Even Non-Regulated Organizations Must Adopt GDPR Best Practices to Compete

“We’re moving from defense to offense. After years of focusing on regulatory and compliance reporting, we are pivoting to use our data assets for innovation.”

So said Joan dal Bianco of TD Bank at MIT’s gathering of CDOs last year. It was a bit of a celebratory moment for the banks present: all had passed the Comprehensive Capital Analysis Review (CCAR), a regulatory framework created by the Federal Reserve to oversee large US banks and other financial institutions. According to CIO Magazine, it was the first time the banks had all passed the CCAR, thanks to the greater data accuracy that followed their big investments in data management infrastructure, which in turn is allowing them to turn to offense.

It’s the same spot a lot of other organizations are starting to find themselves in now after having spent the last two years preparing for GDPR, which finally went into effect in May. While the primary motivation for getting their data houses in order was driven by compliance (and avoiding steep regulatory fines), cleaning up their act for the sake of governance meant gaining a better understanding of their data, which allows them to put all their previously locked intelligence to work toward generating new money-making opportunities, insights, products and services.

If that isn’t motivation enough for organizations not (yet) affected by regulations like GDPR or the California Consumer Privacy Act to get their data houses in order, I don’t know what is. Data is the new currency, and only those who know where exactly that “money” is can know how to spend it. The organizations that were forced to adhere to GDPR are now well-oiled data machines that are only beginning to wield the mighty power of their data.

How? For one, they have GDPR-mandated CDOs now putting their data to work strategically for competitive gain. These CDOs are solving business problems, not data problems, and for many, customer satisfaction is at the top of the list. Airlines, for instance, can combine all the data pouring in from all kinds of sources, including social media and surveys, to predict how customer satisfaction will be impacted any number of factors, such as how long it takes to board a plane or where the passenger sits. “We need to be operating at the level of Google,” one Joe Leader, chief executive of the Airline Passenger Experience Association, recently said. Customer retention, churn reduction, loyalty management–these are all areas that can be boosted with advanced analysis of data the industry had largely been sitting on. (Even United president Scott Kirby has said United was losing $1 billion a year in lost revenue due to lackluster handling of data.)

It’s mind boggling lethargy in the face of tremendous opportunity. You can see the same costly neglect throughout every industry, each of which is about to experience a shake-out as the data-driven outmaneuver the data nappers. In manufacturing, data is being used to revolutionize the supply chain, where new data clarity is driving efficiencies in partner collaboration, demand forecasting, and delivery networks. In financial services, banks are starting to use voice analytics to uncover hidden insights from the everyday conversations providers are having with their customers. Restaurant chains are leveraging their trend analytics to come up with new recipes and menu offerings that are more likely to draw instant favor from customers.

Just as most organizations eventually had to build a presence on the web, most will eventually have to adopt the same compliance-driven best practices of those governed by GDPR to compete in today’s information-driven world. So what are you waiting for? You’re going to have to get your data house in order eventually. And all the data that continues to pour won’t make it any easier when you do.