About a-team Marketing Services
The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

ActiveNav Discusses How to Eliminate ROT and Find Value in Unstructured Sensitive Data

Subscribe to our newsletter

Sensitive data is a sensitive subject. When it is breached, fallout for the firm involved spans from reputational damage to a dent in revenue. In worst case scenarios, small companies may not be able to recover. For large financial institutions, a breach of unstructured sensitive data can be a huge reputational and financial blow as existing customers look to switch provider, prospects look elsewhere, and the media vilifies the villain.

These outcomes of a breach are, to say the least, challenging, but there are proactive approaches that can help firms stay on the right side of sensitive data management. To find out more, we talked to Peter Baumann, CEO of ActiveNav, about the extent of unstructured sensitive data that financial firms are hosting and how they can reduce risk and ensure compliance with privacy regulations such as Europe’s GDPR, the California Consumer Privacy Act, and Brazil’s version of GDPR, Lei Geral de Proteção de Dadosand (LGPD).

Capital markets companies are prime targets for hackers and cyber attacks, says Baumann, noting the volume and nature of the content they hold including sensitive customer and partner information. Discussion on protecting the data usually starts as a result of compliance requirements, but can be ignited by company choice, or a data breach. It could also be part of a migration project, perhaps to Microsoft 365 with a view to getting content into shape.

“There is a lot of making good to do before a migration, and then the data needs to be kept safely in a repository,” Baumann says. “Most people don’t see deciding the level of security of a document as a day job, and while user files appear to be named correctly, which makes people think they are secure, they may not be.”

Some solutions for sensitive data

ActiveNav offers a number of solutions to help financial institutions protect, manage and store unstructured sensitive data. Among them are an inventory solution that includes a screening technique that helps firms discover and take control of sensitive data. It also uses data scores to show which files are high risk and need to be addressed. “This is us working towards the easy button,” comments Baumann.

ActiveNav Compliance supports regulatory compliance and data minimisation. It also provides data mapping as a service to identify sensitive and confidential data, and data classification to automatically index and classify data stored across disparate silos, allowing users to tap into dark data that may unlock business value.

The solution’s uses cases, and perhaps the company’s most used offering, is data minimisation, which can reduce risk and storage costs, and help meet regulatory requirements by deleting over-retained data. “This is a simple program to reduce the data estate and cut out any redundant, obsolete and trivial (ROT) content,” says Baumann. “It’s hard to get organisations to act and execute because they worry about deleting data, but a financial institution needs a robust process and policies and people to do this.” He notes that 40% to 70% of any financial services organisation’s unstructured data can be classified at ROT. Beyond ROT, about 30% of data has not been modified for five years.

“Most organisations don’t have an appetite to deal with ROT, but they do have an appetite for sensitive data that can be a real business asset when used in conjunction with other data to generate products and revenue,” says Baumann. ActiveNav provides organisations with an out of the box solution that can be adapted and used not only for compliance, but also to identify ‘crown jewels’ in the data.

The company also offers a data governance solution to understand what data is being collected, stored and managed.

The software was initially offered as an on-premises solution using metadata to help identify the value of data, a document or file. A cloud version based on Microsoft Azure with APIs for connectivity was introduced in September 2021, with only metadata in the cloud. “With the scale and speed of cloud, we can do things that aren’t possible on premises,” says Baumann. “For example, we can benchmark data across an organisation.”

New investment

In January 2022, ActiveNav secured £2 million of Series A+ funding from the Mobeus venture capital trusts. A Series A funding round of $11 million was closed in November 2019 following strong growth at the company and customer wins including Voya Financial and Equifax.

The company was founded by Baumann in 2008. Early software development enabled organisations to achieve blind data discovery from content they knew nothing about. This was a success at the Crown Prosecution Service. The company moved on to add remediation and classification to discovery, and found initial success among government and military services looking to build a data foundation and strong records management.

Commercialisation followed, with financial services becoming the company’s largest sector on the basis that it is highly regulated and manages large volumes of data. According to Baumann, ActiveNav has worked with more than 300 organisations, and continues to work with about 100, 30% of which are financial institutions looking to ensure compliance and find value in unstructured sensitive data.

Looking forward, Baumann concludes: “Unstructured data is still the elephant in the room. And there is still a long journey ahead. We are experts in this space, but we are not yet satisfied that we have made managing unstructured sensitive data easy enough for our customers. Our North Star is zero dark data – no ROT, no duplicate data, sensitive data is under control, and business value can be gained from the data.”

Subscribe to our newsletter

Related content


Upcoming Webinar: Best practices for data lineage and metadata management to support evolving data operations

Date: 20 October 2022 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Data lineage is key to tracking data from source to consumption and any changes to the data along the way. Metadata management provides governance and control, ensuring high quality, consistent and accurate data across a financial institution. It can...


What is Digital Transformation and How Do You Get it Right?

While financial institutions are grasping the opportunities offered by the digital transformation of their activities, a number of impediments are hampering some from extending the strategy to their operations teams in the back office. A stubborn corporate culture, fear of change and a lack of planning are just some of the challenges cited by industry...


Data Management Summit Boston (Redirected)

As investment management firms take on more responsibility and control over core operational functions, A-Team has seen demand for a more buy-side oriented event focused on data and data management. The inaugural DMS Boston will take place in June 2020, and will focus on topics of interest to buy-side practitioners.


ESG Data Handbook 2022

The ESG landscape is changing faster than anyone could have imagined even five years ago. With tens of trillions of dollars expected to have been committed to sustainable assets by the end of the decade, it’s never been more important for financial institutions of all sizes to stay abreast of changes in the ESG data...