The Age of Consent – Priviti and Pinsent Masons Publish White Paper on Consent Management
Priviti and Pinsent Masons have collaborated to prepare a consent management policy in order to help banks move forward with adoption of innovative solutions that engender customer trust on the one hand, and meet the requirements of the applicable regulatory framework on the other.
A consent management policy is needed to meet the interrelated regulatory requirements the Payment Services Directive 2 (PSD2), the General Data Protection Regulation (GDPR) and, for some banks, the CMA’s Retail Banking Market Investigation Order.
While PSD2 and Open Banking present exciting developments in financial services and has the potential to revolutionise how consumers engage with financial products and services. Banks across the EU are under significant pressure to collaborate with fintechs, invest in innovation and develop new solutions. This collaboration usually involves data sharing with consumer consent and poses a significant challenge to incumbent banks.
Speaking at the Innovate Finance Global Summit, Dave Cunningham, CEO of Priviti said “We are entering the Age of Consent. This landmark legislation, GDPR, impacts every organisation across the globe who hold personal data relating to European Citizens. GDPR challenges many organisations business models and they are looking for bank grade security and protocol to manage their obligation to comply and avoid fines of €20m or up to 4% of Group turnover.”
“Internally, the challenge for banks is to ensure that they have taken all of the steps required to obtain valid consent. In the open banking world, this is not simply about asking the customer to sign terms and conditions. The ‘three step consent model ‘ of ‘consent, authentication and authorisation ‘ must be understood and implemented effectively. “