimating this impact. Banking the unbanked could increase the GDPs of all emerging economies by 6%, totaling $3,7 trillion by 2025 which would create up to 95 million new jobs worldwide. In low income economies, like Nigeria and Ethiopia, McKinsey estimates a 10 to 12 % increase in their GDP.

In addition to expanding their customer base, financial services providers will see their balance sheets increase by $4,2 trillion.

An account at a financial institution gives access to products and services that have the potential to enhance the lives of currently unbanked consumers. This enables them to keep their assets safe and to allow them to plan their expenses and investments in the longer-term.

To make this possible, Alternative Delivery Channels are a convenient, low-cost method to scale services and to reach clients and geographies previously unserved.

 

Have you already started to consider Alternative Delivery Channels for your business? Subscribe to our blog to keep updated on the ADC ‘s content series.

 

Mobile Money: How customer onboarding can help you maximize service delivery to millions of unbanked

Papersoft Solutions for Agent Banking: Agent Manager

,

If you are working within financial services or telco company which provides banking services to customers across Africa, one of your important channels to market is through a network of agents selling your services.

Problems Addressed with Agent Manager Solution:

  • Enable your agent channel to quickly, accurately and securely register and onboard new customers
  • Provide agents with a secure, auditable & easy-to-use mobile app to validate and register transactions
  • Manage activity across your agent channel through a central point
  • Receive real-time liquidity overviews, including cash under management and paid commissions
  • Recruit, educate, train and support your agent network
  • Reduce customer and agent churn

Opportunities for Financial Services Companies:

  • Improve liquidity and cash management through better control at field level
  • Increase number of new customers by reducing customer registration and onboarding time
  • Increase sales by leveraging customer data to multiply upsell and cross-sell opportunities for other products or services
  • Increase agent productivity and loyalty by quickly registering transactions so agents can receive commissions faster
  • Improve accuracy of sales forecasts through real-time sales data

You are managing an agent channel with a portfolio of services which may include mobile money, SIM cards, loans, and insurance. Your agents are located in a major African country and operate in large cities, small townships and remote villages. Your wide range of agent management responsibilities include recruitment, onboarding and training agents, liquidity management, managing agent commissions, preparing sales and activity reports and meeting your company’s sales quotas.

What is a typical day for you? If you are managing your agent network using Papersoft’s mobile-enabled agent manager solutions, a day in your life might look as follows:

A Day in the Life of an Agent Manager

 

7:00

Communicate Activity Targets

You log into Papersoft’s mobile app to check in with your team of agents. You notify them of their daily sales targets, inform your team about a special today-only sales incentive for the agent with the highest daily SIM card sales and send “to-do” lists to new agents.

 

8:00

Liquidity Management

You confirm with each agent how much cash on hand they have for today’s operations. One agent received a large deposit this morning, and you confirm via the app a pick-up time to bring it to the branch.

 

10:00

Recruitment Event

You are meeting with new potential agents today at a recruitment event. You share a demo of Papersoft’s agent banking app.

 

 

11:00

Smart Contracts, Forms and Workflows

You show recruits how built-in contracts with e-signature, smart forms and workflows reduce new customer registration and onboarding time from an average of 2 days to 2 minutes. The fast registration time enables the agent to transact with customers while they are still inside the agent’s store.

 

12:00

Agent Onboarding

You have a group of new agents who sign up to sell your products. The app onboards your agents by verifying each agent’s identity via fingerprint or by scanning their identity card. The app’s smart contract functionality generates a contract for each of your new agents, which they sign via e-signature.

 

12:05

Near Real-Time Approvals

Within minutes, you receive approvals via SMS which validate their identities and authorise you to sign them as agent representatives for your company. You generate their agent contracts directly from the Papersoft App.

 

15:00

Education & Training

At first log-in, your new agents receive a link in the app to training materials, including sales and product videos, so they can start selling straight away.

 

 

17:00

Commission Management

You settle your agents’ daily commissions and reconcile discrepancies in the app, sending notifications to each agent about individual performance, team ranking and daily commissions.

 

 

18:00

Dashboards & Reports

Because your app is the central point for all agent activity, you can generate real-time reports and custom management dashboards – with views by country, region, sub-region, team or individual views – using the most current data.

 

 

About Papersoft’s Agent Manager Solution:

  • Identity Verification using biometrics and machine-readable technology
  • Secure and Compliant with real-time KYC checks, GPS and auditable processes
  • High App Availability with online and offline access for scarce connectivity areas
  • High Resolution OCR for text, images and barcodes
  • Smart Contracts and Forms with PDF form creation and secure, in-app processes
  • Workflows, Dashboards and Reports leveraging real-time data to manage approvals, create reports and share dashboards
  • Agent Network Management Tools for notifications, commission control, liquidity management and field support
  • Agent Training Tools quickly identify training needs by analyzing agent errors when using the app

 

Interested in learning more?

