Personalization has emerged as a transformative force in modern business and modern communications. Marketing is no longer about addressing a customer by name in an email but delivering tailored experiences at scale, powered by artificial intelligence (AI) and data-driven insights. In a recent article in the Harvard Business Review, entitled Personalization Done Right, authors Mark Abraham and David Edelman wrote about how companies like SonderMind, Spotify, and Sweetgreen lead the charge, using innovative personalization strategies to create value and delight their customers. However, personalization presents some interesting opportunities for compliance professionals to balance innovation with regulatory obligations, ethical considerations, and data privacy concerns.
Today, I want to examine the lessons that compliance professionals can draw from the personalization strategies outlined in the BCG Personalization Index. I will focus on maintaining compliance while enabling businesses to leverage personalization as a competitive advantage.
The Five Promises of Personalization
Personalization leaders succeed by fulfilling five implicit promises to their customers:
- Empower Me – Make my experience seamless and intuitive.
- Know Me – Use my data responsibly to understand my needs.
- Reach Me – Engage with me at the right time, on the right channel.
- Show Me – Provide relevant, tailored content.
- Delight Me – Continuously improve my experience through innovation.
Each of these promises presents opportunities and risks that compliance professionals must navigate.
- Empower Me: Enhancing the Customer Journey
Businesses like SonderMind demonstrate how personalization can empower users. SonderMind’s mental wellness app analyzes individual data to suggest actionable steps, such as meditation or journaling, and arm therapists with anonymized insights to optimize treatment plans. This results in better outcomes for patients and reduced costs for insurers.
For the compliance professional empowering employees (the customers of compliance), Personalization leaders start by asking: How can I make the employee’s experience better by personalizing it? For a compliance professional, this means understanding an employee’s unique needs at every step of their journey and deciding how personalization can best help them. The Department of Justice calls this ‘targeted’ training and communications.
- Know Me: Building Trust Through Data
The authors point to Sweetgreen, “a newcomer to the restaurant business relative to the largest chains,” which illustrates this point well. Right from its start, in 2007, it invested in building digital customer relationships. It launched a mobile app in 2013, ahead of many large restaurant chains, and progressively added features such as mobile ordering, delivery, personalized offers and challenges, and a loyalty program to drive digital engagement.
Here, the compliance professional can not only stream compliance communications more efficiently but also use those same communications to build relationships and trust with your employees. Obviously, this is directly in the compliance wheelhouse, as data governance is paramount. Compliance teams must oversee the integration of customer data across systems, ensuring it is accurate, secure, and used in accordance with stated policies.
- Reach Me: Engaging Responsibly
Having the data to know the customer is not enough. Your organization must use AI to identify triggers to reach out, such as when a customer browses online or inquires. Then, orchestrate touches across channels and use smart frequency management to ensure their touches are coordinated and not overwhelming. The authors pointed to Cisco, whom they said is “a personalization leader. Its sales team knows whom to contact, when, and about what and comes armed with relevant content and demos. Because Cisco’s sales and marketing teams are closely linked, customers get coordinated exposure to content that supports their needs and that opens up sales dialogues.”
This is precisely how compliance professionals should think about targeted and effective training and communications. This type of coordinated approach, based on employee needs or questions, can pay off with big compliance benefits. Overreach will turn off employees if the communications are bad, useless, and overwhelming. You do not want to cause ‘compliance communication fatigue.’ Compliance professionals must monitor how AI models are recommended, ensuring they align with legal standards and ethical norms.
- Show Me: Tailoring Content
Pandora shows how generative AI can create personalized content, reducing production times and improving engagement. The authors noted, “The global jewelry brand Pandora thrives by sparking customer interest with inspirational content. As part of its strategy, it uses AI-generated content to tailor its messaging to each customer and cut cycle times for certain types of content creation from 12 to 14 months to a mere 10 days. The company learned that personalizing the background and model image for each individual—and coordinating how the customer sees those images across emails, websites, and other ads—substantially improved conversion rates.”
This speaks to the DOJ mandate for tailored training. However, you should also consider the business ethics message you can give customers. It can be similar to that of other companies that have gotten into FCPA or other regulatory trouble, celebrating your employees who have done the right thing or consistent messages from your CEO or senior executive about doing business ethically and in compliance.
- Delight Me: Driving Continuous Improvement
Personalization leaders adopt agile working methods to accelerate testing and learning, improving the intelligence behind each customer interaction. Companies like DoorDash epitomize the “delight me” promise by running hundreds of micro-experiments to refine their personalization efforts. This agile approach enables rapid innovation but requires robust oversight to ensure compliance with regulations.
Continuous improvement is directly in the wheelhouse of compliance. You should be able to take the feedback you receive from your employees and incorporate that information into your future communications. Even more exciting is the opportunity to have employees individually improve their ways of doing business ethically and in compliance. Compliance professionals should collaborate with product teams to ensure experiments respect privacy laws and customer expectations.
Key Lessons for Compliance Professionals
- Embrace the Role of Enabler. Compliance should not be a roadblock to innovation. Instead, compliance professionals can enable responsible personalization by embedding themselves in cross-functional teams and offering solutions aligning with business goals and regulatory requirements.
- Prioritize Data Privacy. As personalization relies heavily on customer data, compliance teams must prioritize data privacy and security. This includes ensuring compliance with global regulations like GDPR, CCPA, and industry-specific standards.
- Establish AI Governance. AI is a cornerstone of modern personalization. Compliance professionals must develop and enforce governance frameworks to ensure AI is used ethically and transparently.
- Foster a Culture of Transparency. Customers are more likely to trust companies that are upfront about how their data is used. Compliance teams should advocate for clear and accessible privacy policies.
- Monitor Regulatory Trends. Personalization efforts are subject to evolving regulations. Compliance professionals must stay informed about changes in data privacy, AI ethics, and advertising standards to guide their organizations effectively.
The Future of Compliance is Personalization
The rise of personalization presents compliance professionals with a unique opportunity to lead. By ensuring that personalization efforts are ethical, transparent, and compliant, they can help their organizations build trust, drive innovation, and achieve sustainable growth.
As the BCG Personalization Index shows, companies that excel in personalization delight their customers and create significant business value. The same applies to a corporate compliance function and its customers, IE., employees. Compliance professionals are essential to realizing this potential, ensuring businesses can innovate responsibly and thrive in an increasingly competitive landscape.
Compliance is not simply about preventing wrongdoing but enabling your organization to do things correctly. Personalization of compliance is no exception. Compliance professionals should embrace this opportunity and take charge of a future where personalization and compliance go hand in hand.