There is a growing emphasis on collecting consent and ensuring privacy of customer data because of increased regulation such as GDPR and CCPA and general customer backlash. In this environment, the “cost” of compliance is a top of mind factor for companies, but how “cost” is considered varies from organisation to organsation.
Irrespective of an organisation’s approach, the cost and complexity of solving the consent and privacy problem remains high.
Some companies focus on the cost of setting up technology to collect, track, store and report customer consent and privacy across their enterprise systems. They focus on making a solution-based cost benefit decision, seeing the compliance problem simply as a project to complete and an item to check off their to do list.
Others focus on quantifying the cost of potential fines associated with non-compliance. Their focus is risk-reward and decisions are based on the potential risk and associated cost to the organisation for a complaint.
By defining a consent and compliance project so discretely, organisations overlook an expensive and impactful aspect of addressing the requirement which starts with a simple request when a customer asks to be removed from a communication.
Without approaching compliance holistically, a request to be removed, be forgotten or for an understanding of what is being collected on a customer becomes a grain of sand in the gears of the company. This grain of sand negatively impacts and slows down the overall organisation as it works to address the request.
As the request moves from department to department, the cost to address a compliance inquiry grows exponentially – and this expense grows as the number of requests grow.
Cost to customer service
In most cases, the information needed to answer common customer requests such as – tracking whether their product shipped, their order was placed or learning the status on their account –is relatively easy. That’s because they’ve spent years and lots of money building out their core CRM systems.
This is not true for consent and privacy data. This data is stored across many different systems and tools within the enterprise. Additionally, accomplishing a consolidated view requires a proper data map to what information is stored where.
By allowing customers to complete consent and privacy requests via self-service or providing customer service representatives easy access to customer data across the enterprise, customer inquiries can be handled effectively before they become a larger problem.
Without an overall understanding of where data is stored, how to access it and more importantly make a change, no request for consent or privacy data can be easily addressed. This results in significant time and effort by the customer service representative and others across the organisation as well as multiple communications with the customer regarding the status of their request.
Cost to marketing
Good marketing presents a well thought out brand promise and makes the customer take notice.
However, in order to fulfill compliance requirements, many companies deploy tactics that result in less than ideal messaging to customers regarding the use of their data. These messages only confuse, frustrate and certainly don’t convert customers.
In other cases, an attempt to quickly address consent and privacy risks, organisations turn to band-aid fixes such as the implementation of complete opt-out versus opt-down or the decision to not send outbound communications at all.
The loss of customer communication, either because of overly stringent adherence to compliance laws and regulations or due to confusing compliance language impacts the effectiveness of marketing and decreases ROI on marketing efforts.
Well thought out consent collection and data privacy access at key moments in the customer journey is key to converting compliance from a cost to marketing to a marketing advantage.
Cost to compliance
Without a proper governance approach, the compliance department finds itself stuck in a cycle of one-off responses to complaints and addressing compliance requests that arise. To address the problem “of the moment”, the department tasked with compliance works in a constant triage.
Consent and privacy management is not a technology and it is not a project.
To address these correctly, it requires an overarching practice, a general shift in the way the organisation views the customer and works internally. Fully addressing consent and privacy requests requires input from all departments to stand up a well thought out approach and continually update it as the technology, business and compliance environment changes. The compliance department must be strategic about its approach in order to be successful.
Cost to the customer experience
Finally, the most impacted aspect of an organisation is the customer experience. This includes how the customer views the organisation as a steward of their data, their experience of receiving communications across many channels, as well as their experience when they interact with digital properties.
Collection of consent and responding to data privacy requests must be thought through as strategically as any marketing campaign to drive traffic, shopping cart experience to increase conversion or supply chain assessment to drive down costs and increase customer satisfaction. It can’t simply be bolted on as an afterthought.
As regulations and requirements increase as a result of increased scrutiny through laws such as GDPR and CCPA, the cost of complying with customer requests eats away at top and bottom line profits.
Topline because the customer can exercise the choice to work with companies that honor their consent and privacy wishes strategically and proactively, bottom line because of the internal impact to ill-prepared organisations as they react to inquiries from customers. To be successful, organisations must think through the ramifications beyond the implementation of a singular technology or in preparation for potential fines.