The most recent McKinsey-IIF survey on risk data and technology shows that banks are making significant investments in data management in order to meet BCBS 239 and other compliance targets.
Ironically, according to bank’s own quantified self assessments, overall compliance levels have declined since 2015 in spite of this investment.
Why is this?
For regulatory projects the key focus has been on getting the basics right, as well as on starting the journey of deepening management accountability.
Banks are focusing on documentation and selective remediation. In most cases, automation of key data governance processes and capabilities is just starting, or is scheduled for a later date.
These tactical solutions mean that banks are meeting their compliance deadlines but with limited ability to reuse and / or scale to meet anticipated future needs.
We are starting to understand what we don’t know
A side effect of the investment made is that bank’s are now starting to understand the technical requirements for compliance more deeply. Through their evaluations banks are now discovering previously unknown gaps in their coverage that must be addresses in the future.
Data quality remains one of the biggest challenges to compliance
The survey identifies poor front-office controls leading to poor data quality in systems of origin. This problem is compounded by the poor data architecture and corresponding operation inefficiencies impacting many banks. Resolving these twin issues will require investment over the next few years.
Shift from change the bank to run the bank
The survey finds that leading banks’s are getting benefit from the data program.
Leading banks differ from the pack in three key areas:
- Data management is seen as a strategic enabler that goes beyond regulaotry compliance. leading baks look to differentiate through enhanced customer analytics, improved risk management and increasing operational efficiency. Data governance and data quality are seen as key business enablers, not as tactical risk costs.
- Related to point 1 is that data governance and data quality initiatives need to become embedded as every day business as usual functions. By addressing front-office data quality gaps, for example, banks will both increase the operational efficiency and increase compliance. Remediation efforts must begin to look at stopping bad data from entering the system, rather than at reporting in it and fixing it once it has been captured.
- Finally, leading banks are moving towards a harmonised data vision and strategy that drives value across divisions and geographies. The data environment, quality controls and governance mechanisms created for compliance should support broader business goals and create value. Data governance and data quality processes must be automated and banks must develop advanced analytics capabilities to enable the business.
We are witnessing shifts of this nature in our clients – as data management investments are increasingly being driven by broader initiatives than risk.