New Articles

Commerce, Currency, and Credit —and What’s Next

commerce

Commerce, Currency, and Credit —and What’s Next

The notions of commerce, currency, and credit are nothing new. For centuries, we’ve found ways to barter, borrow, and repay one another through the exchange of goods, services, or credit. Exchange aside, every form of currency has an assigned value agreed upon by the individuals or organizations participating in the transaction.

Need a house or a plot of land? Everything had a price. Back then, we offered what we had…like goats, cows, or crops. In modern times and with the development of currency, we have turned to coins, paper, plastic, and other forms of credit to define the values of our exchanges.

If we begin to think about the evolution of commerce in the context of innovation, we simultaneously begin to wonder, ‘What’s next?’

As the COO of a fast-moving fintech company, I look to innovation to answer this fundamental question. It will always be top-of-mind for me, in order to ensure that our business is at the forefront of innovation when it comes to contemplating the many ways Americans — particularly those in the small business community — think about and gain access to commerce, currency, and credit.

Today, small businesses are faced with an unfavorable choice when considering taking on additional capital: curb their instinct to innovate and grow, or encumber themselves with debt. While the growth of small businesses will help our economy thrive, we can’t increase our ability to provide funding to small businesses by maintaining the status quo. So how do we inject businesses with funds, without ultimately harming that growth and innovation?  I suggest several ways: decrease our industry’s approval time and simplify the process; provide customized offers and understand the uniqueness of each business through the implementation of artificial intelligence and advanced technology, and restore the innate integrity and trust from the nascent days of commerce.

Here are three topline factors that will drive commerce, currency, and credit — and what’s next:

Convenience

If we look at the transition in the consumer payments industry as a leading indicator, we think about the emergence of fast-pay apps like Zelle, Venmo, or Apple Pay, one thing is clear: convenience is king. Even if it costs the consumer a dollar or two, it beats the basic, but now outdated steps of writing a check, (purchasing and) putting a stamp on the envelope, putting it in the mail, and making sure the mail person gets it on time. Certainly, checks have a role to play in the exchange of money — and perhaps always will — but fast cash apps represent the shift.

If we examine the ways that small businesses have historically gained access to capital, what were once nothing more than hard-copy applications followed up by mountains of paperwork issued by traditional banks that required waiting weeks or even months to hear of an approval, is rapidly evolving into what is now a full-fledged industry dedicated to providing capital in mere days or even hours  —with companies in industries ranging from online retailers to credit card processors, and more, working to deliver working capital in the near speed it takes to complete an ATM transaction. Just as odd as dropping a goat off today to pay for a good or service would seem, so too will be the long timeframe to secure small business capital via a long arduous process.  We are quickly moving to a couple of button clicks on your cell phone and capital will be delivered into your business account.

Channels

When discussing my philosophy about our business, three words colleagues often hear me use are “channel of choice.” They refer to finding our customers by identifying who they are, where they are, and what is their preferred method of communication; and of course, delivering superior user experience.

Which “channel of choice” will appeal to the busy mom-and-pop shop owner who calls us from her landline in search of new ways to gain access to capital for a new storefront facade; or to the construction company that does most of its business and banking online and prefers to be reached via the web; or, to the 20-something app developer who likes to do his business with a simple click on his phone?

Our success is contingent upon creating an appropriate environment and successful strategy for each of our customers, all of whom have varying degrees of means and preferences to interact with us.  While mobile interactions will continue the trend to dominate in preference, there will likely always be a need to handle interactions with just a simple phone call.  And delivering an intentional experience with all of those channels in mind will become the new normal

Caution

Over the past few years, the vulnerability of data, privacy, and information security systems has been exposed. As we move into a more digital environment where every piece of data is at your finger times, it’s incumbent upon us in the alternative financial services industry to evaluate the ways we protect the vast information we hold in similar ways customers expected traditional banks to hold and secure their deposits. The phrase “data is the new currency” is quickly becoming reality and expectations of security from those who provide us that information will be just as high as dropping of a deposit to your local bank. As mountains of information continue to become available, it will become a focus for all to consider how we store that information just as a bank locks up its currency in a vault.

_____________________________________________________________________

Herk Christie is the Chief Operating Officer of Expansion Capital Group, a business dedicated to serving American small businesses, by providing access to capital and other resources, so they can grow and achieve their definition of success. Since its inception, ECG has provided approximately $400 million in capital to over 12,000 small businesses nationwide.

How to Survive the Coming Data Privacy Tsunami

Just as we have gotten used to the idea that the EU’s General Data Protection Regulation (GDPR) is a fact of life and have made modifications in our data collection procedures, the Brazil General Data Protection Law (LGDP), the California Consumer Privacy Act (CCPA), and waves of proposed new data privacy laws are swirling in the calm forewarning of a privacy tsunami heading our way. In the middle of such deep acronym swirls, it could be easy to be overwhelmed. However, all the privacy regulations share a number of commonalities and by addressing these now, you will be on high ground as the waves begin to pound.

