Posts Tagged ‘compliance’

Compliance is Not Optional

The roots of the term “compliance” were first used in the early 1600s when, according to the Merriam-Webster dictionary, complying meant being ceremonially courteous. Today, it involves much more than courtesy: in fact, it is often central to keeping your company out of financial and legal trouble. And it is a big part of the life of any data manager nowadays.

If you contact prospects or customers from a database, your business faces a host of regulations regarding the privacy, security and data quality of their data. These rules touch on areas such as unsolicited marketing contacts, phone and email messages, whether you are maintaining fair lending practices, and much more. And in some cases, the penalties for non-compliance can be severe.

Here, I would like to look at some of the biggest compliance issues our customers face, and how we support best-practice strategies for managing your compliance risk. Let’s start by breaking down three of the biggest areas of regulation businesses are likely to deal with regarding contact data.

TCPA

If you do outbound marketing or customer contact by telephone or text messaging in the United States, you are subject to the Telephone Consumer Protection Act (TCPA), a Federal regulation designed to protect consumers – particularly wireless users – from unsolicited marketing contacts. Penalties for violations can be as high as $1500 per call or text message, and many familiar firms have been subjected to multi-million dollar fines in recent years.

Our DOTS GeoPhone Plus service is specifically designed to help ensure TCPA compliance for your phone contact records. First, it verifies the subscriber’s name, so you can check it against your contact records. Second, it tells you what type of line it is (landline, wireless, VOIP) and, if ported to a new line, the date of porting – this is important, because if a wireless number changes hands from your contact, you only have a 14-day “safe harbor” under TCPA to stop sending messages to the new owner. Finally, it provides other important information such as SMS/MMS data and SIC codes for business numbers.

GDPR

If you have marketing or business contacts with residents of the European Union, these now fall under the strict General Data Protection Regulation (GDPR) data privacy laws that took effect in 2018. These new rules encompass areas including making sure contacts explicitly opt-in, giving contacts control over the use of their personal data, and restricting unsolicited marketing. Penalties for non-compliance can range as high as 20 million Euros or 4% of annual turnover, whichever is greater.

Our global address validation tools can help you maintain GDPR compliance by flagging contacts who reside in Europe, and also automate compliance with GDPR Article 5 by producing a Certificate of Accuracy (COA) for each of your contact records, to assist with potential compliance audits. We also offer a free GDPR data assessment on request.

CAN-SPAM

The US CAN-SPAM act prohibits sending unwanted commercial email, such as mailing to a harvested address, with penalties ranging up to $42,530 per email. CAN-SPAM compliance largely starts with your business processes, ensuring that your contact email addresses have opted in to receive commercial email from you. Our DOTS Email Validation service can enhance your email marketing efforts and protect your sender reputation by ensuring these addresses are legitimate, as well as flagging potential spammers, fraudulent email addresses, spam traps and honeypots, and much more.

Building an infrastructure for compliance

With a tip of the hat to Merriam-Webster, compliance is about much more nowadays than bowing and curtsying to the king. In fact, it is about more than simply complying with regulations: it is also about having the infrastructure to prove compliance and back it up with data. This is one area where an ounce of prevention is worth more than a pound of cure, with the use of real-time tools to validate your contacts and procedures, as well as leveraging these tools to prepare for future compliance questions or audits.

The High Cost of Poor Data Quality

If you are a marketing, order fulfillment or data manager, there are some things you don’t want to be greeted with when you come to work in the morning – and a surprising number of them revolve around issues with your contact data. For example:

  • You’ve sent someone’s sensitive personal information to a similar but incorrect address that was fat-fingered during data entry, and it’s become a news story.
  • 20% of your marketing budget was spent on direct mail pieces to people with names like “Mickey Mouse” and “SpongeBob SquarePants” who faked out your lead magnets to get free bonuses.
  • You shipped several high-ticket items to a fraudster using fake contact information.
  • You are facing a court order for violations of the Telephone Consumer Protection Act (TCPA), for unsolicited telemarketing to wireless phones that once belonged to your contacts but have now changed hands.

According to Gartner, the cost of bad data to US businesses is roughly $15 billion per year as of 2018, and UK site MyCustomer notes that bad customer data alone costs UK businesses 5.9% of annual revenue. But those are just aggregate numbers that often don’t mean anything to the average business. Here, let’s look at some of the real ground-level consequences of bad contact data.

