Key's $5 Million System Monitors All Customer Contacts

Some banks are indeed responding to the privacy challenge by "creating a new business model," according to Michael Haney, senior analyst of Celent Communications in New York. Instead of passively accepting the rising burden of regulation, they are seeing it as an opportunity to further tailor marketing efforts to their customers, he says.

During a one-and-a-half year period in 2000 and 2001, for example, KeyCorp invested $5 million to create a central data system to aggregate information from 120 separate systems in businesses across the bank and its affiliates. KeyCorp has four million household accounts among its affiliates. The new system, which KeyCorp built itself, allowed the bank to meet current and future privacy regulatory requirements, while also improving its ability to more tightly focus its marketing efforts. In fact, all lines of business at the bank, including marketing, were involved in designing the new system.

Instead of devising a system that would be limited to complying with existing federal privacy laws, KeyCorp wanted to meet potential new and tighter privacy regulations on the federal level, as well as potentially stricter state rules, Dean says. In addition, KeyCorp wanted to be able to comply with do-not-call and/or do-not-mail requirements and requests.

By creating a single central list of customers, KeyCorp was able to oversee its privacy policy notices from a central location. Thus, it could eliminate duplicate mailings for various affiliates and divisions, saving printing costs and mailing costs for its annual privacy notices. While requiring a major up-front investment, the new system saves the bank money on annual operating costs for managing its privacy policy.

Designing the system posed "huge technology issues," Dean says. The central system had to be able to take the feeds from all the original systems used across many lines of business. And it had to determine if a client was a new customer, provide a privacy policy only when needed, and update the central database. The latter was necessary so the bank maintains in one place a single list of all its customers, without duplications. More importantly, according to Dean, the new system allows customers of the bank and its affiliates a range of options concerning information-sharing, marketing and preferences on channels of communication.

Dean divides the new system into a sharing component, which governs information-sharing, and a solicitation component, which covers the marketing of products and services. KeyCorp believes the addition of the solicitation component helps give the bank a competitive advantage.

When customers first come to KeyCorp, they are given the opportunity to indicate whether or not they wish to receive solicitations by phone, fax, U.S. mail or e-mail. KeyCorp even gives customers a chance to say they do not want solicitations stuffed into their monthly statements. The opt-out approach to monthly statements paves the way for KeyCorp to send out its privacy notices inside monthly statements for all those who did not opt out, saving postage. Customers at KeyCorp are also asked about their future plans and what events might trigger a potential need for a product or service from the bank and any of its affiliates.

In KeyCorp's approach, the bank is not just removing people from various marketing channels as required by law, but it's also expanding the options and list of opt-outs available. At the same time, it's determining how the customer might be approached in the future and which channels the customer prefers.

Information on customers' marketing channel preferences can be entered into the system by any affiliate and the information is shared by all affiliates. For example, if someone from the brokerage division calls a customer, who says he does not want to be called in the future, the customer is asked which channels are preferred. Do-not-call instructions then go out to the entire system, with information that the customer prefers direct-mail solicitations.

The new privacy system at KeyCorp also prevents information-sharing across affiliates — going beyond current and even anticipated requirements. When someone at any affiliate tries to access information on a customer who does not wish the information to be shared, "a window pops up to say this person has opted out," explains Dean. This alerts the bank employee not to go further to access information.

KeyCorp's system can handle, for example, a requirement that customers proactively opt in to information-sharing and marketing, as is now required in California. "I can throw a switch and opt them all out," Dean says, referring to California customers in KeyCorp's system.

After rolling out its new system and putting into place all its new capabilities, KeyCorp found that it had an opt-out rate of between 3% and 3-1/2%. This is slightly above the estimated industry average of between 2% and 2-1/2% for Federal Credit Reporting Act and Gramm-Leach-Bliley Act opt-outs, according to Dean.

Having been involved with the development of the system, the bank's various lines of business are happy with its capabilities and how it helps maintain the bank's ability to cross sell, according to Dean. He says the system will be upgraded in the future as the needs of those business lines evolve.

But what do the customers themselves think? Dean says KeyCorp does some random customer opinion sampling on privacy issues, but not enough to reach definitive conclusions. While he himself has occasional conversations with customers, most of those involve specific complaints, so this feedback is not representative of the larger customer base.

The basic problem, Dean adds, is that privacy regulations and policies, by their very nature, can't easily be distilled down into simple, customer-friendly language. "If you think that's easy," he says, "try reading the fine print on a satellite dish offer, credit disclosure, or the instructions that come with your new software."

— Robert Stowe England