The Appropriate Use Of Customer Data In Financial Services

Our collaboration with the World Economic Forum

Using data to build a better financial system

Oliver Wyman and the World Economic Forum have collaborated to produce a new white paper: The Appropriate Use of Customer Data in Financial Services.

In an effort to better understand how disruptive innovation is reshaping the financial services landscape, Oliver Wyman has partnered with the World Economic Forum (WEF) on a multi-year initiative Balancing Financial Stability, Innovation, and Economic Growth (FSIEG). Our collaboration brings together senior industry representatives and experts from prominent banks, insurance, fintech companies and the public sector. A key part of this review has focused on the appropriate use of customer data in financial services.

The generation of data has exploded, with the global volume of data predicted to double from 2018 to 2022

Within financial services, enormous opportunities exist to use such data to create value for businesses and customers.

Technology-driven innovation enables companies to use data to develop cheaper and better services, increase efficiency and support financial inclusion. Innovations such as digitization, the Internet-of-things, and advanced computing have created new opportunities for business, however, it has also led to uncertainty about what it means to use customer data appropriately, risking a loss of trust that could destabilize the financial services system.

In recent years, data has allowed businesses to streamline applications for financial products and services, saving time and enhancing the customer experience. However today, many customers are concerned about data authenticity and the impacts of data misuse, from the growing number of automated telemarketing calls to issues about fraud and identity theft. To fully realize the benefits, greater consensus is needed across regions and industries, and customers need to trust that data about them will be used appropriately.


The accelerating data-fueled transformation demonstrates the need for stakeholders to align on principles governing the use of customer data.

Whether it is data breaches,  debates on sharing practices, or partnerships by banks and big techs to exchange customer information, policymakers recognize the need for guidance and have been implementing legislative responses—most notably through the European Union’s General Data Protection Regulation (GDPR). California and China have passed similar laws and numerous jurisdictions are currently formulating or reviewing their respective data regulations. These necessary efforts introduce important checks and balances, yet are insufficient.

The lack of governing principles and uncoordinated proliferation of global data frameworks may result in further regulatory fragmentation with adverse effects for innovation and new business formation


Our conversation with Ted Moynihan

Managing Partner and Global Head, Financial Services


Our collaboration with the World Economic Forum

Through a series of roundtable discussions and interviews with industry executives and experts across multiple regions, the Forum identified key challenges, considerations, and a set of global principles on the use of customer data in financial services. The development of global principles is an important first step in harmonizing customer data laws, regulations and practices.  

Business and policy leaders aligned on five themes that balance the opportunities and risks in customer data:  Control, Security, Personalization, Advanced Analytics, and Portability.

This balance is critical because too much regulation can stifle innovation, while too little customer protection risks the misuse of data, fraud, cyberattacks and possibly instability from loss of trust in financial institutions.


Five key Global customer data principles Answers 5 Questions
  • 1Control

    "Companies should be clear about their use of customer data, attain customer agreement to their customer data policies and, where appropriate, seek consent for specific uses."

  • 2Security

    "Companies should be held responsible and accountable for data security."

  • 3Personalization

    "Companies should be able to create individual customer-level profiles that allow them to provide differentiated customer services."

  • 4Advanced Analytics

    "Companies should be able to comprehensively test, validate and explain their use of data analytics and models to customers."

  • 5Portability

    "Companies should, where appropriate, allow customers to access, download, transfer and/or permit third parties to manage data about them."

Practical government regulation and industry implementationThe principles suggest a series of next steps for consideration by governments, incumbents and challengers, particularly in regions where regulatory frameworks are still being developed. By moving into greater aligment with the principles, these stakeholders can better manage data regulations and share best practices – ultimately, strengthening customer trust, and balancing financial stability, innovation and economic growth.

The Appropriate Use Of Customer Data In Financial Services