This article originally appeared in RegTech Africa.
Covid-19 is changing the financial landscape of Africa. Since the outbreak of the pandemic, banks and financial institutions have seen a pivot from cash-centric systems to digital ecosystems. These emerging trends alongside social distancing measures are accelerating the move towards a fully digital banking infrastructure. A recent report by McKinsey suggested that banks and financial institutions will need to leverage digital and analytical tools to reform lending processes, revamping and reimagining both customer journeys and risk-scoring frameworks. Building a scalable, long-term infrastructure strategy that offers digital banking will require adding complex security measures to protect the privacy and security of customers. In Europe and North America, open banking platforms allow banks and financial institutions to share customer data securely, but data ownership and privacy concerns need to be addressed as digital trends take root in day-to-day operations. For the industry at large, the next hurdle to address is how to advance self-sovereign data protection measures that would give the individual the right to permanently control the usage of data associated with their identity.
Branchless banking requires data protection.
In Asia, banks have been implementing contactless customer interactions by incorporating electronic know your customer (eKYC), digital signature collection, and online document submission as a way to reduce the need for in-person banking. As part of their roll out, financial institutions have prioritized data privacy, given that such a large amount of sensitive and confidential data about their customers is being brought online. Based on a report from market research firm ReportLinker, Asian banks and financial institutions are using consent management systems to both prompt customers for consent as well as protect customers’ data, collecting and managing information in line with GDPR or regional regulatory requirements. As the digital banking trend takes hold in Africa, Financial Services Institutions (FSIs) will also have to follow similar implementation processes.
Self-sovereign data policies will benefit consumers.
The COVID-19 pandemic had two immediate implications for merchants and consumers worldwide. The first is how the virus advanced the rollout of digital services and the steep rise in digital transaction volume. The second was understanding how existing data privacy regulations could facilitate and safeguard information for customers and merchants. During times of large-scale digital transformation, the user-centric approach would be the best form of data custodianship and management. The European Union’s GDPR provides a good example of a shared commitment towards consumer-centric digital data practices and incorporating these elements into national data privacy laws will empower individuals. Already in Kenya, the concept of self-sovereign data management is being advocated as a way to implement the National Data Protection Act (2019). Moreover, a recent study from Harvard University mentioned that self-sovereign platforms using blockchain technology may contribute to promoting greater economic inclusion because a decentralised solution would enable people to maintain full control over their data.
Adopting GDPR measures will help advance financial inclusion.
The impact of these user-centric data privacy measures has the potential to revolutionize banking in Africa. The combined forces of increased smartphone penetration and a young underbanked population is creating the perfect environment for advancing new digital financial services. Based on Pngme’s experience in sub-Saharan Africa, the ability to access capital through digital channels is extremely impactful and enables creditworthy personals to operate their businesses during these turbulent times. Furthermore, for the FSIs involved, adopting GDPR measures into their core banking operations would also save them time and money given these measures are being factored into ongoing privacy discussions. In recent years, Kenya, Nigeria, and Ghana have been moving forward with their data protection policies. However, the current legislation now needs to build upon user-centred measures and incorporate self-sovereign data policies to accelerate financial inclusion and enable digital financial services to be delivered to consumers and businesses.
If you’re interested in reading more about digital privacy regulation in Kenya, Nigeria, and Ghana you can find a guide for each country here.