Keeping Pace With a Rapidly Changing Privacy Landscape
It’s been said that regulation can’t keep pace with technological innovation but regulators are doing their best to prove otherwise. New rules around data security, privacy, and consumer protection are continually being rolled out, sometimes without much notice. And while many businesses may not be directly impacted, financial service providers in particular need to put compliance front and center.
Cognito President and COO Chris Morton takes a closer look at some of the main challenges in this shifting privacy landscape and how many software providers are falling short in addressing them. By keeping the following insights in mind, financial organizations can continue to adapt no matter the policy change.
New rules can come with little warning…
Sometimes sweeping new regulations come in big waves, like the GDPR, but the real challenges are the regulations that arrive with little to no warning.
“Insidious changes are the ones that present the most harm,” cautions Morton. “For instance, the Consolidated Appropriations Act, 2021 passed in two weeks at the end of 2020 and required ID verification of all pandemic unemployment assistance claims by late January, 2021. Imagine running an operation where you verify a small percentage of claimants and now you need to verify all within a matter of weeks.”
New government lists are another change factor affecting businesses as all users need to be screened against the latest watchlists. This poses yet another noncompliance risk for companies particularly those who are struggling to update and adapt their infrastructure. Every new list becomes a cause for panic.
Morton and the Cognito team often hear from organizations that need to pivot quickly to a more reliable solution. “We’ve helped businesses with urgent needs get up and running in a week so quelling that panic isn’t new for us,” says Morton. “We have a dynamic system to add additional lists quickly.” As the privacy landscape continues to change, Morton and his team continue to see companies caught by surprise.
Often vendors aren’t ready
It’s not uncommon for companies to discover too late that the compliance solutions in which they have invested do not deliver as promised. Morton notes a few red flags that may indicate your vendor is not as agile or flexible as they claim to be.
- The first is a lack of transparency and documentation. “Does it take too long to get definitive answers on how your system works?” he asks. “If the sales process is slow, expect the implementation to take twice as long.” Companies that can readily show their solution is best-in-class do not have anything to hide. “For example, with Cognito, if you want to see how our products work, our documentation is freely available without a non-disclosure agreement (NDA), and you can test in our sandbox right away.”
- The second warning sign is buzzwords. “We see vendors pop up with novel solutions that fail to solve the core problem. It’s great that you have artificial intelligence, but how does that help a sign-up funnel or compliance program?”
Another important factor to pay attention to is APIs; they may be essential to the digital economy, but that doesn’t mean they’re flexible. “In this industry, it’s common for an API version to last for a decade because so many systems become dependent on it,” notes Morton. “If you spend the time and effort to develop an API version, it’s extremely expensive and time-consuming to change. That rigidity stifles innovation.”
Morton has three questions he recommends every company ask a prospective partner before they commit to their product:
- What is the process to get from first contact to full implementation, and how long does it take?
- What is the minimal information a user needs to provide in order to verify their identity?
- How can I tell if your solution will be better than what I currently have?
Staying in step with change
Leading software providers are building solutions that can respond quickly to change and are tailored to clients’ unique business needs. At Cognito, the team recently developed Flow, a platform service that’s due to launch this year and lets you seamlessly update your IDV and compliance systems from a simple, user-friendly visual interface.
“With a traditional solution, decisions are hard-coded and inflexible. For instance, if you want to add a new country or change some decision logic, you need to pass that to the programmers and have them implement it, which could take months,” explains Morton.
“With Flow, you click a box and the change is made instantly with zero programming required. Conceptually, it’s similar to using a visual editor on a website compared to the complexity of making changes through a long and technical process.”
Another key benefit of a solution like Flow is that it isn’t API dependent and there’s no need to code. “You can make instant changes to your implementation without any technical intervention. It empowers product managers and compliance teams to be in control of their domains without weeks-long technical cycles.”
The regulatory environment evolves quickly, and your business has to stay in sync. With Flow, you can make changes in minutes without impacting your current software implementation and you can continue to make adjustments as requirements evolve in future. Do not let a complex privacy landscape compromise your ability to provide frictionless, comprehensive IDV for your customers.
Talk to Cognito about what the future of compliance looks like for your organization, and try the solutions for yourself.