Why the data marketplace model could help businesses in Africa

A decentralised data sharing platform can transform businesses, especially those in credit and payments.


Data is becoming crucial in many businesses today, even as access to finance becomes pervasive. Extracting and handling data to understand consumer behaviour is becoming a norm in business practices even in Africa.

Data privacy laws have established a way to engage with customer data to align with global standards such as GDPR. Africa is not being left behind. However, legacy institutions still have a lot of work to do to incorporate technologies that can explore and monetise information within their purview.

One of the exciting solutions coming up in the African continent is the idea of a data marketplace. Simply put, it is a platform where organisations and institutions can exchange data within their possession safely and ethically. Not only does it solve the issue of data silos, but it also gives companies a simple way to exchange data.

Carma Chain is using this model to help organisations monetise and importantly, use the data already in the market to build better business models. Being a new concept, it has been a challenge for the company.

“Step one would be acquiring enough data contributors to make the service interesting for lenders. It is like a chicken and egg issue on the marketplace,” Ted Martynov the founder and CEO of Carma Chain said.

“We have signed over 22 companies across Nigeria including payment aggregators, mobile wallets, utility providers who use the service,” he said.

In mid-2020, the company signed up the National Association of Savings and Credit Unions (NASCU) in Zambia to provide credit reference services for 1,122 credit unions. The credit unions serve about 1.5 million members, equivalent to almost 15% of Zambia’s adult population.

William Kanyika, managing director at NASCU, said the service would be crucial in helping credit unions get relevant data.

“Over-indebtedness control and fraud prevention are expected benefits for lenders and we believe that many other financial and non-financial institutions will leverage the impact of the credit data marketplace along with us,” he added.

Benefits of a decentralised data marketplace

Solutions such as this are missing in the African market, where any entity can easily check a user’s data from multiple endpoints. According to Martynov, entities seeking customer data can use a simple API to hit the marketplace, while those offering data sources can also monetise the data they hold through the same simple API. In the end, it eliminates the need of overhauling a company’s tech stack to accommodate new technologies.

Carma Chain’s model uses a decentralised protocol in the exchange of data, meaning that data owners do not feed information to a centralised silo. When a request is made, the data is exchanged on a peer-to-peer level through the protocol, more like a phone call.

As Martynov explains; once breached, a centralised system holding all the user’s data can expose millions of data points. It only takes one try. But with a decentralised system, a hacker has to target multiple endpoints to get the full profile of users. Even so, companies seeking to share data in this marketplace have to put in place security measures and comply with privacy laws.

Getting data from sources other than credit bureaus can also open up financial profiles for those who do not have bank accounts. These sources would include utility companies, saving unions, telecom companies and mobile wallets. Having these data can help the underbanked get access to credit to boost their business and eventually have access to banking services.

“We are pulling up these data and making it available for lenders so that lenders can leverage this data to build a profile for the underbanked,” Martynov said.

Data sharing laws are key in growing data marketplaces

Such data sharing laws have to be in place to protect the consumer from their data being exploited. Kenya and Nigeria have made great strides to ensure that consumer data, especially credit data is protected.

Recently, the Central Bank of Kenya released new regulations on how micro-lenders or well known as mobile lending companies, comply with the use of customer data. The regulations titled, “The Central Bank of Kenya (Digital Credit Providers) Regulations, 2022” restrict how consumer data is shared with third-party entities.

A section of the law states: “A digital credit provider shall not release information obtained from a credit reference bureau to any third party except as may be required under these Regulations or any other relevant written law.”

Such laws are a bedrock to securely establishing safe data exchange, that will not be abused by creditors. The Nigeria Data Protection Regulation (NDPR) of 2019 guarantees that data processors adhere to privacy laws. “The NDPR applies to all transactions intended for the processing of personal data, and to the processing of personal data notwithstanding the means by which the data processing is being conducted or intended to be conducted in respect of natural persons in Nigeria,” Data Guidance summarises the laws.

In specifics, the laws on data sharing in payments and open banking is still in their infancy. “Most, if not all countries, are yet to implement open banking legal frameworks, but regulators have begun promoting and offering guidelines on the rolling out of these platforms,” a report by DLA PIPER, titled Open banking in Africa after COVID-19 said.

It continued, “Further, as data sharing forms the basis of open banking, a strong data protection regime is critical to its success. Banks play the dual role of data controller and processor as they are both holders of customer data and processors through their own sandboxes or APIs.”

The ease of use of data exchange marketplace has its immediate advantages as it provides several endpoints to confirm the profile of a customer, as modelled by Carma Chain. But it will be a while before these platforms spread over the continent due to different measures of privacy protection and in some cases lack of it.