Skip to main content

Compliance is More Often a Matter of Sound Data Management

With numerous new regulatory and compliance requirements – from ESG reporting to Basel III Finalisation, to DORA – financial organizations are facing significant demands on their ability to meet compliance. Unfortunately, the ECB and other supervisory bodies will continue to make new demands, to impose new compliance requirements, and to request proof of compliance.

And, in the financial world, you have to prove that compliance. When a supervisor requests proof of compliance in the form of an audit or onsite inspection, you have to provide the in-depth data to show compliance. Unfortunately, in most banks, that process still takes months.

Scattered data is a legacy problem

20 years ago, when Basel II came into effect, the regulation specified digital data for the first time. With most data in hardcopy, banks had to start digitizing to make the necessary calculations possible. That process moved data collection, reports, customer information, and records onto servers – where they could be more easily accessed, compiled, and corrected.

Today, most data is stored electronically. Unfortunately, in a lot of cases, it’s still stored in legacy systems, siloed across departments. When you have to meet an ad hoc request from an auditor or supervisor, you have to compile that data before you can even begin to correct it. Then, correcting numbers and making the appropriate calculations can take considerably more time.

Extracting data and doing corrections can take some banks a significant amount of time, too long for compliance requirements.

Resolving issues with data management

If you have to wait for an audit request to gather data from various systems across the organisation, you’re incurring costs, reducing compliance, and reducing your own situational awareness of compliance. Your organisation shouldn’t have to panic and scramble to find scattered data when something like an asset quality review is requested.

In addition, most supervisor questions revolve around the same data. For example, you’ll want to know where data is stored, how complete the data is, what each data term/item means, timelines for data items, who’s responsible for each item of data, etc. If you can establish that as part of data governance, you’re already covering half the work of an audit – meaning you can quickly and easily pull compliance information without significant resource spend during an audit.

Good data management means that you could make a complex query, such as for a loan tape, and have that data within one or two days. That’s increasingly easier with cloud systems that enable data to be shared between departments, to be accessed by supervisors, and to be sent to the supervisor.

  • Review your data management practices, starting with golden source, ownership and definitions
  • Review how data is collated and shared, in particular completeness and timeliness
  • Review how the internal organization handles data and if that meets compliance needs

Every bank has data available in digital systems. Implementing data management policies to ensure that data is ready to send to a supervisor is a logical next step.

That means setting up data management, data governance, and data quality frameworks – with data warehousing and data definitions to enable transparency, traceability, and searchability.

Compliance requirements aren’t going anywhere. If you start thinking about your data management now, you’ll be ready when auditors do make a request. A good beginning is half the work.

If you’d like to discuss your data management policy from the business perspective, contact us, we can help.