By Charles Southwood, Regional VP – Northern Europe and MEA at Denodo
Governance, compliance, security. In today’s landscape, these three pillars are never far from the boardroom agenda – regardless of an organisation’s size or sector. However, for those operating within financial services (FS) they’ve never been more important or harder to achieve.
Thanks to the digital transformation taking place across the sector, in recent years, there has been an exponential boom in the amount of data and personal information that FS companies need to manage. If used correctly, this data could unlock multiple opportunities, both in terms of revenue and customer experience initiatives.
However, before FS companies can reap the rewards, they need to be sure that they can adequately protect and secure data, whilst also complying to mandatory regulatory requirements and governance laws. If not, they risk substantial monetary fines and potentially devastating reputational damage.
Getting ahead of these challenges has become the key to success for FS organisations. But, it’s no easy feat. There are, however, certain steps that can be taken to relieve the many pressure points along the path to compliance, many of which are still being overlooked.
Regulation waits for no man, woman or FS business
Regulatory compliance in the financial services sector is a complex field to navigate. Whether its potential financial fraud or money laundering, risk comes in many forms and, due to their very nature, FS businesses are under heavy scrutiny when it comes to achieving the highest levels of data governance. When tackling the sources of risk, it’s critical to bring together a diverse range of data sources in order to look for patterns and anomalies.
The General Data Protection Regulation, which encourages organisations to comply with more stringent requirements for the protection of personal data, is probably the most cited and talked-about legislation of its kind. Since its implementation in 2018, many companies have fallen foul of its guidelines and paid the price; Google being one of the first, with a fine of £44 million.
For FS organisations, GDPR is just the tip of the iceberg. In recent years the Markets in Financial Instruments Directive (MiFID II), the requirements for central clearing and the second Payment Service Directive (PSD2) have all forced significant changes on the banking environment and brought with them new hurdles to overcome. These regulations are not optional. They must be met both effectively and quickly if an organisation is to avoid the number of repercussions that go hand-in-hand with failure to comply.
But, thanks to the digitisation of the industry and a new wave of innovation which – in many ways – has been encouraged by the increasing popularity of challenger banks and fintech startups, many FS companies are currently juggling a never-ending stream of data. This data is often complex and of poor quality. Structured and unstructured, it is stored in many different places – whether that’s in data lakes, on premise or in multi-cloud environments.
It can be extremely difficult to know exactly what information an FS organisation holds, let alone ensure that this information meets the requirements laid out by industry regulations.
This is where modern technologies such as data virtualisation can help. By providing one single, logical view of all data, no matter where it resides, or what format it is in, data virtualisation grants early and high visibility of information, making the compliance challenge easier to overcome. By using a ‘logical’ view for data insights, governance, security and compliance can also be centralised, vastly improving control and obviating the need for repeatedly moving and copying the data around the enterprise. This can have an immediate impact in terms of enabling FS organisations to avoid data proliferation and ‘shadow’ IT.
Many organisations have ‘containers’ of data which already hold a lot of the information needed to ensure compliance. When new regulations emerge, much of that data will have been worked on already and potentially consolidated in one or more data lake or data warehouse. If a new regulation is put in place, data virtualisation provides a way to easily find and access that data so FS organisations can respond – without having to worry about alternative versions of that data – and ensure that they remain compliant from the offset. Companies who have introduced data virtualisation are typically reporting savings in development and deployment times of 70-90% over traditional methods.
In addition to this, a longer-term benefit of data virtualisation is that it makes a business substantially more agile as it is possible to set up access to governance rules and personal data audits. Operators can easily select who has access to what information within the wider organisation. They can alter settings for sharing, desilo-ing, masking and filtering through defined, role-based data access. This ultimately enables FS organisations to take back control, even down to the finest details.
The key to compliance
Compliance is an issue not set to go away anytime soon. In fact, its role is only likely to increase as law catches up with technological advancement. While companies may think they are ahead now, that could all change with the introduction of a new regulation or mandate. If we look back, we can see where this has happened before, most recently with GDPR. Many organisations were left changing their data strategies with just days to spare, desperate not to have to pay the price.
For FS organisations, ensuring that their operations and processes align with the latest regulations is of the utmost importance. It is only then that they can make the most of the huge amounts data that they now hold to inform business decisions and stand out from their competitors.
By providing a 360-view of all information stored across an organisation, data virtualisation is emerging as the secret weapon in the battle for compliance.