At LeadsMarket, we pride ourselves on looking out for our lender-partners. This week we wanted to highlight the importance of limiting the number of “cooks” in your business “kitchen.”
It’s true there may be a benefit to outsourcing certain functions of a business–operations, HR, marketing, etc. It’s impossible to do everything oneself. But, by the same token, the more people that are involved in a business process, the greater the risk of unintended consequences.
High-profile examples of major breaches caused by negligent third parties include Target in 2013 and Universal Music Group in 2018. For UMG, everything in their cloud data storage was exposed–including passwords, credentials, and internal files–all because of one contractor with weak data security practices.
Of course, Target and UMG are titans, so despite the massive costs they incurred, they survived. But in the small dollar consumer finance industry, serious problems like data breaches, leakages, or enforcement actions can have far more disastrous results.
DTI/Price Waterhouse Coopers states that “7 out of 10 small firms that experience major data loss go out of business within a year.” Or as Bryan Gale, the Chief Product Officer of CyberGRX put it, “The amount of damage a single contractor with lax security controls can do is staggering.”
Indeed in our industry, the FTC is turning its attention to lead generation practices. From the FTC: “Security claims are more than just cut-and-pasted boilerplate. Like any other objective representation, they need the support of solid substantiation.” This means they expect responsible Lead Generators to only pass sensitive consumer data to those with proper controls in place. Likewise, they will hold lenders responsible for any data breaches occurring from using lax 3rd party processors.
Good businesses only allow sensitive consumer information to be passed to a third party with strict controls and good data security practices in place.
This is why LeadsMarket emphasizes compliance. The entire lead generation ecosystem requires more transparency and protections than ever, and trusting flimsy agreements with third parties can be extremely dangerous for lenders, borrowers, and networks alike for the following reasons:
- Your lead data may be sold to other third-party marketers.
- With thin protections for consumer data, it increases the risk of complaints.
- Trusting a third party with your data increases the risk of data breach.
- Every additional layer can slow down processing time and lead to more tech errors.
Bottom line, you put yourself and your business at risk when you expose sensitive consumer info to a third party with minimal controls or contractual limitations.
If you have any questions about our lead generation process, or if you want some advice about industry regulations and compliance guidelines, don’t hesitate to reach out to your account manager. We can even put you in touch with our Compliance Department if you want to know more about legal specifics. We’re here to help however we can.
With the right cooks in the kitchen, success tastes sweeter!