One of the biggest behavioural shifts brought on by the pandemic is the increase in remote working and remote services. While remote working and online services were standard for some businesses pre-COVID 19, some have struggled to make the switch and operate effectively. Regardless of their remote working and service provision savviness pre-COVID 19, businesses are starting to realise the significant benefits of virtual working and services: cost saving, culture boosting or otherwise. We have highlighted below some of the issues to be considered when making virtual working and service provision part of the ‘business as usual’ operations.
Going from bricks-and-mortar to digital
In many industries, COVID-19 has accelerated digital transformations and reshaped the provision of services as well as the customer experience.
As businesses have been forced to shut down their retail stores or reduce their retail services offering, many companies have retooled their services model and moved from bricks-and-mortar stores to online channels. In addition, new technologies that were previously not widespread are now becoming the norm. One particular example of this is the banking sector where more and more banks have started using biometric data to facilitate digital onboard. Whereas previously customers needed to come into a branch to provide proof of their identity, more banks now allow customers to upload a photo of their ID/passport as well as a selfie and then use facial recognition to match the selfie against the ID/passport to verify the identity of the customer. This method was mainly used by challenger banks such as Revolut but is now being increasingly used by more traditional retail banks. That said, the use of biometric data as part of facial recognition qualifies as so-called ‘special category data’ which enjoys a higher degree of protection under data protection laws as it is considered particularly sensitive. Companies and financial institutions using biometric data will need to bear this in mind and design the process in accordance with data protection principles.
Death of the traditional call centre?
Apart from customer facing services, customer support services are also undergoing a change. Traditional call centres have proven to be susceptible to disruption as lockdown measures have in some instances prevented call centres from being manned. Given the centralised model where all information is stored on a central company server and cannot be accessed remotely, the traditional call centre model has also shown a lack of agility. Companies that had already set up a digital support infrastructure where employees could work and access customer information remotely have proven to adapt better to disruptions resulting from COVID-19 compared to companies with a traditional call centre model. As a result, there has been a growing trend for companies to move to virtual call centres.
In addition, many companies have started automating processes to reduce the strain on human resources and to save costs. AI-driven chat bots are being increasingly used to respond to standard queries and requests. That said, businesses will need to be mindful that any decisions about individuals taken as a result of AI are likely to be a form of automated decision-making. From a data protection point of view, this requires companies providing individuals with meaningful information about the logic involved and AI functionalities will need be developed with this in mind.
Investment in cloud technologies
Remote working and digital service provision are only as good as the technology and systems underpinning them. Given the costs usually associated with building up new IT infrastructure, many companies have been moving their operations to the cloud as a cost-effective alternative.
Broadly speaking, cloud technologies allow businesses to access systems, software and services online rather than acquiring (and incurring costs for) hardware or installing software on their systems. Cloud service providers like AWS and Microsoft Azure have experienced significant uptake in services despite the general slowdown in business activity during the pandemic as many people started working from home. Some examples of cloud services that have been widely used (and will likely continue to be used post-COVID 19) are:
- Remote communication tools: Communication tools like Microsoft Teams and Zoom have increasingly been used by businesses to collaborate virtually.
- Data mining and analytics: Businesses are increasingly harnessing the power of AI, machine learning and cloud-based data centres and analytics tools to analyse large volumes of data. The insights gained from this process feed into customer targeting initiatives, product development and other important tasks. The scale of cloud service providers’ infrastructure allows sophisticated (and global) data analysis of this nature to be undertaken with ease.
Although the benefits are clear, cloud computing does also raise some important points to consider.
Operational resilience
Operational resilience has become a hot topic in recent years, partly spurred on by the increased use and reliance on technology (and in particular, cloud technologies). The key principle of operational resilience is that business’ systems should be robust enough to withstand a number of operational issues and, when operational issues do occur, those systems should be able to bounce back quickly and with minimal disruption to the relevant business and its consumers. Many financial regulators in the UK are in the process of introducing new rules relating to operational resilience (with a significant proportion of the rules dedicated to cloud technologies). Once these rules are implemented, in scope businesses will require more from their technology service providers in order to ensure that they are compliant with the relevant rules, meaning financial institutions and technology service providers will need to understand the changing landscape. We are already seeing this with the likes of the European Banking Authority (EBA) guidelines on outsourcing, where major technology service providers have separate terms for financial institutions subject to operational resilience obligations.
Cybersecurity
IT and cybersecurity form the cornerstone of cloud service providers’ offering and many cloud service providers invest significantly in the security of their systems on that basis. Although this presents clear advantages to customers, the interconnected nature of cloud offerings means that when cloud systems go down, they can significantly impact business operations. The global nature of the service provided by cloud providers also make them attractive targets for cyberattacks. As such, businesses should ensure that the service levels, security and business continuity measures implemented by technology providers are fit for purpose.