Visit our Digital Agent offering page and get in touch for a personalized meeting where we can discuss how it fits your specific needs.

 

Papersoft’s “Day in the Life” story is a compilation of numerous interviews with industry experts, including senior executives of digital financial services companies, senior supervisors of agent networks and the field sales agents themselves.

 

 

Agency Banking: A Day in the Life of an Agent

,

In this article, we explain how mobile-enabled agency banking app improves liquidity and cash management, enables fast, secure customer onboarding, increases cross-sell opportunities and reduces business risk.

Problems Addressed with Agency Banking Solution:

  • Reduce risk and increase security during customer onboarding process
  •  Meet country compliance and regulatory requirements
  • Streamline registration process with back office
  • High availability even in areas of scarce connectivity
  • Accessible when working both online and offline

Opportunities for Financial Services Companies:

  • Improves liquidity and cash management by having better control in field
  • Increases customer acquisition by reducing time to register & onboard new clients
  • Surfaces real-time customer data to enable cross-selling opportunities for new products
  • Increases agent loyalty by providing faster processing time, leading to higher commissions

You are working within a financial services or telco company which provides banking services – including mobile money, branch banking, loans, insurance and other services – to customers across Africa. One of your important channels to market is through a network of agents selling your services.

What does a typical day look like for an agent in your network? If they are using Papersoft’s mobile-enabled agency banking app within their day-to-day work processes, a day in the life of a sales agent might look as follows:

A Day in the Life of a Digital Agent

 

7:00

Open for Business

The agent logs into Papersoft’s mobile capture app to open for daily business. He enters today’s cash balance into his agent dashboard, which sends a notification to his supervisor informing him about the opening cash balance.

 

8:00

 

Product Updates and Sales Promos

The app pings with a notification about a special offer for new customers, together with a link to a short “how to” sales video.

 

8:15

Training Complete

The agent watches the training video and then sends an “approve” notification to his supervisor. This informs the supervisor that the agent understands the information in the training video and doesn’t need an onsite visit for further training.

 

10:00

Customer Onboarding

The app scans a new client’s ID and receives approval from the bank within 90 seconds to process the new customer application. The sale is registered instantly in the agent’s sales dashboard, together with the estimated commission for the sale.

 

12:00

Smart Contracts, Forms and Workflows

Built-in contracts with e-signature, smart forms and workflows reduce new customer registration and onboarding time from an average of 2 days to 2 minutes. The fast registration time enables the agent to transact with customers while they are still inside the agent’s store.

 

14:00

Onboard Customers Everywhere 

It’s a busy Sunday market day, and the agent signs 10 contracts. Back at his kiosk, he connects and processes the applications. The app sends an SMS to each client with information about their new account, such as USSD codes, a link to the banking platform and contact information for customer service.

 

16:00

Liquidity Management

Sales today have been great! The app sends an automatic notice to the supervisor that his cash balance has exceeded the approved threshold: this automatically triggers in return a time for a pick-up to bring the excess cash to the branch.

 

16:05

To-Do Lists and Notifications

The agent receives a notification from his supervisor for signing and approving 25 new contracts new contracts since opening time today!

 

18:00

Commission Calculator 

Based on today’s sales and new customer registrations, the agent uses the app’s performance area to estimate his commissions for the day. The agent can drill down by unit or product type. He registers his final cash balance in the app and closes for business.

 

18:05

Close of Day

The bank’s back office registers the daily sales, verifies transactions, confirms commission payment and notifies the agent via the app’s sales dashboard. The supervisor sends the regional sales agent ranking for today: our agent is number one!

 

 

About Papersoft’s Agent Banking Solutions:

  • Identity Verification using biometrics and machine-readable technology
  • Secure and Compliant with real-time KYC checks, GPS and auditable processes
  • 100% App Availability with online and offline access for scarce connectivity areas
  • High Resolution OCR for text, images and barcodes
  • Smart Contracts, Forms and Workflows with PDF form creation and secure, in-app processes
  • Agent Network Management Tools for training, notification, commission control and field support

 

Interested in learning more?

Visit our Digital Agent offering page and get in touch for a personalized meeting where we can discuss how it fits your specific needs.

 

Papersoft’s “Day in the Life” story is a compilation of numerous interviews with industry experts, including senior executives of digital financial services companies, senior supervisors of agent networks and the agents themselves.