Marketing inefficiency

According to this source, the average company spends $180,000 per year simply on direct mail that is misdelivered due to inaccurate data. Your cost per converted lead is directly impacted by the quality of your data, in a chain that runs through areas such as direct mail costs, list maintenance, human intervention, and the yield and ROI of your campaigns.

Reputational damage

Misdelivered packages. Service failures. Customer service issues. Problems like these are what, down in the trenches, create negative brand reputations that no amount of advertising or marketing can overcome – particularly in an era of social media, where your failings are always on display. Conversely, when people can count on you for quality in all of their interactions with you, it builds consumer trust and a good word-of-mouth reputation.

Compliance issues

This is one area where the cost of bad contact data becomes very real and tangible, as newer data privacy regulations have introduced serious penalties for compliance violations. For example, the European Union’s GDPR regulation includes potential fines of up to 4% of annual revenue, while the TCPA regulation mentioned above includes penalties of up to $1500 per individual violation, resulting in numerous multi-million dollar judgments against consumer firms nationwide. As a result, compliance issues alone have become a major reason for an increasing focus on data quality.

Pay now or pay later

One way to look at the impact of data quality on your business is what we call the “1-10-100” rule:

  • Catching bad data at the time of data entry may cost one cent per entry
  • Correcting bad data at the time of use may cost ten cents
  • Managing the consequences of using bad data may cost a dollar – or more

Scaling this to an organizational level, a proactive approach to data hygiene is far and away the most cost-effective way to avoid the negative financial and reputational consequences of bad contact data.

This means having processes that encompass all of your contact data touch points, including marketing, shipping, customer service and more. In particular, it means ensuring clean contact data at both the time of data entry and the time of deployment, since data decays at a substantial rate every year.

Today this also means automating the process of contact data quality, by integrating tools such as address validation, email validation, lead and order validation directly into your marketing automation or CRM environment.

Want to learn more? Visit our solutions pages online, or download our free white paper Hitting the Data Trifecta: Three Secrets of Achieving Data Quality Excellence.

Accurate Contact Data and Compliance

If you are a data professional, the word “compliance” has become a bigger part of your vocabulary than ever lately. Data privacy laws have proliferated in recent years, risks and potential penalties for violations have increased, and customers and prospects are more aware of their rights than ever.

These laws all have one thing in common: the need for accurate contact data. In this article, I would like to give you an overview of why validating your contact data assets, at the time of data entry and prior to contact campaigns, is the single most important best practice you can implement to mitigate these compliance risks. Let’s look at three of the biggest compliance areas today:

1. Marketing permission

We are increasingly part of an opt-in world, where unwanted marketing contact is often heavily penalized. The wrong email address can run afoul of the CAN-SPAM Act, bad contact data can violate the strict opt-in provisions of GDPR, and texting to a cell phone that has changed hands violates the US Telephone Consumer Protection Act (TCPA).

Few companies intentionally set out to violate laws like these. Instead, violations often occur organically as a result of data quality issues. Bad data comes into your system at the point of entry, contact data changes over time, and existing contacts change roles. Avoiding these preventable risks is one reason why a proactive approach for having clean contact data is central.

2. Breach notification

Something goes wrong. Your customers’ data falls into the wrong hands. How quickly could you notify each of these customers about what happened?

In the aftermath of recent data privacy laws, ranging from the European Union’s GDPR regulation to the Federal HIPAA act for electronic health care data, breach notification has become a key compliance concern for data professionals worldwide. According to this article, such data breaches represent one of the most likely sources of legal exposure, from both individuals and data protection authorities. And breaches themselves have proliferated to the extent that one source even features an “incident of the week.”

This is one area where accuracy AND responsiveness matter from a compliance standpoint. In the former case, risks include failure to notify affected individuals as well as liability for being out of compliance. In the latter case, speed of response is increasingly becoming a matter of law: for example, GDPR requires businesses to “communicate high-risk breaches to affected data subjects without undue delay.” Both cases require rapid access to accurate, up-to-date contact data.

3. Communications with customers

This article from Forbes Magazine points out that an effective data privacy framework starts with a dialogue with your customers. Building trust – and preventing regulatory complaints – requires having accurate channels for communicating your policies and responding to customer feedback.

Mitigating your compliance risks

Having accurate contact data plays an essential role in compliance. Data privacy regulations have proliferated around the globe, and hundreds of regulations exist today. However, achieving compliance is just the start; to be competitive nowadays, accurate data quality and transparent communications channels need to become part of your brand to customers and prospects.

