Industry — Financial Services
Banks, credit unions, investment firms, payment networks, and fintechs. Distinct from org-dim.industry.insurance — while both are regulated, FS faces PCI-DSS (card data handling), SOX (financial reporting controls), GLBA (consumer financial privacy), and jurisdiction-specific banking regulations.
Dominant use cases. Product cross-sell to existing customers (home equity offer to mortgage customers, checking-to-savings-to-investment account progression), onboarding sequence optimization (reducing early attrition in the first 90 days of a new account), and fraud-signal-aware suppression (pausing marketing to accounts flagged for suspicious activity until the flag resolves).
Architectural implications.
- PCI-DSS scoping: any system that touches card data inherits PCI scope. CDPs must be designed to avoid raw card numbers — tokenization is mandatory at ingestion.
- Real-time fraud signals create a unique suppression requirement: a customer flagged for fraud should not receive a credit-limit-increase offer while the flag is active. This implies real-time signal ingestion into the suppression layer, not just nightly batch.
- Investment product marketing requires regulatory approval workflows (FINRA/SEC oversight in the US) that introduce latency into campaign activation — fully automated activation is not always permissible.
- Identity is anchored to account number with full masking/tokenization requirements, not email or device.