 

 

14 signs that you need help with Data Capture and Reconciliation

,

Data capture and reconciliation at first touch point is one of the most effective ways to improve business operations and processes. It is a way to eliminate or minimize paper handling, initiate or trigger workflows for action sooner, efficiently use auto-classification tools, automatically start information governance controls, and immediately match information to ensure that only accurate data enters the corporate systems.

But, despite businesses understand this question, there’s still a lot to be done. In a recent study by AIIM and Papersoft, when asked about their progress in moving capture and reconciliation to first touch point, only thirty-one percent of respondents report they have actively been able to move their functions. Given that capture and reconciliation have been around for several decades, it is disappointing that we have not been able to achieve higher levels with only six percent reporting they have reached a saturation level, but the fact businesses are still moving capture to the front of the processes is encouraging.

The fact is that automated Data Capture and Reconciliation brings vital business information into the information ecosystem quickly, making it secure, accessible, and available to transact business immediately.

How is all of this in your organization? If you have the following pains, it’s time to invest in Data Capture and Reconciliation to eliminate them.

Here are the 14 signs that you need help with Data Capture and Reconciliation

  1. You have different layouts matched to different document types in any step of the workflow
  2. Technology isn’t capable or flexible enough to ensure that only accurate and valid data is integrated into core systems
  3. Things are somewhat ad-hoc and you struggle to match up paper and electronic
  4. Electronic inbound tends to be printed and then filed/processed alongside paper
  5. You need to improve process productivity by removing manual steps, bottlenecks, and overloads
  6. Business insights are difficult to gather and you can’t see the whole processing scenario from report to the end of the cycle
  7. Your business processes are inflexible with the new regulatory requirements
  8. Enterprise search takes too much time and delays order to cash service
  9. Adding value to legacy content is not as simple as it should be
  10. You can’t detect in real-time business alerts such as fraud, crime, policy infringement, unacceptable use, etc.
  11. Improving the benefits/compliance of our ECM/RM – staff are poor at classification
  12. Workers need to check multiple not synchronized systems for business decisions
  13. You have to deal with frequent customer complaints
  14. Inability to create new online products

 

So, how can a Data Capture and Reconciliation solution help you address these challenges? With these two simple actions:

  • The full automation of the reconciliation processes, both from paper or digital origin. Capture in papers, email, fax, files, apps, and others; Reconciliation of names, addresses, claims, contracts, invoices, and others.
  • The correct data immediately delivered in existing systems
  • Critical processes management right at the entry point – increasing the productivity of operational teams, reducing cost, and ensuring information quality.

 

And how does a Data Capture and Reconciliation solution look like?

A database matching and validation platform enables you to automatically perform the following tasks:

Quality Control & adaptive classification technology

  • system self-learns updating the project and fixing the issue.
  • Automate governance tasks that will lead to future retention schedules

Metadata Extraction & Business Rules (OCR/ICR/IDR)

  • Fields are captured using an extraction module
  • Using business rules, information consistency is matched with other documents from the process or system feeds, automating the human validation control checks

External Knowledge Validations

  • Database reconciliation comparing information such as names, address, bank details, customer number and order number with the master data (txt/csv/customer databases).
  • It’s also possible to match information through customer webservices from ERP, CRM, AML/KYC or legacy systems.

BPM Client Exception Handling (Web Browser)

  • Business conclusions are flagged and all mismatched items are grouped by case for client validation.
  • The exceptions can be categorized by type on a dashboard:
    • Rejection process – A template email can be created with all mismatch reasons and shared with a contact.
    • Acceptance process – The user is able to edit information for a specific item and update the input before submission to the customer system.

 

Not only this service ensures the accuracy and validity of information of any type (not only financial), it also grants that unauthorized or illegal changes have not occurred to transactions during processing.

If uncertain of where to begin or how to begin, seek professional assistance and/or training to help determine the right path. It is better to take a step forward and learn than to take no step and fall behind.

We have the experience, tools, infrastructure and knowledge to help you on data capture and reconciliation. Let’s talk? We will be glad to help you succeed.

 


To Dos:
– Position automated reconciliation services at the entry point, not only to ensure that incoming data is complete and accurate but also to reduce fraud risk and bad audit.
Discover our offer in this area and contact us for any question, demonstration or proposal.
Subscribe to our blog to receive valuable insights about paper-free processes.
– Download the AIIM Report underwritten in partnership with Papersoft “Industry Watch: Improving Business Operations – Capturing vital content” with easy wins, lessons learned and critical recommendations to leverage your data for decision-making.

industry watch aiim 2017

Automated Reconciliation Services – Why and what for?

,

How to manage information in the digital chaos era? Data Capture and Reconciliation play a key role. In fact, they are perhaps one of the most taken for granted elements of business operations. Information is there in the systems people use. Few know how it gets there, many are frustrated if it isn’t when they want it to be, and many more get really angry if it is there but not the way it should and not ready for action to be taken. Capture is how it gets there. Reconciliation is how it matches with existing data. Both are performed at the entry point to guarantee that only accurate and validated data enters the core systems and is considered for decision-making and strategic/operational tasks.

