Data governance is increasingly important in a data management environment driven by regulatory requirements and cost constraints, but to be effective it needs to be underpinned by cultural change across an organisation, supported by active data governance committees and able to ensure ongoing ownership of core datasets.
The need for effective data governance to address this year’s deluge of regulations was discussed at last week’s A-Team Group Data Management Summit in London. Andrew Delaney, chief content officer at A-Team, moderated discussion and was joined by Chris Johnson, senior product manager of market data services at HSBC Securities Services; Selwyn Blair-Ford, head of global regulatory policy at Wolters Kluwer Financial Services; and Dennis Slattery, CEO of EDMworks.
Delaney started the conversation by asking panel members whether we have reached a regulatory peak since the financial crisis and which regulations are causing most pain for data managers. The answer to the first part of the question was a definite no, with Blair-Ford commenting: “We are at the high point of regulation being written, but we are not at the high point of addressing regulation in the industry.”
Regulatory pain points
Regulations noted to be particularly taxing from a data management perspective include Basel III’s BCBS 239 – a regulation that featured in many panel discussions at the Data Management Summit, Markets in Financial Instruments Directive II (MiFID II), Solvency II, European Market Infrastructure Regulation (EMIR), the Alternative Investment Fund Managers Directive (AIFMD) and Know Your Customer (KYC) regulations.
Johnson explained: “One theme of regulation is that when consultation papers are published, regulators expect firms to take steps to comply with them immediately, but regulations such as BCBS 239 have raised the bar significantly and require heavy duty data management. Other regulations requiring a lot of work include Solvency II, AIFMD, EMIR and MiFID II.
Focussing on regulatory reporting requirements, MiFID II takes firms beyond the tipping point that can be reached with tactical solutions. It needs new data that may be difficult to source and requires senior level attention within organisations to develop compliant strategies and solutions.” Agreeing on the complexity of regulatory reporting post the financial crisis, Slattery commented: “Just reporting is no longer enough. The need with regulations such as BCBS 239 is to show more data than just reporting data and data lineage, which can be difficult.” Blair-Ford added: “Regulators are asking for more, but are being less supportive and requiring greater internal oversight.”
Data governance frameworks
Picking up on these changes, Delaney asked how data governance can help firms manage data for regulatory purposes and what sort of governance frameworks they are putting in place. Slattery explained: “Governance is one thing we shouldn’t have to do, but we do have to do because people don’t trust data. For example, BCBS 239 exists because regulators don’t trust what people are telling them. A framework for data governance is key and needs to include ownership of core datasets, consistent incident management processes and tools such as a data dictionary. The framework needs to be embedded and underpinned by cultural change across an organisation so that there is a greater understanding of the impact of what people do.”
Johnson concurred, and added: “For data governance to be effective, an organisation’s data governance committee needs diversity of membership and feeder committees that are run by people who can escalate specific data governance issues. The result is management information that can help resolve these issues at the right level.” Responding to a question from Delaney about whether firms’ data governance policies are succeeding, Slattery said: “Firms have plans and policies, but when it comes to implementation there is a massive disconnect. Small organisations can achieve data governance, but large global organisations are not getting top-down implementation correct. There is more commitment to data governance now than ever before, some of it resulting from the regulatory stick, but there is still debate about whether banks are too big to fail.”
Considering increasing regulation and the concomitant need for data governance, Johnson concluded: “Data managers must make themselves heard. They need to feed into governance committees and articulate the challenges of data management. This is the time to seize data management and get it right.”