INTRODUCTION
Cross-selling is a practice employed by Fin-tech companies to offer additional financial products or services to existing customers, which has become essential to the business model for many Fin-Tech companies. Cross-selling is one of the primary methods of generating new revenue for many businesses, including Fin-Tech companies.
The practice of cross-selling relies heavily on the collection and utilization of personal data collected on the basis of previous order history, cookies etc. Therefore, the advent of the Digital Personal Data Protection Act (“DPDPA”) will have significant implications on the Fin-tech industry, particularly in the context of cross-selling due to heavy reliance on user data.
In this article, we attempt to delve into the key aspects of the DPDP Act and its impact on cross-selling by fintech companies, highlighting the challenges and opportunities it presents.
HOW CROSS-SELLING WORKS
The companies in order to propose new products to its existing user data base frequently employ data analytics and machine learning algorithms to discern optimal cross-selling prospects.
Four Categories of Innovation in Cross-Selling are:
ENHANCED DATA PROTECTION
The Fin-tech companies initially under the guise of terms and conditions, used the consent obtained from their customer through a single click for all purposes, including the further sale or advertisement of other products or services.
However, with the advent of the DPDPA, this practice is no longer tenable as the DPDPA establishes a robust framework for data protection, requiring Fin-tech companies to obtain explicit consent from customers for cross-selling activities, ensuring transparency regarding the types of data collected and the specific products or services being offered.
CONSENT AND TRANSPARENCY
Under the DPDPA, Fin-tech companies must obtain informed consent from customers before engaging in cross-selling. This includes providing clear and easily understandable information about the purpose of data collection, the intended use of the data, and the potential recipients of the data.
For instance, if a single consent is obtained from the customer, encompassing the use of their data to provide a service and present new products from the platform or its partners, this bundled consent may not suffice. However, if the user explicitly consents to two distinct aspects – first, the utilization of their data for service provision, and second, through a separate checkbox, the utilization of their data to receive new offers or products – this approach may prove acceptable.
Fin-tech companies must also ensure that customers have the option to withdraw their consent at any time. Transparency in cross-selling practices builds trust and empowers customers to make informed decisions about sharing their data.
RESPONSIBLE DATA HANDLING
Compliance with the DPDPA necessitates responsible data handling practices by Fin-tech companies. This includes implementing robust security measures to protect customer data from unauthorized access, ensuring data accuracy, and regularly reviewing and updating privacy policies.
Fin-tech companies must also adopt data minimization practices, collecting only the necessary data for cross-selling purposes. Responsible data handling not only ensures compliance but also fosters customer confidence in the security of their personal information.
CHALLENGES
Cross-selling entails two fundamental components: Firstly, presenting the customer with personalized advertisements, prompts, or offers for the new product; and Secondly, facilitating the user journey once the user encounters and engages with the prompt.
In the latter scenario, where the user is already interacting with the platform, notice and consent can be sought at that juncture. However, in the former situation, where the user has not yet engaged with the new product offering and the sole intention is to present them with a personalized prompt, there is no opportunity to secure consent or provide notice. This is where the complexity of the matter arises.
Hence, while the utilization of data for cross-selling is permissible, it necessitates the implementation of appropriate controls, user interface/user experience (UI/UX) adjustments, consent procedures, or records. Some of these measures may introduce certain complexities into the customer journey, but thoughtfully designed solutions can mitigate such hurdles while ensuring that users have access to relevant information to make informed choices
OPPORTUNITIES
That compliance with the DPDPA although requires significant investments in data protection infrastructure, staff training, and business models yet in the longer run it is more beneficial not only to the user but also to the companies and entities which have a benefit to stalking user data as complying with the positions of this act would ensure that the data that is collected is more refined and accurate, meaning the quantity of data might be lesser but the accuracy and quality of it would be better.
The Fin-Tech companies shall also ensure to navigate the complexities of obtaining explicit consent and ensuring transparency not just in letter but also in spirit, which may impact the efficiency of cross-selling processes. Compliance can also lead to stronger customer relationships based on trust and transparency which is valuable in in the Fin-tech industry due to the volatile nature of the market.
AMLEGALS REMARKS
Innovative cross-selling strategies are transformative in the realm of FinTech. They not only augment revenue but also elevate customer lifetime value (LTV), as technology advances, these methodologies are poised to become indispensable for any Fin-Tech enterprise aspiring to achieve sustainable growth.
However, take note that the advent of the DPDPA will significantly impacts cross-selling practices in the Fin-tech industry. Therefore, Fin-tech companies in order to comply with the DPDPA must prioritize data protection, consent, transparency, and responsible data handling. While compliance presents challenges, it also offers opportunities for Fin-tech companies to build trust, enhance customer relationships, and gain a competitive edge.
By embracing the requirements of the DPDPA, Fin-tech companies can navigate the evolving landscape of data privacy and cross-selling, ensuring the responsible use of personal data while delivering personalized and relevant financial products and services to their customers.
– Team AMLEGALS
For any query or feedback, please feel free to get in touch with tanmay.banthia@amlegals.com or jason.james@amlegals.com