The entry point may be for instance during the registration process when someone enters the building, or during a sales initiative on the field, or online for a mortgage application, or at a disaster site for an insurance claim. The key is to connect the information with the process, identify the type of information and where that information enters that process, and the best method of capture to bring it into the system.

Businesses can significantly improve their operations by designing their capture and reconciliation processes and mapping out how they should be integrating vital business information.

 

Automated Reconciliation Services

Automated Reconciliation is the intelligent capability to capture, recognize, validate and matching data from multiple sources and integrate it with core systems in any step of the workflow. These services are critical to increase operational teams’ productivity and ensure information quality.

They also materialize the great rebalancing and disruption we are seeing in the digital world: knowledge transfer from people to machines, isolated products to integrated platforms, and centralized content to crowds sharing. With this in mind, there’s no doubt that processes must be restructured and optimized to consolidate information, minimize exposure risks, address customer experience and accelerate order to cash.

How does this look like in the real world? Automated reconciliation services use an API (Application Programming Interface) connected to the client’s system to produce a business conclusion. Information is captured from multiple sources, formats and channels (emails, office productivity tools, pdfs, etc), it’s processed, validated, matched and a business conclusion is returned to the client. This business conclusion can be something like “the customer is compliant and can be registered”, “this contract is ok and a commission can be processed”, “this candidate has all the requirements for the specified job description and can be accepted”.

 

Among many others, here is a selection of 10 benefits related to Automated Reconciliation Services:

  1. Cost-savings in specific areas, e.g., AP/invoice processing, HR and Sales
  2. Customer responsiveness improvement
  3. Shortened end-to-end cycle times
  4. Compliance to regulatory requirements
  5. Easy adaptation to mobile/remote workforce
  6. Productivity improvement
  7. Elimination of process bottlenecks and overloads
  8. Accelerating enterprise search and adding value to legacy content
  9. Immediate detection of fraud, crime, policy infringement, unacceptable use, etc.
  10. Reducing unidentified risk in our “dark data”

 

All of this is only possible with accurate information right from the entry point. As mentioned earlier, validation at first touch point is one of the most effective ways to improve business operations and processes. It is a way to eliminate or minimize paper handling, initiate or trigger workflows for action sooner, and introduce information governance controls immediately and automatically when using auto-classification tools.

 

We have the experience, tools, infrastructure and knowledge to help you on Data Reconciliation. Let’s talk? We will be glad to help you succeed.

 


To Dos:
– Position automated reconciliation services at the entry point, not only to ensure that incoming data is complete and accurate but also to reduce fraud risk and bad audit.
Discover our offer in this area and contact us for any question, demonstration or proposal.
Subscribe to our blog to receive valuable insights about paper-free processes.
– Download our ebook “Paper at the gates: Driving digital revolution with modern capture” and learn how data capture is the gateway for inbound and outbound content and the starting line where digital transformation initiatives begin.

Paper at the gates: Driving digital revolution with modern capture

GDPR: six months to compliance and opportunity

,

With six months to go before all companies dealing with European Union citizens’ data have to comply with new EU data protection rules, the focus for many is on compliance, but some believe business should be the top priority.

Compliance with the European Union’s (EU’s) General Data Protection Regulation (GDPR) is set to be enforced in a year’s time on 25 May 2018, and the consequences for non-compliance could be steep with fines of up to €20m or 4% of global turnover, whichever is greater.

The race is on for many UK organisations to ensure they are compliant by the deadline. The government has made it clear that the UK will implement the GDPR fully and that future UK data protection legislation will mirror the GDPR to ensure uninterrupted data flows.

However, a survey by software firm Compuware indicates that while 38% of 400 CIOs worldwide have comprehensive plans for GDPR compliance, only 19% of CIOs polled in the UK said they have comprehensive plans in place, which marks only a marginal improvement from 18% in 2016.

Identifying the areas of most concern, 56% of all respondents said data complexity and ensuring data quality are the two biggest hurdles they will need to overcome to achieve GDPR compliance.

In addition, 75% of organisations said the complexity of modern IT services means they cannot always know where all customer data resides, while just over half (53%) said they could locate all of an individual’s data quickly, as will be required to comply with the GDPR’s “right to be forgotten” mandate.

Nearly a third (31%) admitted that, at present, they couldn’t guarantee they would be able to find all of a customer’s data.

“It’s worrying that, with only a year to go, many organisations still have a lot to do,” says Mark Thompson, global privacy advisory lead at KPMG.

