Broken By Design: Why Financial Services Is Drowning In Data It Can’t Use

Financial services has spent years trying to make customer data more useful.

The crux of the problem is simple: can the firm reach the right person, through the right channel, when the information actually needs to be acted on?

In this episode of Sense of Identity, Paul Holland is joined by Samantha Seaton, co-chair of the Smart Data Council, and Alan Clay, Head of Strategy, Customer Data Solutions at LexisNexis Risk Solutions, to discuss why so much financial services data still fails at the point of customer contact.

It's a common operating problem in pensions and regulated services. Organisations may hold names, dates of birth, historic addresses, contribution records, policy details, and account data, while still lacking a reliable route to the person behind the record.

Data quality becomes a communication problem. A record can be technically complete enough to sit inside a system, but not usable enough to support a customer outcome if the address is stale, the email belongs to an old employer, or the channel cannot safely carry sensitive information.

Created from episode transcript

When Data Exists But Contact Fails

Pensions are a good example because the customer relationship can last for decades, while the customer’s working life may change every few years. Auto-enrolment brought more people into pension saving, but many schemes still carry the legacy of contact details collected through employment rather than through a durable personal relationship.

A company email address may work while someone is employed. Once they move role, it becomes a dead route. A postal address may look acceptable in a database, but if the member moved three homes ago, the communication may never reach them.

"To not have a way of reaching someone easily, through their personal email address, it does seem completely bonkers."

Samantha Seaton, Co-chair, Smart Data Council

The problem is not limited to pensions. Health, utilities, insurance, legal services, and public-sector-adjacent organisations all depend on communication routes that may have been designed around paper, portals, or single-channel assumptions.

The issue at hand is whether the sender can reach the recipient in a way that is current, secure, and usable.

Alan’s perspective adds another layer. Contact data is not a single field. It can involve a postal address, one or more email addresses, a mobile number, and signals about whether those routes are current or risky.

When the communication itself may contain pension, identity, or financial information, the channel also needs controls around access and fraud exposure.

The Contact Detail Is Part Of The Control

It is easy to treat contact data as a back-office hygiene issue. In practice, it shapes the whole customer experience.

A letter that arrives late, an email that goes to the wrong inbox, or a portal notification that the customer ignores can all turn a good operational intention into a poor outcome.

That is especially important when the message asks the customer to act.

If a pension scheme wants someone to trace, consolidate, update, verify, or make a retirement decision, the communication route needs to support the action. It must help the customer recognise the sender, open the message safely, respond if needed, and leave the organisation with evidence of what happened.

In sensitive-message workflows, secure email becomes relevant as part of the wider communication design.

Mailock is useful where firms want to keep email as the delivery route while adding protected access, recipient authentication, secure replies, message tracking, and audit trails around sensitive information.

Outcome-Focused Regulation Still Needs Operational Courage

One of Samantha’s strongest points is that organisations can hide behind the absence of prescriptive rules.

If legislation does not literally say "collect a personal email address", some firms will avoid the decision. That may feel safe internally, but it can leave the customer relationship weaker.

The UK’s Data (Use and Access) Act 2025 received Royal Assent on 19 June 2025 and includes provisions to support digital verification services and new Smart Data schemes. The wider policy direction is also visible in the government’s Smart Data Strategy, which sets out next steps for a more interoperable smart data economy.

That policy direction doesn't remove the need for operational judgement. Smart Data, open finance, and improved pension visibility all depend on organisations being able to identify people, connect data, communicate clearly, and protect the routes through which sensitive information is exchanged.

"All of these big problems, people think they need big solutions rather than taking small steps on a regular basis."

Alan Clay, Head of Strategy, Customer Data Solutions, LexisNexis Risk Solutions

That pragmatic approach is important. A firm does not need to solve every edge case before improving the route for most customers. It can start by collecting better personal contact details, verifying them more consistently, segmenting higher-risk communications, and reviewing where sensitive replies currently fall back into ordinary email.

Pensions Dashboards Will Help, But They Will Not Solve Contactability Alone

The pensions dashboard programme is an important part of the answer. The Pensions Dashboards Programme states that pension providers and schemes within scope must connect to the digital architecture by 31 October 2026.

