Categories
erwin Expert Blog

Financial Services Data Governance: Helping Value ‘the New Currency’

For organizations operating in financial services data governance is becoming increasingly more important. When financial services industry board members and executives gathered for EY’s Financial Services Leadership Summit in early 2018, data was a major topic of conversation.

Attendees referred to data as “the new oil” and “the new currency,” and with good reason. Financial services organizations, including banks, brokerages, insurance companies, asset management firms and more, collect and store massive amounts of data.

But data is only part of the bigger picture in financial services today. Many institutions are investing heavily in IT to help transform their businesses to serve customers and partners who are quickly adopting new technologies. For example, Gartner research expects the global banking industry will spend $519 billion on IT in 2018.

The combination of more data and technology and fewer in-person experiences puts a premium on trust and customer loyalty. Trust has long been at the heart of the financial services industry. It’s why bank buildings in a bygone era were often erected as imposing stone structures that signified strength at a time before deposit insurance, when poor management or even a bank robbery could have devastating effects on a local economy.

Trust is still vital to the health of financial institutions, except today’s worst-case scenario often involves faceless hackers pillaging sensitive data to use or re-sell on the dark web. That’s why governing all of the industry’s data, and managing the risks that comes with collecting and storing such vast amounts of information, is increasingly a board-level issue.

The boards of modern financial services institutions understand three important aspects of data:

  1. Data has a tremendous amount of value to the institution in terms of helping identify the wants and needs of customers.
  2. Data is central to security and compliance, and there are potentially severe consequences for organizations that run afoul of either.
  3. Data is central to the transformation underway at many financial institutions as they work to meet the needs of the modern customer and improve their own efficiencies.

Data Management and Data Governance: Solving the Enterprise Data Dilemma

Data governance helps organizations in financial services understand their data. It’s essential to protecting that data and to helping comply with the many government and industry regulations in the industry. But financial services data governance – all data governance in fact – is about more than security and compliance; it’s about understanding the value and quality of data.

When done right and deployed in a holistic manner that’s woven into the business processes and enterprise architecture, data governance helps financial services organizations better understand where their data is, where it came from, its value, its quality, and how the data is accessed and used by people and applications.

Financial Services Data Governance: It’s Complicated

Financial services data governance is getting increasingly complicated for a number of reasons.

Mergers & Acquisitions

Deloitte’s 2018 Banking and Securities M&A Outlook described 2017 as “stuck in neutral,” but there is reason to believe the market picks up steam in 2018 and beyond, especially when it comes to financial technology (or fintech) firms. Bringing in new sets of data, new applications and new processes through mergers and acquisitions creates a great deal of complexity.

The integrations can be difficult, and there is an increased likelihood of data sprawl and data silos. Data governance not only helps organizations better understand the data, but it also helps make sense of the application portfolios of merging institutions to discover gaps and redundancies.

Regulatory Environment

There is a lengthy list of regulations and governing bodies that oversee the financial services industry, covering everything from cybersecurity to fraud protection to payment processing, all in an effort to minimize risk and protect customers.

The holistic view of data that results from a strong data governance initiative is becoming essential to regulatory compliance. According to a 2017 survey by erwin, Inc. and UBM, 60 percent of organizations said compliance drives their data governance initiatives.

More Partnerships and Networks

According to research by IBM, 45 percent of bankers say partnerships and alliances help improve their agility and competitiveness. Like consumers, today’s financial institutions are more connected than ever before, and it’s no longer couriers and cash that are being transferred in these partnerships; it’s data.

Understanding the value, quality and risk of the data shared in these alliances is essential – not only to be a good partner and derive a business benefit from the relationship, but also to evaluate whether or not an alliance or partnership makes good business sense.

Financial Services Data Governance

More Sources of Data, More Touch Points

Financial services institutions are at the forefront of the multi-channel customer experience and have been for years. People do business with institutions by phone, in person, via the Web, and using mobile devices.

All of these touch points generate data, and it is essential that organizations can tie them all together to understand their customers. This information is not only important to customer service, but also to finding opportunities to grow relationships with customers by identifying where it makes sense to upsell and cross-sell products and services.

Grow the Business, Manage the Risk

In the end, financial services organizations need to understand the ways their data can help grow the business and manage risk. Data governance plays an important role in both.

