RiskTech Forum

Safe Banking Systems: Data Governance - Influencing AML and Risk Management

Posted: 5 October 2017  |  Author: Carol Stabile  |  Source: Safe Banking Systems


Banks have long focused on Know You Customer (KYC) to comply with anti-money laundering (AML) regulations. But they face challenges ensuring KYC data is accurate and updated regularly. Collecting the data can be difficult because it is often stored in disparate systems across different departments and businesses within an institution.

That’s where data governance comes in. Defined by the MDM (Master Data Management) Institute as “the formal orchestration of people, processes, and technology to enable an organization to leverage data as an enterprise asset,” data governance provides a framework by which banks can manage the information they collect. Data governance not only helps banks meet AML and other regulatory requirements, but can provide transparency, operational efficiency and competitive differentiation.  It also ensures the availability and integrity of an institution’s data overall.

Data governance on the rise

Business silos hinder the flow of data across lines of business (LOBs) and present a significant stumbling block for enterprise risk management. Silos also prevent sharing of information that could lead to new business opportunities for the bank. A data governance strategy can help. It specifies where data is warehoused and in what form, what information should be shared among departments, what quality controls should be in place and who should be allowed access to the information. 

Banks are increasingly turning to data governance programs because such programs can make data collection and analysis more efficient. And with more data being collected than ever before – whether for beneficial ownership identification, risk screening, fraud prevention or to sell customers additional products and services – operational efficiency is a high priority.

Commissioned by regulatory software company NextAngles, an August 2016 survey of 280 compliance-related staff members at various institutions found that data collection and analysis can take 63 percent of staff time. That leaves only 35 percent of the time for more critical case analysis. Data governance can swing the needle so that compliance resources are used more productively.

Many vendors offer data governance software, but developing a good data governance program is as much about communication across the organization as it is about technology. While data management has traditionally been the purview of the IT department, an effective data governance strategy requires buy-in and support from top management and every level of the organization. Getting all of the stakeholders to weigh in on policy priorities at the outset helps ensure that managers will be engaged and supportive as the data governance program grows.

Know Your Data

While AML data collection is all about “know your customer,” a good data governance plan starts with “know your data” or KYD.  KYD means understanding how data is used throughout the organization. KYD also defines the existing documentation, processes and controls of the business and creates metadata (data about the data) to trace the origin and lifecycle of the data as it moves through various processes. Standardizing data protocols can be helpful in meeting regulatory mandates for AML and compliance.

In addition to hiring a chief data officer – the latest addition to the C-suite -- many financial institutions are establishing a data governance committee to carry out and oversee their data governance programs. The committee typically includes representatives from both IT and business departments.  Business representatives know how data is being created, used and updated. IT representatives, on the other hand, know how data is stored, shared, and maintained. Together they can craft a data governance policy that meets the goals and expectations of all parties and the institution.

Data governance is the foundation for everything from collection and flow of information to accuracy and analytics. Institutions that take on -- and succeed – in the challenging task of data governance will reap improvements in data quality, operational efficiency, AML compliance and risk management.