What is data governance?
Data governance is the discipline of ensuring integrity in the sourcing and use of data in an organization. Good data governance is necessary to perform correctly, and competent and accurate data modeling is needed to achieve high data quality. The basis of data quality assessments show how well your data meets users’ needs for their business processes. Understanding data governance, therefore, is the foundation for financial services firms to get the best and most relevant information.
Data governance rules or guidelines are often contained within corporate governance principles, but can also be defined independently. Globally, all financial markets have some form of governance regulation for banks, investment firms and other market participants. Corporate governance rules typically serve to balance the rights and responsibilities of a company’s management and its stakeholders, and set procedures and policies for a company’s activities.
Within corporate governance regulation, data governance rules or guidelines address how firms should handle data to meet the goal of achieving good corporate governance. It is about how firms manage availability, usability, integrity and security of their data. It encompasses all the rules, standards, metrics and processes that firms set up on their own to make sure their data will function well once fed into their data models, and end up producing quality data.
Why do I need it?
As previously mentioned, data governance can be defined as how firms manage availability, usability, integrity and security of data.
- Availability – Making data easily available, as an element of data governance, means planning the storage, classification and maintenance of data to keep it accessible. You’ll want your data warehouse to have data ready to go for any application where the data is needed, with a minimal amount of cleansing and processing. To achieve this, plans should set best practices for data management and processing, so high quality data is always available and ready to go.
- Usability – means formatting data so it can be easily used for all the purposes a firm needs. Tools to improve data visibility, such as data maps and 360-degree views of customers and business entities, as well as a baseline common understanding of data throughout a firm, can all improve upon data usability.
- Integrity – Ensuring data integrity means avoiding contamination or corruption of the data. This can be measured in terms of data accuracy and quality, as well as compliance with rules and regulations. Data governance plans should aim to prevent data inconsistencies caused by using different systems in parts of a firm. Such inconsistencies make it harder to integrate all your data.
- Security – The standard definition of security concerns managing access to data and protecting against unauthorized access. Even the utmost attention to data quality and data management can go for naught if your data isn’t protected. Data governance should include designating data stewards who enforce rules about accessing the data and how the data may be shared, and also designating data security responsibilities covering every step where data was produced and used.
Planning that accounts for all of the preceding elements help ensure that your data, being fed into analytics and other applications will yield better advice and insights, in turn producing better decision-making and bringing better business performance.
Data governance for regulation
Several different regulatory initiatives in the US, Europe and globally apply to the security and transparency aspects of data, as handled in data governance efforts.
The European Union’s General Data Protection Regulation (GDPR) and Markets in Financial Instruments Directive II (MiFID II) are relevant to data security, as is US 31 USC 310, a US Treasury Department order that established the Financial Crimes Enforcement Network, which includes provisions concerning data in the context of financial crimes. Also, more broadly, in November, the US Federal Trade Commission extended a deadline for compliance with a data safeguards rule to June 2023.
In addition, the US Dodd-Frank Act includes provisions on transparency of record-keeping, and the US Comprehensive Capital Analysis and Review (CCAR) framework addresses data quality and management. In Europe, MiFID II addresses data collection processes, while Basel III – an international standards regime – contains data governance provisions as part of its guidance on risk management and capital adequacy.
MiFID II, Basel III and its associated BCBS 239 rules on reporting, influence compliance throughout Asia globally. In addition, the International Financial Reporting Standard (IFRS) created by the International Accounting Standards Board (IASB) sets classification and accounting rules that can figure into governance. Any firm forming their governance framework should be aware of these provisions.
So, with a good handle on data governance traits and rules, firms may also deploy enterprise data management (EDM) and master data management (MDM) systems as a means to carry out the provisions made in governance processes. These systems scrub, enrich and curate data, to standardize how data is defined and produce metadata that helps implement governance frameworks, with integrity, accountability and security.
With knowledge of the elements of data governance, both as part of a firm’s native efforts and its compliance requirements, management will be better equipped to do business in the markets and lower their operational and regulatory risk.