Financial Services Regulations: Building Sustainable Compliance Programs

To comply with a complex array of regulations, financial services organizations have stepped up as early adopters of data governance frameworks. Additionally, regulators are demanding stronger and more comprehensive data quality capabilities than ever before. The aim is to minimize risk, safeguard private information, and ensure the adequacy of internal controls and sustainable compliance. Organizations that neglect these imperatives risk steep fines, high remediation costs, and substantial negative publicity.

According to  a recent report from the LeBow College of Business at Drexel University, current macro trends coupled with shortages in budgets – and skilled resources – is driving organizations to find resilient, sustainable ways to optimize their compliance investments.

So although compliance historically is viewed as a necessary burden, some are starting to look at it as an opportunity. Through a more sustainable, integrated approach to data governance and data quality, organizations can not only reduce risk and improve their operational efficiencies but increase the business value that they derive from their data by empowering teams with data that is understood and of high quality.

Data Governance as Force Multiplier

To do more with less, financial services companies must seek out “force multipliers” that amplify the positive impact that existing resources can have on the organization. That means having the right technology for scalable systems, enabling workflows and automation. It also means adopting organizational frameworks and fostering alignment to support a sustainable approach to compliance with  data governance integrated with data quality enterprise-wide.

At many companies, the journey toward data integrity begins with a decentralized approach wherein different groups across the organization develop their own programs and processes for data quality, data governance, and other elements of data integrity. At some point along the way, though, virtually every organization begins to see the virtues of a unified, centralized framework and a common set of technology tools. Over time, many discover that a combination of centralized tools and processes with a well-defined range of limited autonomy provides for both flexibility and overall effectiveness.

JD Donnelly, Senior Director of Professional Services at Precisely observes that when organizations adopt an ad hoc approach to data governance and data quality, compliance tends to be “a high lift” that involves considerable effort and is wrought with inefficiency.

“As individuals are being tasked with more and more things to do,” he says, “it becomes even more of an additional task, and it becomes more and more difficult.” While not every organization needs a fully centralized governance model, he concludes, the shift toward a common framework and toolset is a step in the right direction.

Core Characteristics of a Sustainable Compliance Program

Throughout many years of working with clients in the financial services industry, Precisely has observed six core principles of a scalable and sustainable data governance program:

1. A centralized knowledge repository that democratizes the collection of information and makes it readily accessible to those who need it while also offering a single source of truth for the entire organization.
2. Identifying which data is most important, then understanding what policies apply, where that data is, and how it fits into the overall compliance picture for financial services.
3. Identifying key relationships and dependencies in the data. This includes understanding the impact of change within one data element on the various other data elements and compliance requirements throughout the organization.
4. Monitoring & improving business quality rules and technical quality rules to define what “good” looks like.
5. Data observability to inform key users of any changes or exceptions that crop up within the data, enabling a more proactive approach to compliance.
6. Visibility, which enables data leaders to proactively monitor data quality and governance standards, their impact on compliance and deliver overall business value for the organization.

Common Use Cases in the Financial Services Industry

Traditionally, use cases around compliance in the financial services industry arise from regular service requirements. Privacy regulations such as GDPR and CCPA, for example, require that institutions permit their customers to remove select types of personal information from internal databases. To achieve that, financial services firms need to know where customer data resides across multiple multiple systems and lines of business.

There are also requirements that prescribe specific uses of personal data. Anti-money-laundering (AML) regulations, for example, call upon banks to determine whether or not individual transactions or patterns appear suspicious. To achieve that, financial institutions must understand who their customers are, to make sure that clients are not transacting with themselves by ensuring that account holders are independent of one another. To achieve that, banks must have detailed information about their customers.

Sanctions represent a somewhat related use case. There are specific people and organizations and countries with whom banks cannot legally do business. Getting this right requires a comprehensive data quality program and data governance program so that financial institutions clearly understand who they’re dealing with. That requires some insights into corresponding banks, originators, and beneficiaries.

Internal controls and fraud detection likewise call for a firm handle on data quality and data governance. Data may reveal cases in which employees are facilitating transactions and account openings. It can uncover instances in which synthetic IDs and stolen identities are in use.

Getting Started with a Sustainable Data Governance Framework

As with so many complex endeavors, an effective approach to data governance should begin with small, meaningful steps aimed at achieving high-priority goals. It’s not necessary to govern all data. Rather, organizations should identify a few primary objectives and focus their attention on gaining traction in those areas.

For example, a financial services organization may choose to focus initially on GDPR and CCPA compliance. By enhancing data quality and data governance with respect to customer data, the company may also strive for an improved 360-degree view of its customers, which enables improved service. These cross-functional synergies make it possible to add value across multiple departments within the organization, all while focusing on a single category of data.

Ultimately, every journey toward data integrity is unique, driven by an organization’s business priorities and strategies. Nevertheless, market trends are accelerating the need for data integrity across all categories of compliance in the financial services industry.

If your organization is striving to do more with less and achieve greater control over data, sustainable compliance, and processes, read our latest report TDWI Checklist Report: Best Practices for Data Integrity in Financial Services.