All you need is trust, trust is all you need?

Trust in politics, the media and big tech may be at an all-time low at the moment - for a variety of different reasons that it would take too long to go into - but trust is arguably the most important requirement for any successful fintech business.

Whether you are a fintech with a direct to consumer proposition or provide innovative back-office technology solutions to banks and others, you need, and must earn, the trust of your customers. Fintechs need to do, and be seen to be doing, the right thing.

Fintechs are not dissimilar from any other tech-enabled business (i.e. most businesses these days). They need: (i) great people with complementary skillsets, joining at right time, (ii) great technology or propositions, (iii) a well worked out business plan, (iv) loud cheerleaders and partners to help them to open doors and amplify the message and (v) access to funding. The additional ingredient for fintechs is that they need to have a well-tuned awareness of the financial services regulatory environment, and in particular the requirements around data use and data sharing.

The new data privacy regime (in the form of GDPR) has only be with us since May 2018, but it is already having a massive impact on how fintechs do business. The GDPR was a catalyst for all businesses to review and update how they collect and handle personal data (that is data that identifies living individuals). But it has also shed light on how businesses capture, use and share all forms of data – personal or not. GDPR is driving change across all forms of data processing, not just personal data.

Data privacy needs to be ‘baked in’ to fintechs’ business models from day one. Banks and other established financial services stakeholders are not likely to want to share data with fintechs, whether through open banking or some other form of collaboration, if the relevant fintechs cannot demonstrate that they handle data securely and lawfully and the systems they use are not susceptible to data breaches or cyber attacks.

Equally, customers are not likely to want to engage directly with fintechs, or move more of their financial business to them, if fintechs cannot assure customers their financial data – arguably one of the most personal and sensitive datasets – are going to be treated with respect and protected.

Trust in data practices, such as information security and backup, access rights and controls, privacy policies, data transfers and how businesses react to inevitable data breaches all point towards a culture of compliance. If fintechs can embed data privacy within their businesses from day one and encourage a genuine culture of compliance within their organisations, this will greatly assist them in winning the battle for trust and developing businesses that do the right thing. Trust may not be all you need, but without it fintechs will not thrive.