by Hans Timmerman
The information balance between governments/organizations and their citizens/customers has become increasingly skewed over the past decades. Political motives and resulting legislation compel executing organizations to collect excessive amounts of data about their citizens or customers. Meanwhile, privacy laws simultaneously restrict how they can use this collected data. Without explicit consent from the citizen or customer, the use of this data is minimal. This leads to significant excesses and/or inefficiencies, as seen in the benefits scandal and now with the implementation of the Wwft (the law to prevent money laundering and the financing of terrorism). In both cases, the political efforts to prevent fraud and terrorism have gone so far that executing organizations are effectively forced to trample basic human rights. That this leads to mishaps and excesses is understandable. How can we restore this balance?
The Wwft: What Can and Should We Do with It? These challenges in implementing the Wwft were specifically discussed on Thursday, June 13, during the traditional Risk & Compliance Annual Congress. Banks, payment service providers, and trust offices are confronted with this very complex law. Many professionals in the field wonder how to deal with it in practice. The intent of the law was good: to combat money laundering and the financing of terrorism. But in practice, it has spiraled out of control. Financial institutions, in particular, are currently overreacting in their fear of various heavy penalty-imposing regulators. And there are quite a few regulators. In addition to De Nederlandsche Bank, the Netherlands Authority for the Financial Markets (AFM), and the Bureau for Financial Supervision, there are also the Bar Association, the Ministry of Finance, and the Gambling Authority. The fines frequently amount to hundreds of millions.
Many organizations are affected, including accountants, notaries, real estate traders, and even safe deposit box lessors. What are ‘unusual transactions’ that must be reported to the Financial Intelligence Unit (FIU) of the government? Who determines what is unusual and when it is indeed unusual? The easier it is to collect data, the easier it becomes for politicians to raise the bar on what we want to inspect. The precision with which we can measure today leads – as seen in the nitrogen affair – to the undesirable situation of measuring ‘everything as accurately as possible’ and basing exceedance norms on the smallest deviations we can measure. This results in overreaching risk management and enormous administrative costs for minimal results.
Data Hunger Leads to Excesses Digitalization makes measuring and collecting data easier. We not only generate more data, but massive ‘data trails’ about everything we do as citizens and customers are also created unnoticed. Down to the smallest details. Additionally, it is visible in the smallest details what went well, but especially what went wrong. In the benefits scandal, we saw that failing to check a single small ‘box’ could lead to investigation and suspicion. The same is now evident in the implementation of the Wwft: a minimal, unknown financial transaction can already lead to scrutiny and suspicion. For the customer and citizen, this suddenly means: guilty until proven otherwise. Completely contrary to human rights!
This contradicts our legal principle: you are only guilty once the court has proven it. Unlimited data collection without protection or involvement of the consumer, customer, or citizen is one of the greatest threats to our society. The necessary oversight on money laundering leads to a market of companies that go to extremes to collect all possible data: ‘the more, the better’ is the adage. Whereas ‘In der Beschränkung zeigt sich der Meister’ should be the approach. More is not necessarily better. On the contrary. Sometimes we drown so much in data that we as an organization no longer see and recognize the information and intelligence derived from it. Then we quickly think it might be wrong.
Unequal Information Position The confrontational day at Risk & Compliance on the Wwft, as well as the experiences of the benefits scandal – initially very rapid suspicion and now excessive repayments – show that it is impossible for large bureaucratic executing organizations to adequately assess these growing volumes of data. We see ethical derailments because, quite logically given the fines, the safe option is chosen over the uncertain one. The citizen who might commit fraud, the customer who might launder money. While a simple question or conversation could have eliminated that unwarranted suspicion. The citizen or customer knows less and less about what the government or bank knows about him or her, but the reverse is perhaps even worse: the government and bank know even less than the citizen or customer knows.
In this sea of data, not only the civil servant and bank employee drown but also the citizen and customer. This creates a deficient, undesirable, and even unlawful inequality in information positions on both sides. Due to privacy laws, the government or bank cannot ‘just’ use all the data found without targeted consent from a citizen or customer. While that citizen or customer could immediately dispel any ‘wrong doubt’. The civil servant or bank employee often does not know which other relevant, suspicion-dispelling data is available elsewhere within his own organization. Insight into the organization’s own data collection is one of the greatest stumbling blocks. Data scattered in many silos and in unconnected application environments, out of sight of the organization and the citizen or customer.
Restoring Balance: A Mutually Equal Information Position Privacy laws and the National Archives Act require organizations to handle data more carefully. Data they manage on behalf of or for a citizen or customer. Also, data they have collected about this citizen or customer. Data stored and kept in many places within their organization. The growing stream of digital data, including all the ‘ephemeral’ chat data that must now be preserved, only exacerbates the problem. The only solution to this growing problem is to get all created and received data ‘as quickly as possible properly centrally available’. A sort of real-time, open archive, but an archive at the front of the lifecycle.
The citizen or customer gains insight into the information the organization has about him or her by accessing this ‘open archive’. Information that may sometimes be incorrect, incomplete, or contain wrong documents. A shared file where both the citizen, customer, civil servant, and bank employee can once again – but now digitally – have a truly open conversation at the counter. Synchronizing their files. Ensuring that both have the same information on which the citizen, customer, civil servant, or bank employee can base their common conclusions and decisions. With all the targeted consent in terms of privacy and confidentiality, because the civil servant, bank employee, citizen, or customer themselves controls and inputs their data.
ArQiver: Pre-Archiving and Active File Sharing The benefits scandal prompted an investigation into why everything went so wrong and what – from a data insight perspective – could have prevented or at least minimized it. Two problems emerged: no central governmental overview of all available data and the resulting information inequality between citizen and civil servant. The logical recommendation led to the simple conclusion that data should be archived as quickly as possible and that this archive should be immediately open to both involved civil servants and citizens. Citizen and civil servant both looking into the same file. Both can update, check, and supplement the files. Both can consent to data sharing. This ensures an equal information position between citizen and government. Or with the Wwft: between customer and bank.
A few young entrepreneurs started using modern technology and software to build a solution. Quickly and automatically, at the beginning of a formal lifecycle, information is immutably recorded in an open archive. Not only formal document streams but also the more transient data like email and chat data around it. Millions of documents and objects per day. Provided with labels, metadata, and relevant context. Persistently stored so that no data is changed afterward. Just like a ledger where errors can only be updated in new versions. An open archive that provides citizens and customers with access to their files via a mobile app, enabling them to view and co-manage their files. This product was introduced this month and will officially hit the market in August: ArQiver. A revolutionary solution that fundamentally changes the paradigm of our democratic data management. Releasing information as quickly as possible in an open manner and making it available both internally and via a mobile app for every citizen or customer. The end of the undesirably grown information inequality that has unfortunately led to many mistakes, wrongful suspicions, and enormous personal damage. Even in terms of information inequality, the sun will shine again…
Tha author, Hans Timmerman, is an IT expert and Trendwatcher.