Pension providers also need to connect to the dashboards ecosystem before October 2026 and be ready to receive find requests, search records for data matches, and return pensions information.

Dashboards can make pension data more visible. They do not automatically make every customer reachable, engaged, or ready to act. Alan framed this as a mass communication problem: the people most likely to benefit may not be the people who already know where all their pensions are.

That number helps explain why contactability cannot be treated as admin. For people with small, scattered, or forgotten pension pots, the communication route may decide whether the value is found, understood, and acted on.

The same pattern appears in other sectors. Healthwatch reported in 2025 that Royal Mail, NHS England, NHS Providers, Healthwatch England, National Voices, and the Patients Association had written to Ofcom about new protections for timely NHS letter delivery.

What Firms Should Review Now

A practical review starts by mapping the customer communication workflow against the data that supports it. Which details are collected? Which are verified? Which are personal rather than employment-based? Which channels can safely carry sensitive information? Which replies can be protected without asking the customer to start again somewhere else?

For pension providers, insurers, advice firms, and other regulated organisations, this is also a question of evidence. If a sensitive message is sent, the firm may need to know who could access it, whether the intended recipient opened it, whether the customer replied, and what route the reply came through.

That does not mean every communication needs the same level of control. A generic update, a pension valuation, a vulnerability disclosure, and an identity document request do different jobs. The point is to match the channel, authentication, and evidence to the sensitivity of the message and the action being requested.

Better data will help regulated firms understand customers. Better communication design will decide whether that understanding reaches the person in time to be useful.

"If a sensitive message asks a customer to act, the control has to follow the message. Access, authentication, reply route, and evidence all need to sit in the same workflow."

Paul Holland, Founder and CEO, Beyond Encryption (Mailock)

Financial Services Needs Usable Data, Not Data For Its Own Sake

The most useful lesson from the discussion is that data quality should be judged by what it allows the organisation and customer to do together. A pension record that cannot trigger a safe, timely, and understandable customer action is still incomplete in practice.

Smart Data, open finance, dashboards, and AI may all improve the underlying infrastructure. The day-to-day test will remain more ordinary: can the organisation contact the right person, through the right route, with enough protection and evidence for the information being sent?

For financial services firms, that is where data strategy meets customer communication. The answer will come from better records, better consented data sharing, and better communication controls working together.

FAQs

Why Is Contact Data A Financial Services Risk?

Contact data becomes a risk when it stops firms reaching the right customer at the right time. Old addresses, employer email accounts, and unverified channels can lead to missed communications, poor outcomes, and weaker evidence.

How Does Smart Data Relate To Customer Communication?

Smart Data helps customers and businesses share data securely with authorised third parties, usually with consent. That still depends on trusted communication routes, identity checks, and clear ways for people to act on the information they receive.

Will Pensions Dashboards Fix The Lost Pensions Problem?

Pensions dashboards should make pension information easier to find, but they will not solve every engagement and contactability problem. Providers still need accurate customer data and communication routes that work for people who are not already engaged.

Where Does Secure Email Fit?

Secure email is relevant where firms want to keep email as the familiar delivery route while adding protected access, recipient authentication, secure replies, message tracking, and audit trails around sensitive customer information.

References

Samantha Seaton LinkedIn Profile, LinkedIn

Smart Data Council, GOV.UK, 2026

Alan Clay LinkedIn Profile, LinkedIn

LexisNexis Risk Solutions, LexisNexis Risk Solutions

Data (Use and Access) Act 2025: Data Protection And Privacy Changes, GOV.UK, 2025

Smart Data Strategy, GOV.UK, 2026

Pensions Dashboards: How To Connect To The Ecosystem, Financial Conduct Authority, 2025

Connection Deadline, Pensions Dashboards Programme, 2026

Briefing Note 138 - Lost Pensions 2024, Pensions Policy Institute, 2024

Protections On NHS Letter Delivery Agreed Between Royal Mail, NHS Leaders And Patient Bodies, Healthwatch England, 2025

Reviewed by

Sam Kendall, 24.06.26