The New Currency of Personal Data, and a Bank's Growing Risk of Losing It

American banks have become some of the biggest personal data processors in the world–and that’s not always a good thing.

Since the 1920s banks have collected personal data, often clumsily, inefficiently and rarely centralized given that the relationship with most customers was often a local one. Banking clients relied on their local broker, teller, or advisor to have enough knowledge about them to make sound advice and offer personalized service. A client’s personal information often was entrusted in the hands of a few local bank employees and kept in a secured cabinet or server, backed up centrally as a precaution. The relationship between bank and local client was respectfully confidential, and that confidentiality was a function of local people’s good judgment to practice data discretion and privacy respect. In fact, any compromise of a client’s personal data was often a local event, a local story at most, and contained to relatively few players. For decades it was the George Bailey philosophy of managing and protecting people’s personal information. That world no longer exists.

With almost every bank collecting unprecedented volumes of personal data and centrally storing it, the new risks of Banking CIO’s have shifted from low radar, fairly contained data leaks to high profile, national data spills with growing waves of privacy litigation, crisis expenses, and regulatory costs in their wake. So why are today’s banks collecting so much personal data? Well, because they can and because they have to.