There is a growing emphasis on collecting
consent and ensuring privacy of customer data because of increased regulation
such as GDPR and CCPA and general customer backlash. In this environment, the
“cost” of compliance is a top of mind factor for companies, but how “cost” is
considered varies from organisation to organsation.
Irrespective of an organisation’s approach,
the cost and complexity of solving the consent and privacy problem remains
high.
Some companies focus on the cost of setting
up technology to collect, track, store and report customer consent and privacy across
their enterprise systems. They focus on making a solution-based cost benefit
decision, seeing the compliance problem simply as a project to complete and an
item to check off their to do list.
Others focus on quantifying the cost of potential fines associated with non-compliance. Their focus is risk-reward and decisions are based on the potential risk and associated cost to the organisation for a complaint.
By defining a consent and compliance
project so discretely, organisations overlook an expensive and impactful aspect
of addressing the requirement which starts with a simple request when a
customer asks to be removed from a communication.
Without approaching compliance
holistically, a request to be removed, be forgotten or for an understanding of
what is being collected on a customer becomes a grain of sand in the gears of
the company. This grain of sand negatively impacts and slows down the overall
organisation as it works to address the request.
As the request moves from department to
department, the cost to address a compliance inquiry grows exponentially – and
this expense grows as the number of requests grow.
Cost to customer service
In most cases, the information needed to
answer common customer requests such as – tracking whether their product
shipped, their order was placed or learning the status on their account –is
relatively easy. That’s because they’ve spent years and lots of money building
out their core CRM systems.
This is not true for consent and privacy
data. This data is stored across many different systems and tools within the
enterprise. Additionally, accomplishing a consolidated view requires a proper data
map to what information is stored where.
By allowing customers to complete consent
and privacy requests via self-service or providing customer service
representatives easy access to customer data across the enterprise, customer
inquiries can be handled effectively before they become a larger problem.
Without an overall understanding of where
data is stored, how to access it and more importantly make a change, no request
for consent or privacy data can be easily addressed. This results in
significant time and effort by the customer service representative and others
across the organisation as well as multiple communications with the customer
regarding the status of their request.
Cost to marketing
Good marketing presents a well thought out
brand promise and makes the customer take notice.
However, in order to fulfill compliance requirements,
many companies deploy tactics that result in less than ideal messaging to
customers regarding the use of their data. These messages only confuse,
frustrate and certainly don’t convert customers.
In other cases, an attempt to quickly
address consent and privacy risks, organisations turn to band-aid fixes such as
the implementation of complete opt-out versus opt-down or the decision to not
send outbound communications at all.
The loss of customer communication, either
because of overly stringent adherence to compliance laws and regulations or due
to confusing compliance language impacts the effectiveness of marketing and
decreases ROI on marketing efforts.
Well thought out consent collection and data
privacy access at key moments in the customer journey is key to converting
compliance from a cost to marketing to a marketing advantage.
Cost to compliance
Without a proper governance approach, the compliance
department finds itself stuck in a cycle of one-off responses to complaints and
addressing compliance requests that arise. To address the problem “of the
moment”, the department tasked with compliance works in a constant triage.
Consent and privacy management is not a
technology and it is not a project.
To address these correctly, it requires an
overarching practice, a general shift in the way the organisation views the
customer and works internally. Fully
addressing consent and privacy requests requires input from all departments to
stand up a well thought out approach and continually update it as the
technology, business and compliance environment changes. The compliance
department must be strategic about its approach in order to be successful.
Cost to the customer experience
Finally, the most impacted aspect of an organisation
is the customer experience. This includes how the customer views the organisation
as a steward of their data, their experience of receiving communications across
many channels, as well as their experience when they interact with digital
properties.
Collection of consent and responding to data
privacy requests must be thought through as strategically as any marketing
campaign to drive traffic, shopping cart experience to increase conversion or
supply chain assessment to drive down costs and increase customer
satisfaction. It can’t simply be bolted
on as an afterthought.
As regulations and requirements increase as
a result of increased scrutiny through laws such as GDPR and CCPA, the cost of
complying with customer requests eats away at top and bottom line profits.
Topline because the customer can exercise
the choice to work with companies that honor their consent and privacy wishes strategically
and proactively, bottom line because of the internal impact to ill-prepared
organisations as they react to inquiries from customers. To be successful,
organisations must think through the ramifications beyond the implementation of
a singular technology or in preparation for potential fines.