Financial services data governance can better enable:

  • The personalized, self-service, applications customers want
  • The machine learning solutions that automate decision-making and create more efficient business processes
  • Faster and more accurate identification of cross-sell and upsell opportunities
  • Better decision-making about the application portfolio, M&A targets, M&A success and more

If you’re interested in financial services data governance, or evaluating new data governance technologies for another industry, you can schedule a demo of erwin’s data mapping and data governance solutions.

Data Mapping Demo CTA

And you also might want to download our latest e-book, Solving the Enterprise Data Dilemma.

Michael Pastore is the Director, Content Services at QuinStreet B2B Tech.

Categories
erwin Expert Blog

Data Governance and Risk Management

Risk management is crucial for any data-driven business. Former FBI Director Robert Mueller famously said, “There are only two types of companies: those that have been hacked and those that will be.” This statement struck a chord when first spoken in 2012, and the strings are still ringing.

As data continues to be more deeply intertwined in our day-to-day lives, the associated risks are growing in number and severity. So, there’s increasing scrutiny on organizations’ data governance practices – and for good reason.

Governmental scrutiny, in particular, is gearing up. The General Data Protection Regulation (GDPR) introduces strict formality in the way data is governed across the European Union, including organizations outside the EU that wish to do business with its member nations.

But in certain sectors, public scrutiny is just as – if not more – important to consider. We’ve been talking since September about the data breach at Equifax, which has just been hit with a 50-state, class-action lawsuit.

And we just learned that Uber was hacked, resulting in the personal data of 57 million customers and Uber drivers being stolen. What’s more, the company concealed the breach for more than a year.

Whether we’re talking about financial or reputational damage, it’s absolutely clear that bad data governance is bad business.

Risk Management Data Governance

Risk Management for IoT

Think about the Internet of Things (IoT) for a moment …

IoT devices are gaining more stock in daily life – from the mundane of smart refrigerators and thermostats to the formidable of medical devices. Despite the degree of severity here, personal data is personal data, and the steps taken to mitigate security risks must be evidenced to be compliant.

Data governance is fundamental to risk mitigation and management. That’s because data governance is largely concerned with understanding two key things: where your data is kept and what it’s used for. Considering the scope of IoT data, this is no easy feat.

Estimates indicate that by 2020, 50 billion connected devices will be in circulation. Misunderstanding where and what this data is could leave the records of millions exposed.

On top of the already pressing need for effective data governance for risk management, we’re constantly approaching uncharted territories in data applications.

Lessons from Driverless Cars

The driverless car industry is one such example on the not-too-distant horizon.

Businesses from BMW to Google are scrambling to win the driverless car race, but fears that driverless cars could be hacked are well founded. Earlier this year, a Deloitte Insights report considered the likely risks of introducing autonomous vehicles onto public roads.

It reads, “The very innovations that aim to enhance the way we move from place to place entail first-order cybersecurity challenges.” It also indicates that organizations need to make radical changes in how they view cybersecurity to ensure connected vehicles are secure, vigilant and resilient:

  • Secure – Work on risk management by prioritizing sensitive assets to balance security and productivity.
  • Vigilant – Integrate threat data, IT data and business data to be equipped with context-rich alerts to prioritize incident handling and streamline incident investigation.
  • Resilient – Rapidly adapt and respond to internal or external changes to continue operations with limited business impacts.

The first thing organizations should take away is that this advice applies to the handling of all sensitive data; it’s by no means exclusive to autonomous vehicles. And second, security, vigilance and resilience all are enabled by data governance.

Data Governance Leads the Way

As discussed, data governance is about knowing where your data is and what it’s used for.  This understanding indicates where security resources should be spent to help mitigate data breaches.

Data governance also makes threat data, IT data and business data more readily discoverable, understandable and applicable, meaning any decisions you make regarding security investments are well informed.

In terms of resilience and the ability to rapidly respond, businesses must be agile and collaborative, points of contention in traditional data governance. However, Data Governance 2.0 as defined by Forrester addresses agility in terms of “just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem.”

As GDPR looms ever near, an understanding of data governance best practices will be indispensable. To get the best of them, click here.

Data governance is everyone's business