While the main impact of the implementation of GDPR thus far has been on email subscriptions, the regulations have other repercussions for financial firms when it comes to the use of automation.
The rules state that individuals have the right to “not be subject to a decision based solely on automated processing”, unless this is absolutely necessary and based on the person’s explicit consent.
This has led to predictions that mortgage applicants will be able to demand that their case is reviewed by a person, rather than through a lender’s automated decision-making, or to call for previous application decisions to be reconsidered.
Lenders may also need to be more open about precisely why cases have been refused.
Sue Maclure, head of data at Psona Data, said that lenders would be well advised to consider a system which flags up why cases are being turned down, so that they can determine when it would be useful to apply human intervention, though she added: “That’s a commercial call around transparency and operational processing rather than a legal one.”
Maclure continued: “I think it’s a good thing that banks need to give some guidance as to why loans/mortgages are being turned down, but I don’t think it’s helpful for them to lend money that can’t be paid back, so there’s a middle ground somewhere.
I can see a movement where particular banks get a reputation for having too harsh or too open rules about how much they lend – or whether there is perceived unreasonable bias in their rule, which would result in an investigation.”
Why has the case been rejected?
David Hollingworth, director at L&C, noted that lenders currently do not give much feedback when a case is declined.
He continued: “You may get an indication if it was a credit issue, but very often there won’t be a great deal of information. It may not be down to a single issue, and that’s where some people get frustrated. You can have a combination of different things which are adding up to cause a lender to say no.”
David Sheppard, managing director of Perception Finance, warned that lenders should be careful with the amount of information they share on why an application has been refused.
He explained: “It is important to prevent the risk of the system being played but it is also not their responsibility to divulge what has been seen on a credit report as that information is readily available to potential borrowers.”
However, Adam Hosker, founder of Bespoke Finance, argued that lenders already inform brokers of why a case has been declined, noting that the best lenders review those declines without broker intervention.
He continued: “Mortgage advisers can typically find out the reason for a decline and often challenge decisions. Even if those challenges don’t always go our way, with the explanation in hand we are well resourced to head to the next best lender. If GDPR has made best practice the law, that can only be a good thing.”
Backtracking on the benefits of technology
The big selling point of having automated decisions has been that the whole process moves much more swiftly than if it is entirely reliant on being handled by a human. Could GDPR force the industry to walk back some of those improvements?
Sheppard said that the system is not “in need of wholesale change”, noting that with many enquiries speed is of the essence and moving to a human decision will not help.
He continued: “My bigger concern with automation in the decision making is the data that is being provided by the credit agencies which can be more than a month out of date and that desperately needs to be improved when lenders are relying on that information to be current.”
Hollingworth added that with the volumes that large banks and building societies are dealing with, it’s difficult to get away from the need for automation.
He continued: “We need to be careful, as there are lots of lenders already that are able to make more individual decisions. Let’s not talk about automation as some kind of evil, in most cases it will help speed things through. We are probably looking for more things to become automated to continue with that progress.”
What do lenders think?
A spokesperson for Yorkshire Building Society Group said that the additional protections offered from GDPR were welcome, but said they did not anticipate it changing the way the lender assesses mortgage applications.
They continued: “Brokers or customers can already request more information about their individual case following any automated elements of the process, such as Approval in Principle decisions, for example. Full mortgage applications will continue to be reviewed by an underwriter before any decision is made.”
No other lenders were available at time of writing.