“The truth is that many just don’t understand what they have to do and how to deal with it. The unknowns around Brexit have also posed some uncertainty on what GDPR will mean to the UK post-Brexit.

“When it comes to Brexit, it is critical to understand that if the UK is going to continue to trade with the EU, the free flow of personal information must be maintained. As such, we have to have an adequate privacy ecosystem in operation in the UK which is aligned to the requirements of the GDPR,” he says.

GDPR compliance needed even in overlooked sectors

While the most proactive companies are at least a year into planning to be compliant, others are not as advanced as they might be and some are only in the preliminary or initial stages.

The companies that most obviously need to be looking at GDPR are those that deal with vast volumes of personal data, which tend to be larger organisations in the finance, health and retail sectors, but there are smaller organisations in less obvious sectors such as media and manufacturing that could be overlooked.

Other types of organisations that could be overlooked include those that are hosting data on behalf of other organisations. These are likely to come under increasing pressure from their clients as they need to understand how these host organisations are handling their data to ensure GDPR compliance.

The reality is that so many organisations, even smaller ones, collect personal data for a variety of uses, so just about every organisation needs to analyse carefully what data they are collecting and how they are using it because they may need to comply with the GDPR without realising it.

Ready, on your marks, GDPR

Some commentators have suggested that organisations that have failed to take any action to date have left it too late, while others say a year may be just about enough time, but there is not a moment to lose.

Among those who believe there is too much emphasis on the 25 May 2018 deadline is Peter Gooch, cyber risk partner at Deloitte.

“This is not a race to the deadline and then it’s all over. Once enforcements starts, guidelines will continue to be issued and good practice will start to develop. It shouldn’t be a conversation about how an organisation is going to get over a line by May 2018,” he says.

“It should be about getting to a reasonable place by May 2018, and continuing to improve after that – continue to monitor the guidance that comes out, the precedents and the public opinion. That is as important as the deadline,” says Gooch.

“Everyone needs to realise that all activity will not come to a halt after May 2018. This is something that has to live and breathe in organisations almost as a new function or with at least a heightened level of awareness around it,” he says.

That said, Gooch believes that any big organisation that has not done anything about becoming GDPR compliant will have a “tough time” in the next year.

“Resources will be scarce to help with this kind of activity. If the business is complex, there is quite a lot of foundational work that will have to go into determining what the organisation’s position is and what the gaps are, especially if not a lot has been done on proactive privacy work in the past.”

 

Proactive companies better positioned for GDPR

However, if an organisation already has a robust regime in place around privacy, Gooch says the likelihood is that they will be on top of this anyway and will not be starting to think about it only now.

“That doesn’t mean there won’t be any last minute rushes about what to do and what not to do. But there is very little that is new in the GDPR, so if an organisation has been focused on privacy before and has a framework in place that defines roles and responsibilities, the step up to GDPR won’t be that big,” he says.

Potential challenges for these proactive organisations will just be around the changes, which are mainly around consent, data erasure, data portability and data breach notification. It also includes the appointment of data protection officers for organisations whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale.

“The biggest question we have from all our clients is about how far to go with GDPR compliance planning, how much effort to put into this, and where does the balance lie between what the regulators say is acceptable and what is not acceptable,” says Gooch.

At this stage, he says there is very little indication of how to determine this, but if an organisation has done nothing on the GDPR and nothing on privacy, it will be a “tough call” for a complex organisation to get to a reasonable state by the deadline.

For relatively simple organisations, however, even if they have not done much, Gooch says recognised good practice is emerging on how to tackle GDPR compliance, and so a year may be a “reasonable amount of time” to put in place the necessary processes, deliver some training around the GDPR and update policies.

“Less complex organisations are not necessarily in a bad place if they have not done anything about GDPR compliance yet, but they need to start doing something about it now,” he says.

Good data handling practices

Gooch says the imperative, however, should not be compliance with the GDPR but responding to consumer expectations around how businesses collect, use and protect their data and ensuring that their brand reputation is not lost through doing something consumers would not want to happen.

“People are becoming more savvy and aware about how their data is being used and what affect it can have on them through things such as differential pricing on products. Consumers are realising the privacy is about more than just confidentiality. It is about transparency regarding how their data is being used and putting them in control of what they are now recognising as a massive asset that they hold,” he says.

As a result, good data handling practices should be seen as a business enabler and opportunity, which is consistent with the view of the UK information commissioner Elizabeth Denham.

The GDPR will bring “a more 21st century approach” to how personal data is processed and that organisations should seize the opportunity to set out a culture of data confidence in the UK, she told the ICO’s annual Data Protection Practitioners’ Conference in Manchester in March 2017.

