EURIM Personal Identity Forum Data Sharing 28 th October 2004
Consumer Credit Grantor Applies for credit & gives consent Credit Application
Consent For the credit provider to access the individual’s credit data For the credit provider to access the individual’s credit data To record a search and allow others to subsequently see the search To record a search and allow others to subsequently see the search If credit is granted / accepted to allow the credit provider to provide a monthly update on the conduct of the account If credit is granted / accepted to allow the credit provider to provide a monthly update on the conduct of the account
Consumer Credit Grantor Credit Reference Agency Requests access to data Validates the requestor Registers a search Authenticates the identity of applicant Data Requests Validated
Consumer Credit Grantor Credit Reference Agency Registers a search Experian SMS message confirming enquiry Consumer Notified
Consumer Credit Grantor Credit Reference Agency Registers a search Other Credit Grantors Subsequent access to previous searches Experian SMS message confirming enquiry Consumer Notified
Consumer Credit Grantor Credit Reference Agency Credit offered or declined Data returned Application processed & terms of business offered Appropriate data assembled Level of data access rights checked Type of transaction checked Data Processed
Reciprocity & Compliance “Only get out what you put in” “Only get out what you put in” Default level Default level ‘Bank’ level ‘Bank’ level Full data Full data Data can only be used for pre-defined purposes Data can only be used for pre-defined purposes Authentication - no financials
Consumer Credit Grantor Credit Reference Agency Credit offer taken up Conduct of account & changes to details refreshed monthly Account set up Credit data updated Fraud data Account Set Up
Consumer Credit Grantor Credit Reference Agency Tokens - Credit Card, ATM card, CGC ID & Password Account set up Facilities Issued
Consumer Credit Grantor Credit Reference Agency Request for copy of credit file Copy of credit file returned Authenticates the identity of applicant Credit File Request
Consumer Credit Grantor Credit Reference Agency Consumer advised to contact credit grantor Consumer disputes data on credit file Experian annotates data to indicate it is in dispute Dispute resolution
Consumer Credit Grantor Credit Reference Agency Data dispute resolved & changes to data advised Experian updates data Investigates complaint Consumer contacts credit grantor Dispute resolution
Access to data is based upon consent Access to data is based upon consent Consumer authenticated using electronic data Consumer authenticated using electronic data Organisation requesting data is validated Organisation requesting data is validated Organisation’s level of data access determined Organisation’s level of data access determined Consumer notified of the search on their credit data Consumer notified of the search on their credit data Data assembled and returned to the organisation Data assembled and returned to the organisation Data updated frequently by the data providers Data updated frequently by the data providers Consumer has access rights to their data Consumer has access rights to their data Disputed data ‘suspended’ pending correction Disputed data ‘suspended’ pending correction Summary
OIC OIC FSA FSA Standing Committee On Reciprocity Standing Committee On Reciprocity DPA DPA Consumer Credit Act Consumer Credit Act Proceeds of Crime Act Proceeds of Crime Act Representation of the People Act Representation of the People Act Controlling Factors
Historic Issues - Financial Services Disparate products (and data) Disparate products (and data) Fear (of losing market lead etc.) Fear (of losing market lead etc.) Data quality of source data Data quality of source data Data Protection Data Protection consent going forward retrospective consent Emerging new uses of the data Emerging new uses of the data Ability to target the individual accurately Ability to target the individual accurately Vision of member (protective / progressive) Vision of member (protective / progressive)
Drivers - Financial Services Reduce fraud & credit risk losses Reduce fraud & credit risk losses Drive for efficiencies Drive for efficiencies Adding to a pot of data already created Adding to a pot of data already created Ease of access through existing channels Ease of access through existing channels Economies of scale - bigger / more accessible pot Economies of scale - bigger / more accessible pot No risk to the contributors No risk to the contributors contributing the data developing the mechanism on-going operation
Drivers - Financial Services Consistency within the shared data Consistency within the shared data Increased data quality - accuracy / timeliness Increased data quality - accuracy / timeliness Targeting the right people re: eligibility Targeting the right people re: eligibility Improvements to customer service Improvements to customer service time & cost to process applications elapsed time Need to proactively identify people at risk Need to proactively identify people at risk over commitment
The Solution Membership Membership Governance - Principles of Reciprocity Governance - Principles of Reciprocity Quality Standards Quality Standards Third Party Data (TPD) Agreements Third Party Data (TPD) Agreements Schedules Schedules Infrastructure Infrastructure Legislation - CCA, ROPA, DPA Legislation - CCA, ROPA, DPA Codes of conduct - DMA, FLA Codes of conduct - DMA, FLA Close interaction with regulators - ICO, DTI Close interaction with regulators - ICO, DTI
The Solution Outsourced to a third party Outsourced to a third party Commercial contracts Commercial contracts No charges to members supplying data No charges to members supplying data Charges for use of data Charges for use of data Auditable unique reference no. for each enquiry Auditable unique reference no. for each enquiry
The Solution Scaleable solution - volumes, response times, data types Scaleable solution - volumes, response times, data types Central point of expertise & ‘even-handedness’ Central point of expertise & ‘even-handedness’ Eligibility Eligibility access to data levels of data vs. level of membership level of data linked to type of transaction Delivery channels Delivery channels Additional data pots e.g. Electoral Roll Additional data pots e.g. Electoral Roll
The Solution Add in ‘own’ or partner ring-fenced data Add in ‘own’ or partner ring-fenced data Added intelligence - interpretation of the data Added intelligence - interpretation of the data Added value - e.g. credit scoring Added value - e.g. credit scoring Consumer Help Service infrastructure Consumer Help Service infrastructure handling 1.2 million requests per year subject access within tighter SLAs deflects access requests away from member
Drivers - Government Public Demand Public Demand Efficiency Review Gershon Efficiency Review Gershon Consequences of not moving forward - Bichard Consequences of not moving forward - Bichard Expectations rising re: service provision Expectations rising re: service provision Mobility, remoteness, data assets - increasing Mobility, remoteness, data assets - increasing Individuals more aware of ID fraud Individuals more aware of ID fraud Individuals want their ID to be protected Individuals want their ID to be protected Need to proactively identify individuals’ needs Need to proactively identify individuals’ needs Changing attitudes - “ID fraud is ok” Changing attitudes - “ID fraud is ok”
Differences DWP has ‘pay on demand’ ethos DWP has ‘pay on demand’ ethos people in need no time to review before payment Constrained by embedded policies, procedures & rules Constrained by embedded policies, procedures & rules Freedom of Information Act hits public sector harder - need to provide subject access Freedom of Information Act hits public sector harder - need to provide subject access More scope to give themselves legislative power e.g. SSFA More scope to give themselves legislative power e.g. SSFA Motivation? Motivation?