Our data quality solutions help you meet these challenges. We ensure your business has the most genuine, accurate and up-to-date data for your customers, giving you the ability to communicate with your contacts when it matters most. When compliance questions come up or audits happen, be sure your organization is prepared.

GDPR: One Year Later

May 25, 2019 marks the one year anniversary of the implementation of GDPR: the European Union’s General Data Protection Regulation, a sweeping set of data privacy laws replacing a patchwork of regulations from individual European countries.

GDPR has been a hot topic for anyone involved with data who does business in Europe, and the entire industry has been watching its rollout with interest. So where do things stand one year down the road? Here are some trends we’ve been seeing in the press:

One quick win: breach notification. There is a clear consensus among industry observers that the volume of breach notifications was the single biggest immediate change following the implementation of GDPR.

In the aftermath of clear, EU-wide regulations for self-reporting data privacy breaches, such notifications have increased substantially over the past year, with nearly 60,000 breaches reported in the EU over the first eight months of GDPR. Speaking in a recent Slate article, the UK’s Steven Eckersley notes that in his country alone breach notifications are predicted to nearly double from 18-20,000 in 2018 to around 36,000 in 2019.

Compliance – and enforcement – have ramped up slowly. One of the biggest storylines of 2018 in the data industry was how companies struggled to meet this law’s compliance deadlines. 2019 finds these efforts still ramping up: at a recent meeting of the International Association of Privacy Professionals, it was estimated that 50% of covered firms are still in the process of GDPR compliance, a process that may continue for a couple of more years overall.

GDPR was also noted for its potential to levy stiff penalties on companies that did not protect consumer data, ranging up to 4% of annual turnover. However, enforcement efforts have proceeded cautiously to date. Of the roughly 56 million Euros in fines levied against firms for GDPR violations over its first nine months, nearly 90% of this sum was a single 50 million Euro fine against Google, with a majority of fines to date being small ones. However, some analysts expect enforcement efforts towards small- and medium-sized firms to increase in the future.

GDPR is part of a movement. Perhaps the biggest impact of GDPR over the past year lies outside the EU, where new data privacy laws influenced by GDPR are now being proposed in numerous countries worldwide. Here in the United States, new data privacy requirements are coming online in California in 2020, and US Senator Marco Rubio has recently proposed a federal data privacy standard similar to GDPR – and according to DestinationCRM, the latter may in fact be a welcome development for firms compared with the potential need for managing disparate state mandates.

Beyond compliance and enforcement issues, many analysts continue to feel that data privacy initiatives such as GDPR are also fundamentally changing the dialogue between businesses and their customers, creating relationships that are built more on trust and transparency. A year into the implementation of GDPR, it is still a very exciting time to be in the data quality business.

How we can help

If you do business in Europe – or have customers there – GDPR affects you too. In particular, you need to know what countries each of your customers or prospects are based in, to get started with your own compliance efforts.

Visit our GDPR solutions page for an informative solutions sheet and whitepaper report on GDPR compliance, together with details on capabilities such as our DOTS Address Detective – International product – a real-time service that employs fuzzy logic to correct or append country information for compliance purposes. Want to learn more? Contact our friendly technical team to discuss your specific GDPR compliance needs.

The Hidden Benefits of a Good Data Privacy Policy

In most areas of life, negative motivation alone will not create good results. (If you don’t believe me, ask your employees, or your teenage children – or take a look at what research has to say.) When it comes to data privacy, recent studies show very similar outcomes.

Take the European Union’s strict new GDPR data privacy regulations, which went into effect in the spring of 2018. It featured some of the stiffest penalties to date, with potential fines up to the higher of €20 million or 4% of global annual turnover. But even in the face of this kind of financial risk, at least one survey, one month before the implementation deadline, showed that only 40% of companies expected to be ready for GDPR – and only 7% were actually ready.

Benefits of Investing in Data Privacy

Figures like these are all the more interesting in light of a recent benchmarking study from Cisco that shows that businesses actually gain substantial benefits from making investments in data privacy. The report quotes Peter Lefkowitz, the 2018 Board Chairman of the International Association of Privacy Professionals (IAPP), as saying, “This research provides evidence for something Privacy professionals have long understood – that organizations are benefitting from their privacy investments beyond compliance.”

