Though financial institutions are spending large amounts of money to update their security and to enhance their customer databases, little is being spent to manage their customers' privacy, according to a study by Meridien Research.
Financial institutions worldwide will spend $25 million this year on privacy technology and likely will spend as much as $167 million by 2006, according to the study, “From Privacy to Practice: Privacy Management Solutions.” Much of the spending will be misdirected toward database enhancements or modifications rather than toward privacy management, the study said.
Meridien also said that spending on privacy management will be inconsistent, with the 500 largest global financial institutions accounting for about 98 percent of the market. The institutions with a greater number of systems and processes will spend more to enhance the privacy of those systems and less on privacy-related customer service.
“Lack of a clear understanding about institutional privacy management issues will create a large amount of irrational or misdirected spending,” said Dennis Behrman, a Meridien analyst and the author of the report. “Many institutions will spend a portion of their privacy budget on encryption technology, biometric authentication systems or single sign-on solutions. These initiatives do very little, if anything, to mitigate the risk and decrease the costs associated with privacy management and compliance.”
Behrman said financial institutions should focus more on “privacy middleware,” or software that manages and controls both privacy processes and policies, which will let them proactively manage their customers' privacy needs on a one-to-one level.
“Institutions must find a way to use technology to take managerial policy and codify it as a set of operational rules,” he said. “The most effective way for technology to be used by an institution to manage a customer's privacy is through the use of rules-based engines to ensure the integrity of those business rules and to see to their enforcement.”