Posted on: Tuesday 21st of February 2017
The General Data Protection Act (GDPR) is the initial regulatory response to a fundamental shift happening at the heart of our economy: the digital (and data) revolution. Digital has irrevocably changed, and will continue to change, the way in which individuals interact with organisations, and vice-versa, and the ways customer data is used to create value. For businesses, and consumers alike, it is easily the most important, impactful regulation in recent times.
Customers’ digital data – nowadays generated through all manner of interactions online, via mobile, tablet, and increasingly IoT and connected devices – plays a critical role in service based economies and is essential to innovation and growth; is the life-blood of value creation. Businesses’ individual strategic response to GDPR will dictate what level of access to customer data they can successfully achieve, and consequently, in the long-term, the choices they’re able to make, the opportunities open to them, and fundamentally, how effectively they’re able to compete in market.
So what are the challenges?
Our own market analysis shows that a compliance lead approach, for some businesses, could result in as much as a 20% loss of their contracted customers, and the loss of permission to market to a further 60% of customers. Relying on customer inertia as a means of sustaining custom will no longer be viable; businesses that attempt to behave ‘as normal’ will experience a rude awakening and be hit hard.
New consumer rights around permissioned consent and anonymity – the ‘right to be forgotten’ – mean businesses could lose access to a significant proportion of their customer base, leaving them unable to effectively market their products and services. Costs will go up (especially those associated with new customer acquisition) as churn increases, resulting in suppressed margins.
Finally, GDPR will be a catalyst for disintermediation. Consumers will be able to share the data any single business holds about them with other companies. The competition will then be able to drive a wedge between customers and the incumbent supplier by creating new layers of value. The incumbent businesses will be left to pick up the fixed costs whilst the challenger will benefit from the new relationship and the stolen margin.
The cost of compliance versus the value of investment
Research by Ctrl-Shift shows that it will cost large corporates between £25m-50m to merely become GDPR compliant; but for an incremental spend of between £2m – £5m GDPR can be transformed into a revenue generating activity. In short, there are only two options for businesses to take: Spend it and Sink it or Spend it and Grow it. The former sees businesses succumb to standard compliance, dotting the Is and crossing the Ts, resulting in a dramatic loss of opportunity, customers and revenue, whereas the latter embodies Ctrl-Shift’s strategic approach to GDPR, enabling businesses to invest in the early steps along a path towards sustainable relationships and growth through co-created customer and business value.
By using GDPR as a strategic driver for growth, businesses will be able to generate new revenue by building new innovative consumer services; digital experiences which add value to consumers’ lives, helping them to achieve their objectives and get jobs done. The upshot will be a positive impact on customer loyalty and retention. All of this, underpinned by new-age marketing capabilities, will serve to build trusted relationships between businesses and their customers.
We can take you there
Ctrl-Shift is already helping organisations to navigate the GDPR with a programme of activity designed for growth. Using our extensive market experience, knowledge and IP, we are supporting business leaders to make informed strategic choices about how GDPR will be implemented across their businesses. By building out new marketing capabilities, new organisational structures and through identifying customer service opportunities, we are delivering a growth agenda which is driving competitive differentiation. Our clients are able to protect their existing revenue streams, whilst driving long-term sustainable growth.
GDPR is more than a regulatory response, it is a choice that hits at the heart of businesses’ digital future. It is a choice of survival.