Gooch says some organisations are realising that if they are not building in the right privacy controls when they are designing processes, systems or products, that failure can have a negative impact on the business further on down the line.

“They understand that by taking care of privacy issues early on they will save themselves from the pain of regulatory scrutiny and sanction in future. It will be an enabler for the things they want to do – such as big data analytics, consumer profiling and targeted marketing – because it is being done in the right way that is consistent with the regulations,” he says.

Similarly, Gooch says using data in a transparent, privacy-friendly way could be seen as a competitive advantage.

“Right now, there are just a few organisations, such as the large social media companies, that are genuinely at that point, although there is a lot of talk among privacy practitioners about this as a concept and things are definitely shifting that way and will increasingly become a top priority risk for a wider set of organisations,” he says.

Organisations need to understand that, through greater transparency, they will be able to grow their customer base, collect more data and monetise it more. “In this way, organisations will be able to build their brand through trust because they deal with customers’ data in the correct way,” says Gooch.

He believes good data handling practices will become as important to consumers as fair pricing and good customer services.  Companies in the technology and retail sectors are already using trust as a product differentiator by showing the customer data and privacy is important to them, and Gooch believes other sectors will follow.GDPR compliance makes “commercial sense”.

 

GDPR compliance makes “commercial sense”

In early March 2017, Rosemary Jay, senior consultant attorney at legal firm Hunton & Williams, told the House of Lords EU Home Affairs Sub-Committee that compliance with the GDPR makes good commercial sense.

“We should look for the positives in the framework to look at what we can do in the right rather than trying to avoid the regulation, because it offers protection for individuals and a framework for business in a digital world,” she said.

Sue Daley, head of cloud, analytics, data and artificial intelligence (AI) at IT industry body TechUK, said the GDPR offers organisations an opportunity to develop a culture of trust and confidence.“This has to be led from the top and scaled throughout an organisation to ensure everyone understands what they are doing with data,” she told a roundtable discussion on the GDPR hosted by security firm Kaspersky Lab in London.The GDPR is also an opportunity for

“This has to be led from the top and scaled throughout an organisation to ensure everyone understands what they are doing with data,” she told a roundtable discussion on the GDPR hosted by security firm Kaspersky Lab in London.

The GDPR is also an opportunity for organisations to not only review what data they hold and why, in terms of privacy and data protection, but also to look at how they can use data to innovate in terms of products and services, said Daley.

“This is an opportunity for businesses to engage with customers on privacy and data protection. By demonstrating compliance with the GDPR, businesses can use this for competitive advantage to drive loyalty,” she said.

Effect on cyber security landscape

Being able to offer assurances around the protection of personal data is key to building consumer trust, and compliance with the GDPR is beneficial. “There’s no question in my mind that complying with GDPR will make businesses more secure,” says Richard Stiennon, chief strategy officer at Blancco Technology Group.

“The core of all security is data protection. Doing a better of job protecting data throughout its lifecycle will enhance any organisation’s overall security posture. The GDPR’s requirements cover a multitude of areas, rather than just one single area, making organisations that comply that much stronger and less vulnerable to security threats, data loss, data breaches and regulatory fines,” he says.

Stiennon believes the GDPR will have a significant impact on the cyber security landscape. “Spending will increase dramatically as budgets are allocated to compliance. Network, endpoint and data security measures will be deployed where they have always been needed, but they’ll also be deployed where they’ve been lacking because a financial calculation based on risk alone did not justify it.

“One such area will be data erasure – the permanent and verifiable removal of data when the GDPR’s ‘right to be forgotten’ requirement demands it. In addition, there will be an impact on the managed security services industry as they roll out services around data security – and data erasure, in particular – and GDPR compliance,” he says.

While the emphasis is mainly on the May 2018 deadline and the fines, organisations are being encouraged to see the GDPR as an opportunity to get their houses in order in terms of security and privacy because it makes good business sense.

The Information Commissioner’s Office (ICO) is continually developing guidance aimed at supporting businesses not only in being compliant, but also in realising business benefit by growing consumer trust and enabling new data-driven business models.

 

Article Source: ComputerWeekly.com

 


To-dos:
– Check your company’s data protection policy and compliance with the new EU GDPR.
Count on us for your document management projects and keep your company’s and your customer’s information assets secure, protected and compliant.
– Don’t miss our infographic “Is your client onboarding process compliant with the new EU General Data Protection Regulation?” with everything you need to know to ensure compliance with the new EU GDPR.
– Read our blog article “Customer data protection: how to eliminate risks of loss or exposure” to know more about data security breaches, best practices for customer data protection as a corporate-wide approach, and guidelines to really ensure customer data protection and compliance.
Subscribe to our blog to receive valuable insights about document management and paper-free processes.
– Download our ebook “Paper at the gates: Driving digital revolution with modern capture” and learn how data capture is the gateway for inbound and outbound content and the starting line where digital transformation initiatives begin.

