The blind spot

Two recent cases, with Citibank and Morgan Stanley, both related with data governance failures, raise a few questions about how data is being governed in most of the organizations, and the risks they are actually incurring, either from the regulatory compliance perspective, but also related with operational risk and the effective quality of their decision processes.

Although both the situations mentioned above are fairly different, they both sit on critical failures in their data governance processes.

Citibank was fined in $400 million for “serious and longstanding deficiencies and unsafe or unsound practices” in the areas of risk management, data quality management, internal controls, and data governance.

Morgan Stanley was fined in $60 million fine for repeated failures to adequately protect customer data when disposing of old equipment, not maintaining inventory of the customer data on those systems, and not properly overseeing the contractors it hired to make sure customer data had been wiped from that equipment.

In both situations, the necessary data governance processes, did not work or where not existent.

When this happens to two of the world’s largest banks, we cannot help but to think what the situation in smaller organizations is.

What can be some of the negative impacts of failures in data governance?

  • Manage and use the available data – Organizations have been accumulating larger and larger volumes of data, from numerous sources and formats. Most of the data being produced and gathered results from ad-hoc initiatives, without any alignment with business goals and strategy.

  • Data availability – Making the right data available to the right person at the right time is more than ever a competitive advantage, impossible without the alignment of the needs of all data stakeholders.

  • Poor quality data – The existence of multiple systems, each with different rules and policies, with different quality assurance mechanisms, data that is used in multiple analytical systems, distributing data of poor or unknown quality across the organization, impacting both operation and the decision processes.

  • Bad decisions - An organization’s decision process depend on the quality and reliability of the data. With it will impact the business negatively, with financial repercussions.

  • Reduced productivity – Data is useless if it can't be found in a timely and efficient manner, and this impacts directly the productivity of workers that need to access multiple systems and spend huge part of their time consolidating information, when they find it.

  • Data breaches – Being unable to control what data exists within the organization, where is located, increases the security risks.

  • Compliance costs - In highly regulated industries, most of the regulations are inherently data centric and even looking beyond data and into the governance processes (ex: BCBS 239)

From this quickly assembled list it’s easy to conclude that failures in data governance have a direct impact on business performance, with financial costs that can be easily assessed if we look at the cases of Citibank and Morgan Stanley.

Not having an efficient data governance framework in an organization creates a blind spot, room for the unknown in one if the organizations most critical assets: Data.

The real question is: How many organizations are working on a data blind spot?