The compliance life raft

While you will need to pay attention to the details of individual data regulations as they arise, whether already adopted, pending adoption, or only proposed, all the regulations share certain commonalities that you should consider addressing as part of ongoing operations.

1. Accountability and governance

At the heart of data privacy requirements is the aim to have organizations develop a plan to self-manage data in a way that respects end users. To address accountability and governance requirements in your organization, consider, have you:

-Reviewed the applicability and risk to the organization from data privacy issues, and considered alternatives, including insurance, in case you are fined?

-Mandated that data privacy become part of the policy program, including staff training, measurement, and compliance reporting?

-Clearly documented roles, responsibilities, and reporting lines to embed privacy compliance?

2. Consent and processing

A fundamental privacy regulation concept is that end users are aware when and why their data is collected, and what happens to it once it’s given. To address these requirements, ask yourself whether you have:

-Reviewed that the data being collected and used is necessary and for the benefit of completing a desired action by the user?

-Identified sensitive data and ensured it is treated as such through the use of special encryption or by validating vendor storage practices for sensitive data, etc.?

-Confirmed that user consent for data collection is clearly captured and documented, and that user data can be modified or erased?

3. Notifications and data rights

Gone are the days of legalese or simply taking data from users because we can. Data privacy regulations require transparency, user awareness, and forthright behavior by businesses. To ensure you get this right, ask yourself whether the organization has:

-Written user notices clearly so they can be easily understood—properly targeted to children where relevant—and are reflective of specific data collection and usage purposes?

-Updated the internal organization’s data privacy policy to clearly state the rights of prospects and customers regarding the collection and processing of their personal data?

-Created and tested processes to correct and delete all user data if needed?

Developed a solution to give users their data in a portable electronic format?

4. Privacy design

Organizations that treat privacy as a core design principle will always be in alignment with data privacy regulations. In my consulting experience, I see many self-disciplined organizations that have historically had good privacy practices and have little to address with each new law. To get to that state, ask whether you have:

-Created or updated the policy and associated process to embed privacy into all technology and digital projects, including those outsourced to vendors and partners?

5. Data breach notification

For many organizations, the question nowadays isn’t whether the organization will have a breach, but rather when will it happen and how will they respond. To address regulatory breach aspects, ask whether the organization has:

-Created (or reviewed and updated an existing) data breach policy and response plan to reflect detection, notification, and the actions to mitigate loss?

-Considered and obtained insurance for a possible data breach and regulatory penalties that the organization may face but not be able to handle on its own?

-Incorporated data breach terms and requirements into all vendor and third-party contracts?

6. Data localization

New data privacy regulations state where data physically must be stored, and if transferred to another country, what are the requirements for doing so. Your organization will be well positioned to meet this requirement if it can answer:

-Have we identified and updated all cross-border data flows from the country where the data is collected, and reviewed data export for on-premise and cloud solutions?

7. Children’s online privacy considerations

Data privacy regulations are concerned with end users, but  are even more strict about children and their online data protection and rights. It is best to get ahead of these issues by asking whether the organization has:

-Defined what data it collects from children, whether as a business practice or through efforts like “take your child to work day”?

-Are user notifications and online privacy statements written in a way that a child could understand them, and do they state that parental consent is required?

8. Contracting and procurement

Most businesses may struggle to understand exactly what personal user data is collected via websites, mobile applications, and other digital platforms, especially through third-party software solutions and vendors. To make sure that your organization isn’t caught out, ask whether you have:

-Reviewed and ensured that all vendors, customers, and third-party agreements reflect data regulatory requirements?

-Defined procurement processes such that privacy is integrated into all products and services the organization buys, including regarding data minimization, the visibility of onward data flows, and data ownership?

The bottom line

After years of collecting as much data as we could, we are starting to realize that all of that data has an evil twin: risk. In addition, consumers have become more aware that their data is a valuable resource, and they’re asking more questions about how it’s used and who has access to it. Governments, too, are starting to pay attention. Make sure that you get ahead of the coming data privacy regulatory waves before it becomes an unimaginable problem.

KRISTINA PODNAR is a digital policy innovator. For over two decades, she has worked with some of the most high-profile companies in the world and has helped them see policies as opportunities to free the organization from uncertainty, risk, and internal chaos. Podnar’s approach brings in marketing, human resources, IT, legal, compliance, security, and procurement to create digital policies and practices that comply with regulations, unlock opportunity, strengthen the brand and liberate employees.

Podnar speaks regularly at industry conferences, contributes articles to publications, and delivers masterclasses on digital policy. Podnar is the Principal of NativeTrust Consulting, LLC. She has a BA in international studies and an MBA in international business from the Dominican University of California and is certified as both a Change Management Practitioner (APMG International) and a Project Management Professional (Project Management Institute).

The Power of Digital Policy: A practical guide to minimizing risk and maximizing opportunity for your organization is available on Amazon and through other fine booksellers. For more information, visit Kristina @ www.kpodnar.com and on LinkedIn and Twitter.