Paper at the gates: Driving digital revolution with modern capture

Data Reconciliation As-a-Service: An Introduction

,

Data is the new oil and that’s why it must be managed as a critical asset. But the question remains the same: “How to process, extract value and guarantee accuracy in the digital era chaos?” Not an easy answer, CxOs may think, but they couldn`t be farther from true. Technology is the key and Data Reconciliation As-a-Service a great enabler to simplify and automate the whole thing.

In practical terms, Reconciliation is no more than the machine capability to recognize matching data within two sets of transactions/actions selected for reconciliation. In fact, Reconciliation automates the verification process, turning it into an easy, efficient and quick task. It validates the information in each form and compares it with the existing customer database or content management system, identifying possible errors that must be addressed and guaranteeing that companies don’t integrate wrong data in their corporate systems. This is also critical for regulatory compliance.

 

The process may be resumed as below:

Forms and data are received in any format and through any channel, then they are captured, digitalized and extracted, and finally the Reconciliation platform does the match with the data already existing in databases and alerts if there are any differences between them.

If the Reconciliation tasks or process are performed by an external provider or cloud reconciliation platform, we call it Reconciliation As-a-Service meaning that you don’t have to worry about anything. You just know that only accurate data is integrated into your core systems and that the final result is 100% accurate.

 

reconciliation-as-a-service workflow

 

Where exactly can you use it?

Data Reconciliation as-a-service might be used in a lot of different situations. It is the right solution to assure automation of reconciliation processes with paper or digital origin, like email, fax, files, apps and online forms. It can assure reconciliation of names, addresses, contacts, orders and invoices, account movements or any other transaction organizations might need. And, last but not least, it also works with fields delivered in multiple ERPs.

 

What does it do?

Data Reconciliation As-a-Service…

  • Utilizes business rules to automatically validate data and deliver correct information into the workflow process;
  • Automatically matches form registrations with existing corporate data, virtually eliminating tedious, labor-intensive and prone to error tasks.
  • Includes cloud-based storage functionalities to securely and efficiently match, organize, keep, integrate and distribute content based on the rules and legal principles governing each organization. With this approach, the solution provider takes the ownership and the risk of the whole process and is totally committed with the deliverables.

 

Phone House Spain: a success story

The British mobile phone retailer opened its first store in Madrid back in 1997 having now more than 600 stores in Spain and more than 2500 telco specialists.

With that kind of numbers, there were some business requests that had to be met concerning reconciliation and so they went out to the market in order to find the best partner.

Their challenge was:

  •   Process 40% of electronic data and, 60% paper-based data;
  •   Manage input of +600 branches all over the country;
  •   Manual reporting to commissions team and loss prevention;
  •   Frauds and inaccuracies only identified after more than three months;
  •   Multiple document reconciliation checks such as bank statements, IDs, contract and others.

The answer to these problems was easy: reconciliation as-a-service, an initiative that gave them some huge benefits like:

  •   Full process automation;
  •   Streamlined franchise and own store business model;
  •   Compliant, accurate and auditable customer info.
  •   Workflow with alerts and action steps on frauds and errors for all branches.

Partnering with Papersoft, it was possible to assure:

  •   Full paper trail with document tracking system linked with deep storage;
  •   Online SLA/KPI monitoring;
  •   Network commissions dashboard report;
  •   Logged and safe paper shedding of confidential information;
  •   Integrated business continuity and disaster recovery plan.

Moisés Pérez Chávez, Commissions & Product Setup Manager on Phone House Spain highlights that with this project “all types of documents, including both forms and unstructured data, can now be extracted, validated, classified, routed, and indexed with little, if any, manual intervention.”

 

That is why, at the end of the day, Phone House Spain got these key performance indicators:

  •   Next business day E2E delivery (email/paper);
  •   99,8% accuracy rate;
  •   Cost reduction.

 

We have the experience, tools, infrastructure and knowledge to help you on Data Reconciliation. Let’s talk? We will be glad to help you succeed.

 


To Dos:
– Position automated reconciliation procedures and data validation/matching services at the entry point, not only to ensure that incoming data is complete and accurate but also to reduce fraud risk and bad audit.
Discover our offer in this area and contact us for any question, demonstration or proposal.
Subscribe to our blog to receive valuable insights about paper-free processes.
– Download our ebook “Paper at the gates: Driving digital revolution with modern capture” and learn how data capture is the gateway for inbound and outbound content and the starting line where digital transformation initiatives begin.

