GDPR will lead to a dramatic leveling of the playing field between incumbents and new entrants.
Our colleagues at BRINK are running stories on the implications of the General Data Protection Regulation (GDPR), and we thought this piece from our Oliver Wyman colleague Kaijia Gu especially relevant for our insurtech audience. Having crossed the long-awaited threshold of the General Data Protection Regulation (GDPR), the door to the new regulatory era is finally open. Revised laws protect and empower European Union citizens’ data privacy, and consumers can take ownership and control of how their personal data is used and shared. For most organizations, this will be a radical shake-up across the region of how they approach data privacy—with sizeable financial and reputational consequences. Until now, GDPR discussions have largely focused on compliance requirements. As a risk-conscious sector, most large insurers and wider financial services firms have been diligently carrying out GDPR readiness programs, ensuring all compliance “boxes” have been firmly ticked. For some, GDPR is simply a hugely expensive compliance exercise. Yet, treating GDPR as merely a governance issue would not only miss potentially significant strategic opportunities, but also pose a threat should someone else get there better and faster.
Leveling the Playing FieldGDPR gives ownership and control of data usage back to customers; large companies that capture and use consumer data can no longer claim this data as their own asset. Crucially, at a customer’s request, organizations need to allow data to be transferred to any third party. This will lead to a dramatic leveling of the playing field between incumbents and new entrants. Until now, the gap in “data assets” and the insights they generate has been a barrier to entry for all large insurers. But post-GDPR, large incumbents will no longer have a monopoly on consumer data and will need to defend their market positions with different competitive advantages. On the other hand, this is great news to new entrants, especially to ambitious and nimble insurtech startups, for which data previously was difficult and expensive to acquire. The innovative business models of the future will no doubt combine profound data insights with seamless user experience, smart recommendation and advisory capabilities empowered by artificial intelligence, and other value-added services.
Transforming Policy RenewalsCurrently, most insurers tend to make money only when customers renew their policies. For many years, insurers have relied on lengthy quotation forms and clunky comparison processes to deter customers from taking their business elsewhere. In today’s time-poor world, many customers have stayed with their existing insurer out of sheer convenience. This accounts for the bulk of insurers’ total profit and reinforces the profit signature cycle of upfront losses compensated for by large renewal profits. Home insurance firms have attempted to change this, but for motor and most other personal and commercial insurance, the process is still very time-consuming and often frustrating. But what if filling in cumbersome questionnaires could be circumvented with one click?
The One-Click Game-ChangerPost-GDPR, one significant game changer will be the “one-click quote.” This easy lifting of personal data from an existing supplier (with a customer’s consent) poses the major threat of increased attrition levels and massive profit erosion. With data no longer “walled in” by incumbents, organizations will need to apply fresh thinking to how they differentiate themselves to seize a competitive advantage. For increasingly discerning clients, a smooth customer experience will be regarded as the baseline. Two notable additional questions will be on the minds of future insurance customers:
- ‘Is my data safe?’
Another important survey insight is that the top three categories of businesses that consumers tend to trust with their data include two insurers: health insurers and motor and home insurers. Combining a trustworthy name with convincing proof of data and privacy protection could give well-established incumbents a competitive advantage over the newer entry players, which are only establishing their reputations.
- ‘Am I getting value from sharing my data?’