So what are the benefits of a good data privacy policy? Here are the key ones found in Cisco’s 2019 survey of over 3200 data professionals in 18 countries:

Fewer data breaches. Among companies that were ready for GDPR, 74% experienced data breaches versus 89% for those companies that were least ready.

Less impact from data breaches. GDPR-ready companies who subsequently experienced data breaches had less than half the number of records affected versus the least-ready companies. They also experienced roughly a third-less downtime as a result of these breaches, and only 37% experienced losses in excess of US $500,000 versus 64% of the least-ready.

A shorter sales cycle. Because customers expect businesses to address their own privacy concerns nowadays, respondents experienced an average sales delay of 3-9 weeks, with 87% of businesses reporting delays in selling to existing customers or prospects.

Greater customer goodwill. According to Peter Lefkowitz, this study demonstrated that strong privacy compliance “increases customer trust.”

Despite these benefits, some companies are still struggling to catch up with GDPR compliance: 37% of affected companies were still not fully ready at the time of the survey, with 9% being more than a year away. But this survey also showed substantial evidence of other good habits of data governance. For example, over a third had a relatively complete catalog of their data assets, nearly a third had a formal chief data officer, and 40% felt they were “effective in connecting different data assets together to create more value for our customers and ourselves.” These habits, in turn, appear to translate to competitive advantage and tangible bottom-line benefits.

So when it comes to data privacy, it looks like psychologists had it right all along: carrots work much better than sticks. So start looking into the many benefits of better data privacy policies in your own organization, sell these goals to your stakeholders, and then use them as a base for your own organization’s efforts. And remember, when it comes to the automated data quality tools to help make these policies work, we’re always happy to discuss your options: contact us anytime.

Blue phone icons on a screen, one lit up red

TCPA and You: A Look Ahead for 2019

If you do outbound marketing via telecommunications, the Telephone Consumer Protection Act (TCPA) has probably been part of your business agenda – particularly in recent years, as stiffer interpretations of these consumer privacy laws have led to multi-million-dollar judgments against major corporations and others. So what lies ahead for businesses in the next 12 months in terms of TCPA?

The short answer is twofold: in an era of increasing consumer privacy, TCPA isn’t going away any time soon – but as efforts to ease its impact on businesses are making their way through the courts, there is hope for less risk and more leeway in meeting the requirements of TCPA. We will continue to monitor these developments closely, as a key provider of tools for TCPA compliance, but here is a summary of what we are seeing so far.

Three key issues: equipment, consent, and third parties

In a recent video interview with text messaging vendor Tatango, TCPA attorney Ernesto Mendieta highlighted three key issues that are currently the subject of court cases:

  • the definition of automated telephone dialing systems (ATDS)
  • revocation of consent
  • the definition of co-parties.

The ATDS issue is particularly important for many businesses. TCPA prohibits unsolicited calls made via automated dialing equipment; however, a much broader definition of ATDS introduced in 2015 included equipment that could store and dial numbers without human intervention, even if these capabilities were not used. This expanded definition was struck down by an appeals court in 2018, with new FCC guidelines expected in 2019. According to law firm Eversheds Sutherland LLP, businesses are hopeful that these new guidelines will provide a much clearer standard for these devices.

Another key issue for TCPA litigation revolved around whether consumers can revoke consent for contact via ATDS if they have previously agreed to such contact under the terms of a contract. Recent legal cases have tended to rule in favor of businesses, deciding that such contracts override a consumer’s right to revoke this permission, however, case law is not unanimous and further cases are expected to shed more light on this issue in 2019.

Finally, recent court decisions such as this one involving Taco Bell point to more clear boundaries about whether businesses are liable for TCPA violations on the part of third parties promoting their products or services. Here as well, case law is expected to evolve further in 2019.

In general, many of these legal efforts spring from a backlash from businesses affected by recent stiffer interpretations of TCPA, and its fallout in terms of penalties. For example, the National Association of Federally Insured Credit Unions (NAFCU) is publicly urging the FCC to reform TCPA to “separate bad actors who are harassing consumers with unwanted and potentially harmful robocalls from good actors like credit unions contacting their members with valuable information on their existing accounts.”

A new safe harbor for changed numbers

One other major change on tap for 2019 is a new way that businesses can protect themselves against inadvertent marketing calls or texts to numbers that have changed hands. In December 2018 the FCC issued an order calling for the creation of a national database of reassigned phone numbers, for the purpose of reducing unwanted contacts to consumers with these numbers. To encourage its use by businesses, this ruling also includes a TCPA safe-harbor provision for calls to reassigned numbers when the most recent version of this database is checked first.

