GDPR - Two First Steps for Collectors

If my last post on GDPR and collections left you feeling mildly depressed, you’re paying attention! Now that we’ve scoped out the difficulties, here are a couple of things you can…

AdobeStock_176159275@2x.jpeg
Bruce Curry by Bruce Curry

Senior Principal Consultant

expand_less Back to top

If my last post on GDPR and collections left you feeling mildly depressed, you’re paying attention! Now that we’ve scoped out the difficulties, here are a couple of things you can do to prepare. And preparation, like compliance, is important: GDPR sets out some steep fines for non-compliance, and you don’t want your department — or your vendor — to be the trigger.

1. Create Your Data Inventory

GDPR wants you to only use the data that is absolutely necessary. Whether your decisions are based on rules or algorithms, you’re going to have to show what data you are using and how it impacts decisions in collections.

As someone executing collection strategies, you want to make sure neither you, your department nor the third parties serving you cause the business to be exposed. You need to make sure you understand where the data you’re using comes from, and prove that your processes are designed to use that data well.

Ideally, under GDPR you should have a golden record for each customer and a single source of truth. Most businesses aren’t there yet — it’s a good initiative to start, but in the meantime you do need to inventory your data sources and how they’re used, including those used by your vendors and partners that work with your customers.

Your data inventory should specify:

  • Where the data came from and where it is stored
  • How the data is used to make contact decisions
  • How the data is used to define a customer’s risk level
  • How the data is used to differentiate treatment for a customer
The same applies to data used by your vendors and partners. Are they appending your data, for instance with information on the same customers from other portfolios? Do you have the right permissions to use the information they’re contributing?

2. Mind the Regulatory Gap

GDPR wants you to use the minimal amount of data, but this conflicts with other regulations (including the UK’s CONC or Consumer Credit sourcebook) that urge collectors to get as much data as possible in order to give each customer truly personalized decisions and service. The best way to resolve this is to make sure you have a good rationale for all the data you collect, store and use — why does it help you make a better, more targeted collections decisions? How does it help the customer?

At FICO, we’re helping customers get ready for IFRS 9  and GDPR. If you’re trying to get your head around this stuff, give us a call. You can also watch my webinar on GDPR for collectors.

Bruce Curry
Bruce Curry
Bruce Curry is a senior principal consultant at FICO, helping clients across Europe, the Middle East and Africa improve performance in collections and recovery. Bruce has worked directly with dozens of businesses in 27 countries across EMEA and APAC. Before joining FICO, Bruce held successive senior operational management positions over 16 years with Barclays vehicle asset finance (Dial Contracts), Marks and Spencer Financial Services and Royal Bank of Scotland Cards. Prior to his commercial career Bruce undertook a successful career in the Armed Forces where he worked across the world in many varied roles. Bruce Curry has been named to the Credit 500 in 2020, 2021 and 2022.
See all posts
chevron_leftBlog home
Collections debt management GDPR Regulation regulatory compliance

Related posts

Popular Posts

Take the next step

Connect with FICO for answers to all your product and solution questions. Interested in becoming a business partner? Contact us to learn more. We look forward to hearing from you.

Contact us