Traditionally, credit bureaus have been responsible for analyzing a person’s creditworthiness and providing credit reports and credit scores, which helps creditors, such as banks, determine an individual’s risk. Nevertheless, this method alone hasn’t proved entirely fruitful.
An estimated 40 percent of US consumers struggle with financial inclusion. In the USA, 25 million people have no presence at the credit bureau, 28 million have limited presence, and 70 million have low credit scores, locked out of access to the most reasonably priced financial products[1].
The Impact Of FinTech
New financial technology has demonstrated that it is possible to have a different and more accurate credit scoring approach based on a more holistic view of a person. For example, consider a person’s past behavior within the financial system and explore behaviors in different contexts and time changes.
New partnerships and tools can help lenders meet consumers that don’t have a credit bureau footprint to empower them.
Regulations have also been traditionally anchored on the information provided by credit bureaus, but in light of the new data, will these regulations change?
Compliance Within Traditional Credit Bureaus
Each region has different regulations regarding the use of data for credit reporting. In the USA, the Fair Credit Reporting Act (FCRA) regulates how credit bureaus can collect, access, use, and share information about individual consumers.
This federal law was passed in 1970, and it applies to the entire United States, although some states might have their own laws regarding credit reporting.
The Fair Credit Reporting Act also determines who and when somebody can access a credit report. For instance, if businesses are looking for this information for employment purposes, they require previous consent.
Furthermore, twenty-nine years after the FCRA, the Gramm-Leach-Bliley Act (GLBA) became effective as federal law.
The Gramm-Leach-Bliley Act requires financial institutions that offer loans, financial or investment advice, or insurance to protect personal information and respect data privacy.
Compliance In The European Union
In the European Union, the GDPR, The General Data Protection Regulation, is the legal framework that sets guidelines for data protection and privacy in the region.
The GDPR regulates any business that processes personal data by automated or manual systems[2].
However, according to the European Commission, the executive branch of the European Union, when personal data turns out to be anonymous and individuals are no longer identifiable, it can not be considered personal information. Thus, it is outside egulations.
The Regulation Of Alternative Data
These regulations benefit information about traditional credit reporting bureaus such as Equifax, Experian, and TransUnion.
The data that is analyzed includes credit account information, payment history, or balance of an account. But what about alternative data? How is the use of this data regulated?
Alternative data is the set of information that comes from various sources such as mobile apps, web and touchscreen interaction, online purchases, and bill payments.
This data is analyzed by machine learning algorithms, capable of predicting human behavior in real-time and (re)learning continuously.
Alternative data is gaining popularity amongst lending companies and insurance providers to evaluate the creditworthiness and trustworthiness of an individual beyond their limited credit history or insufficient credit extension.
FinTech Can Help With Customer Privacy
The good news is that fintech companies currently using this data have the technology to keep customer privacy at the forefront.
Credit scoring utilizing smartphone and web metadata offers a mutually beneficial solution to consumers and institutions, detecting delinquent patterns and thus generating reliable credit scores.
Credolab is a fintech company that offers an alternative scoring solution using non-personal metadata to ensure companies comply with local regulations.
This way, the data collection complies with laws, protecting a person’s privacy and protecting customers against misappropriated data.
For instance, laws allow individuals to ask for a ‘security freeze’ on their credit report, which means that the reporting agency needs to ask for consumer authorization before releasing any information contained in the credit report[3].
In this case, credolab beats the “security freeze” by asking for consent before collecting any data.
Alternative Data FinTechs
By combining data protection and consent with new opportunities for credit subscribers, alternative data fintechs can help lenders grow their client portfolio without incurring any additional risks and stay compliant with local regulations.
At the same time, individuals can improve their scores and reach their personal objectives while keeping their identities safe.
[1] https://www.credolab.com/blog/stimulus-worked-why-we-should-build-on-this-to-widen-credit-access
[2] https://ec.europa.eu/info/sites/default/files/data-protection-factsheet-sme-obligations_en.pdf
[3] https://www.alliance2020.com/revisions-fair-credit-reporting-act-summary-rights/