It is important to note that this new database will not remove the need for good contact data hygiene, particularly the verification of contact phone numbers. Contacting a bad or mistyped number can still open businesses to liability. Given the high percentage of numbers that do change each year, it is still important for the sake of data integrity to verify contact numbers both at intake and before a campaign, using tools such as Service Objects’ DOTS GeoPhone Plus 2 service. However, this new database can help mitigate what has often been a common source of liability.

Summing it all up

The essential purpose of TCPA remains unchanged: businesses still can’t spam consumers via automated telecommunications, particularly wireless devices, without their explicit permission. But there is hope for well-intentioned businesses in 2019, with prospects ranging from clearer legal requirements to better tools and safe harbor provisions for inadvertent marketing contact.

Here at Service Objects, we will continue to keep abreast of how TCPA and its enforcement continues to evolve in 2019. In the meantime, we are always happy to consult with your business to help you find cost-effective solutions for TCPA compliance – contact us anytime.

Photo of a judge's gavel in front of a Canadian

Canada’s New PIPEDA Law: What It Means for You

If you do business with customers in Canada, an important new privacy law has taken effect as of November 2018: The Personal Information Protection and Electronic Documents Act (PIPEDA). People are already starting to refer to PIPEDA as Canada’s version of GDPR, the sweeping privacy regulations implemented in May 2018 by the European Union.

There are some common denominators between PIPEDA and GDPR. Both mandate acquiring explicit customer permission for the use of personal information, as well as disclosure of how this information will be used. Both also require breach notification in cases where personal information has been compromised: in Canada’s case, notification must be made to that country’s Privacy Commissioner a well as to affected parties. Other common threads include requirements to maintain accurate and secure data, giving individuals access to their own data, and the need for a formal compliance officer.

Getting started with PIPEDA

The Canadian government has published a downloadable guide to help organizations understand and become compliant with the new PIPEDA law, entitled Privacy Toolkit: A Guide for Businesses And Organizations. It provides an overview of the law and its principles, together with descriptions of its complaint handling procedures and audit provisions.

PIPEDA compliance revolves around ten principles that businesses must follow:

1. Accountability. Comply with these principles, appoint an individual responsible for compliance, protect information handled by you and third parties, and develop policies and practices for personal information.

2. Identifying purposes. Document and inform individuals why information is being collected, before or at the time it is collected.

3. Valid, informed consent. Specify what information is being collected, used or disclosed along with its purpose, and obtain explicit consent – before collection, and again if a new use of their personal information is identified.

4. Limiting collection. Do not collect personal information indiscriminately, or deceive or mislead individuals about the reasons for collecting personal information.

5. Limiting use, disclosure, and retention. Use or disclose personal information only for the purpose for which it was collected or consented to, keep personal information only as long as necessary, and have policies for the retention and destruction of information that is no longer required.

6. Accuracy. Minimize the possibility of using incorrect information when making a decision about a person or when disclosing information to third parties.

7. Safeguards. Protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.

8. Openness. Inform customers, clients and employees that you have policies and practices for the management of personal information, and make them understandable and easily available.

9. Individual access. Provide individuals with access to their personal information on file with you, along with how and to whom it has been disclosed, as well as the ability to correct or amend this information.

10. Challenging compliance. Develop simple and easily accessible complaint procedures, inform complainants of their avenues of recourse, investigate all complaints received, and take appropriate measures to correct information handling practices and policies.

Some important distinctions

While the goals of PIPEDA are very similar to those of other privacy regulations such as GDPR – and many of the same compliance strategies will apply to both markets – there are some key differences with Canada’s new regulations. Here are two of the more important ones:

A focus on mediation. Compared with other global privacy regulations, which often carry stiff financial penalties, PIPEDA is designed to enforce privacy laws through mediation where possible. However, this does not mean that the law is without teeth: both complainants and Canada’s Privacy Commissioner can apply for a Federal Court hearing and potential damage awards. In addition, specific violations such as intentional destruction of requested personal information or whistleblower retaliation may be prosecuted as offenses.

Limits on scope for employee data. Unlike GDPR, the PIPEDA law’s application to employee data only applies to federally regulated entities such as banks, airlines and shipping companies (although some provinces have stricter provincial privacy laws). For consumer data, however, PIPEDA applies to personal data from all Canadians.

