New technology trends are buzzing in (and even fading out) fast these days, as firms wrap their heads around the likes of artificial intelligence and machine learning and blockchain. But the underlying paradigm shift is now universally noticed and understood: data has exploded in volume and quality, and the current wave of technology is all about harnessing it.
Banks are generating huge volumes of data that must be properly maintained in accordance with many new regulations—but many banks are still working to implement the eleven principles of effective risk data aggregation and risk reporting introduced by the Basel Committee on Banking Supervision (BCBS 239), effective since February 2016. Frankly, many banks are facing a data overload and are unable to structure and outfit it in a meaningful way. They are feeling the lack of proper governance or data management systems, intensified by increasing customer and regulatory demands for more and granular information.
Thus, the task before banks is not about tweaking their systems to tick boxes on a compliance form. It’s about transforming their entire approach to data in order to be secure, compliant, flexible, inventive, and forward-leaping—all at the same time, and all while technology is advancing at breakneck speed.
The first pages of a long book
It is, unquestionably, a lot. Where to begin? As with anything, the basics come first: deciding whom changes should be driven by. As data is in the realm of information technology, many assume that the IT department should be the central initiator—but this is not the case. This is far bigger than IT. It involves many different organisational functions whose backbones are data, like risk and finance, as well as revenue-generating departments like wealth management, client relationship management, and marketing. Thus, the mandate should come from the top, given the strategic aspects to coordinate both in terms of internal workings and external competitiveness. Many banks have hired Chief Data Officers (CDOs), whose responsibilities are to establish a “know your data” culture within the bank and to carry changes going forward.
Another basic: proper data governance must be established. With the help of the CDO, banks should implement a coherent and consistent framework across the entire organisation defining how data is to be managed. This framework should establish data ownership and stewardship as concepts, define the data and information architecture, set general rules and standards for data, and extend all the way to metadata management and data lineage. When done right, all these things mean data quality, by ensuring its integrity, consistency, and accuracy.
After the data governance programme, CDOs must determine how to measure and track its value. Stakeholders and business sponsors often struggle with this, as there is the constant trade-off between implementing minimum standards and committing to huge investments in infrastructure and analytics. Ongoing cost/benefit analyses and returns-on-investment can be tough to quantify. The answer is to define measurable key performance indicators (KPIs). These should be classified into categories from data quality and timeliness to compliance and efficiency.
The KPIs should also be categorised by data subject, for example customer data.
Separately, the value added by data quality in marketing, new products/services, and implementation costs for compliance projects should also be measured, as should the efficiency of marketing campaigns and communication channels.
For each KPI, the following should be defined and documented:
- details of how to measure it
- follow-up procedures for related issues
- frequency of information intake
- unit of measure
- threshold values acceptable
What are the CDO’s main challenges?
Stepping into the CDO office isn’t easy. The following should be considered:
- (non)clarity of the role: should the CDO be considered a cost or a revenue source?
- securing buy-in from the top and fighting resistance to change
- data and business, not data versus business
- poor data literacy… and, relatedly, ensuring data quality, security, and privacy
- avoiding technological distractions
How to overcome these issues:
- Create a strategy based on the organisation’s business strategy and its predominant value discipline.
- Build trust, especially with various business stakeholders like the CIO.
- Educate senior leaders and peers about data’s role in overall business successes.
- Establish baselines on information governance and data monetisation from which progress can be measured.
- Define KPIs by sourcing quantifiable information metrics.
- Adopt formal information asset measures and share them with the organisation.
As all of the above suggests, implementing a data governance programme is no quick or easy or short-term task. It will require big, bold thinking. It is an upheaval, not an exercise in finding bandage solutions. It will require good change management and dedicated personnel. The goal is to become a data-driven business that is resilient to new regulatory pressures, sheltered from splashes made by disruptive startups, and that can capture value—with the longest shelf-life possible—from data.
Implementing proper data governance is not about being compliant; it’s necessary to survive.
Next up on the KPMG Blog: