According to a new report from Capgemini research, compliance with the EU’s GDPR has yielded a range of significant and perhaps unanticipated benefits, from increased consumer trust to better customer engagement and revenue growth. Overall, the researcher says that “[GDPR] compliant organizations have outperformed non-compliant [companies] by an average of 20%.”

Only 28% complaint so far. Overall only 28% of firms surveyed by Capgemini were fully GDPR compliant. The company polled 1,100 senior executives in various industries (insurance, banking, consumer products, utilities, telecom, public services, healthcare and retail) in multiple countries. It then compared the performance of GDPR-compliant organizations against those that were not compliant or only partly compliant. The report states, “92% of executives from compliant firms say their organization has gained a competitive advantage thanks to the GDPR.”

Source: Capgemini research (2019)

Better ratings, better performance. The chart above indicates compliant organizations saw better consumer ratings, greater trust, improved lead quality, better employee morale and a better overall brand image vs. those that were not compliant or lagged in compliance.

These are of course the self-perceptions of survey respondents, but it’s striking that across all metrics GDPR compliant companies were doing better than their counterparts. While some of this might be expected (e.g., improved consumer trust) the range of findings are striking and unexpected.

Source: Capgemini research (2019)

In the specific retail context, complaint retailers saw greater participation in their loyalty programs. They also said that online transactions had increased since GDPR went into effect. And perhaps most surprisingly, “the number of consumers targeted in our campaigns” had grown post-GDPR. The operating assumption was that lists would shrink and data would evaporate.

Why we should care. Capgemini also surveyed U.S. firms about CCPA. It found that 70% believed they would be compliant with CCPA when it goes into effect next year. However, based on the observed lag between anticipated and actual GDPR compliance, the firm believes that many companies are being optimistic about their preparedness for CCPA.

What’s significant about these findings is that adherence to strict consumer privacy rules has not hurt firms doing business in the EU. In fact, it appears to have done the exact opposite: helped them outperform their non-compliant peers. By extension there could be a similar benefit for CCPA-complaint companies in the U.S. So rather than resisting, companies should think about accelerating compliance and market that fact to consumers.