Knowing the location of customers is key to PIPEDA compliance

Contact data quality is no longer an option when dealing with the Canadian market. Service Objects has been at the forefront of helping firms with their compliance efforts for data privacy regulations, including flagging the geographic location of customers and prospects, which is key to getting started with any compliance effort.

Contact us for more information about how our data quality solutions can help your business.

Saving More of Your Labor this Labor Day

Labor Day is much more than the traditional end of summer in America: it pays tribute to the efforts of working people. It dates back well over a century, with one labor leader in the 1800s describing it as a day to honor those “who from rude nature have delved and carved all the grandeur we behold.” And we aren’t forgetting our friends in Europe and elsewhere, who celebrate workers as well with holidays such as May Day.

As we celebrate work and the labor movement – and enjoy a long holiday weekend – we wanted to take a look at some of the ways that we help you save labor, as you try to carve grandeur from your organization’s data. Here are some of the more important ones:

Validation and more. Let’s start with the big one. For nearly two decades, the main purpose of our existence has been to take the human effort out of cleaning, validating, appending, and rating the quality of your contact and lead data. Whether your needs involve marketing, customer service, compliance or fraud prevention, these tools save labor in two ways: first, by saving you and your organization from re-inventing the wheel or doing manual verification, and second, by saving you from the substantial human costs of bad data.

Ease of integration. What is the single worst data quality solution? The one that gets implemented badly, or not at all. One of the biggest things our customers praise us for is how easy it is to implement our tools, to work almost invisibly in their environment. We offer everything from API integration and web hooks with common platforms, all the way to programming-free batch interfaces for smaller or simpler environments – backed by clear documentation, free trial licenses and expert support.

Speed and reliability. As one customer put it, “milliseconds matter” – particularly in real-time applications where, for example, you are validating customer contact data as they are in the process of entering it. Our APIs are built for speed and reliability, with a longstanding 99.999% uptime and multiple failover servers, as well as sub-second response times for many services – so you don’t waste time tearing your hair out or troubleshooting responsiveness issues.

Better analytics. Your contact data is a business asset – put it to work as a tool to gain business insight for faster, more informed decision-making and market targeting. You can target leads by demographics or geocoding, enhance your leads with missing phone or contact information, or leverage your customer base for better decision support, among many other applications.

Customer support. We recently interviewed a major longtime customer about using our products, and when we asked them about support they gave us the highest compliment of all: “We never need to call you!” But those who do call know that our best-in-class support, staffed by caring, knowledgeable experts who are available 24/7/365, represents a large savings of time and effort for our clients.

We hope you enjoy this Labor Day holiday. And when you get back, contact one of our product experts for a friendly, pressure-free discussion about how we can create less labor for you and your organization!

 

Compliance and Address Insight

The golden rule of marketing has always been, “know your customer.” In today’s regulatory environment, however, it might be more accurate to say, “know your customer – or else!” Nowadays customer data – particularly in areas such as geocoding and demographic data – are often central to maintaining compliance with a wide range of regulations, in the financial world and elsewhere.

In response to this, Service Objects has just released a powerful new capability to help automate the gathering and analysis of geolocated consumer data: Address Insight – US. It provides address standardization, address geocoding and demographic information together in one real-time service, and is designed to serve a wide range of applications ranging from compliance to targeted marketing.

Examples of financial compliance issues

Let’s look at some of the areas where address insight can benefit your compliance efforts:

  • The Community Reinvestment Act (CRA) requires federally insured lending institutions to provide lending opportunities to low-to-moderate income communities – and in particular, prove that they are not “redlining” specific neighborhoods and denying them credit. One of the key performance criteria for evaluating CRA compliance is your geographic distribution of loans.
  • The Home Mortgage Disclosure Act (HMDA), enacted by Congress in 1975, requires lenders to publicly disclose data regarding their mortgage lending activities. While this is a disclosure law with no implied quotas, HMDA also serves to ensure that lenders do not contribute to the decline of specific geographic areas by failing to provide adequate mortgage financing.
  • For consumer lending in general, the Federal Financial Institutions Examination Council (FFIEC) has a set of Fair Lending Examination Procedures used to audit lenders for evidence of lending discrimination. These reviews include an analysis of geographic patterns in lending to seek evidence of “redlining” or neighborhood-based discrimination.
  • Conversely, certain real estate transactions may be subject to Geographic Targeting Orders (GTO), which are enhanced identification and record-keeping requirements imposed by the Federal Financial Crimes Enforcement Network for expensive real estate transactions in areas that are prone to money laundering activities. For example, as of 2017 transactions of $3 million or more in Manhattan or $1 million or more in parts of Florida were subject to GTOs, along with numerous other metropolitan areas.