Paper at the gates: Driving digital revolution with modern capture

The GDPR: countdown towards a new paradigm

,

The new General Data Protection Regulation (GDPR), which will apply from May 2018 onwards, is set to bring significant changes to the way companies process personal data. Various provisions in the GDPR reflect principles which already existed in the EU Directive 95/46/CE on personal data processing (for example, the principles of lawfulness, fairness and transparency of data processing).

However, the GDPR also brings significant changes to the legal framework for privacy in the EU, all of which are aimed at clarifying data subject rights and bringing uniformity to the terms in which data privacy rules are implemented throughout the EU. For example, not only is the territorial scope of the GDPR broader than the EU Directive (non-EU-based companies are impacted, when processing EU citizens data), but new data subject rights are formalized (such as the right to portability and the right to be forgotten).

Significantly, data processors, which up to now were not directly liable for their actions in what concerns data processing, now become directly responsible for the data processing carried out on behalf of controllers and must comply with various obligations arising directly from the GDPR. This means that, for example, – including, for example, providers of cloud services and providers of back-office services (such as invoice and billing management, app/digital environments creation, software set up and server maintenance).

Among other changes, penalties for noncompliance may now reach a maximum 20 million Euros or 4% of the total global annual turnover for the preceding financial year, whichever is highest.

Under the GDPR, companies will essentially process data under a self-accountability principle and a more demanding level of involvement is required from the various internal structures, in order to avoid substantial financial penalties. Among other major adjustments, under the GDPR, companies should:

  1. Carry out Privacy Impact Assessments (PIAs), which become mandatory in some cases;

  2. Keep adequate registries proving compliance with their obligations, including proof of data subject consent and information;

  3. Notify data breaches to the relevant data protection authority and, in certain circumstances, to the data subjects;

  4. Implement “Privacy by Design” and “Privacy by Default” principles;

  5. Appoint a Data Protection Officer (mandatory action when the controller or processor’s plans include the regular and systematic monitoring of data subjects or the processing of sensitive personal data on a large scale);

  6. Implement adequate data minimisation and security techniques, such as data encryption, pseudonymisation, and others, as deemed adequate and appropriate.

In practice, the GDPR will require companies (both controllers and processors) to be more directly and intensely involved with data processing, as the GDPR sets additional obligations for companies processing data, subject to a case-by-case approach to data processing – meaning, companies should carry out different privacy impact analysis and implement different measures, considering the various implications and possible consequences and impacts of personal data processing).

On the other hand, data protection authorities are likely to have a more active role in carrying out monitoring actions, since controllers will no longer have to either notify or obtain authorization for the processing of personal data. As a consequence, data protection authorities are expected to have more time and personnel resources aimed at ensuring monitoring compliance and enforcing the GDPR.

The Article 29 Working Party has issued some guidance on the GDPR and local DPAs have also issued decisions on the interpretation of the GDPR; more may follow until May 2018.

Any such guidances are likely to be of use for companies on their path to GDPR compliance. One thing is certain: post-GDPR, data processing will necessarily and inevitably be at the top of the priority list for companies.

 

About the Authors:

Isabel Ornelas – Isabel Joined VdA in 2006 and is currently senior associate integrated into the TMT – Telecoms, Media & TIs practice group. She works in the field of privacy and data protection, having taken an active role in several privacy compliance audits in various sectors, in the set-up of privacy policies and ethics lines, as well as project-oriented legal counseling in various operations and market products/services. She also organizes training sessions and workshops and lectures at the Post-Graduate course in Compliance at the Institute of Banking Management.

Sebastião Barros Vale – Sebastião joined Vieira de Almeida & Associados in 2016. He is a Trainee at the area of Telecoms and Media. In this capacity, he has been actively involved in several transactions and projects in Portugal and abroad, including privacy compliance programs in various sectors (particularly the health sector, banking and finance and telecommunications), including in the context of international data transfers.

 


To-dos:
– Check your company’s data protection policy and compliance with the new EU GDPR.
Count on us for your document management projects and keep your company’s and your customer’s information assets secure, protected and compliant.
– Don’t miss our infographic “Is your client onboarding process compliant with the new EU General Data Protection Regulation?” with everything you need to know to ensure compliance with the new EU GDPR.
– Read our blog article “Customer data protection: how to eliminate risks of loss or exposure” to know more about data security breaches, best practices for customer data protection as a corporate-wide approach, and guidelines to really ensure customer data protection and compliance.
Subscribe to our blog to receive valuable insights about document management and paper-free processes.
– Download our ebook “Paper at the gates: Driving digital revolution with modern capture” and learn how data capture is the gateway for inbound and outbound content and the starting line where digital transformation initiatives begin.

Paper at the gates: Driving digital revolution with modern capture