A solution for compliance and beyond

Of course, there are numerous applications beyond compliance for geocoded address insight. For example, academic researchers can use address insight to study specific neighborhoods – for example, the University of Chicago divides the city of Chicago into 75 defined communities that correlate with tract information, and can be used as study variables. And of course, the combination of location insight and demographic data can be a very powerful tool for market targeting.

For compliance applications, Service Objects’ Address Insight – US provides data such as MSA code, state code, county code (FIPS), and tract number for addresses for FFIEC compliance. It also includes all the benefits of Service Objects’ flagship address validation and standardization capabilities, as well as appended demographic information such as household values and incomes by ZIP code.

As with all Service Objects services, Address Insight – US is available through APIs that can be interfaced directly to most contact data automation platforms, as well as convenient batch list processing for smaller applications or specific datasets. Contact us for a free 500-transaction trial key, and see what this new tool can do for you!

How Location Intelligence Benefits Your Business

What is location intelligence, or LI for short? According to geomarketing firm Carto, it is the process of transforming location data into business outcomes. Today LI has become a very hot field, with projected revenues of over US $16 billion by 2021.

You probably use location intelligence in your business already, perhaps without even knowing it. If you sell to specific geographic markets, have seasonal variations in your sales patterns, or market to a targeted demographic, location data is probably part of your marketing mix. This is how we avoid pitching winter coats to people in Hawaii, or selling farming tools on Wall Street. But its applications now go far beyond marketing, into nearly every aspect of modern commerce.

How Location Intelligence works

Today’s LI works by marrying the benefits of geocoding and big data. It turns address data into exact latitude and longitude coordinates that frame information such as its census tract and usage, which in turn can be linked with associated data such as demographics, zoning, or spending patterns.

In much the same way that CRM provides you with a wealth of customer-based insight, LI can add the power of this accumulated location-based data to your business decisions. Here are some examples:

Compliance: Geospatial data can form an integral part of documenting compliance with regulations targeted at specific demographics or geographic areas. For example, the banking industry’s Community Reinvestment Act (CRA) and Equal Credit Opportunity Act (ECOA) requires lenders to support the needs of lower and middle-income borrowers as well as avoid discriminatory lending practices. And in another example, one of New York State’s largest cable providers was recently ordered to leave the state over charges of breaking commitments to roll out broadband services to rural areas.

Fraud prevention: Your bank receives a loan application from a new customer with a swanky business park address – which actually turns out to be an abandoned industrial area. Or the loan proceeds are being spent in areas of high drug trafficking or known financial crime. According to fintech expert Kenneth Goodwin, these are just two examples of how location intelligence can prevent or investigate financial fraud.

Targeted marketing: Once upon a time, companies decided where to place a billboard based on counting how many cars drove by. Today, according to ESRI’s Marianna Kantor, the out-of-home (OOH) advertising market – encompassing everything from news kiosks to municipal buses – can tap into a rich array of anonymized financial and demographic data, fed by everything from GPS data to smartphone use. At a broader level, location intelligence promises to vastly improve the granularity with which marketers can target their efforts using any channel.

Location-based offers: Suppose you walk into a ballpark, and a text message pops up on your phone offering discounts on a seat upgrade or in-game video highlights. This isn’t science fiction: it’s happening today with real-time applications such as Major League Baseball’s Ballpark smartphone app, which links ticket purchases and geospatial data to customize the live baseball experience. In the future, the potential to customize location-based customer experiences is nearly unlimited.

Putting Location Intelligence at your fingertips

Want to quickly add the power of location intelligence to your contact data processing? Service Objects offers capabilities such as Address Geocoding, which turns US or Canadian addresses into geolocation coordinates and associated data including census tract, county and block codes, and proximity to water, as well as our GeoPhone and GeoPhone Plus services that work from your telephone contact data. Use them as standalone services, or link them with other address-based data tools such as block-level demographics for a broader picture.

Any of these tools can be integrated directly into your marketing or CRM platform via a real-time API, or via a convenient batch interface for smaller applications. And you can try them out for free right now on our website, with no registration required.