By Nick Jewell
Published on 2024年9月13日
Banks manage a lot of sensitive data. When an individual opens an account, they provide information that needs protection, from name and address to social security number. The collection doesn’t stop there — insights like transactions and purchasing information help to round out customer profiles. With this data, financial institutions can improve services and make informed decisions – if they can use it safely.
CEO and co-founder, Alation
For these reasons, bank leaders prioritize their customers. Internal and external auditors protect this data by working with many different systems.
This is where data governance comes in. A well-defined program allows banks and financial institutions to use customer data to build trust while meeting compliance mandates.
Data governance involves establishing a continuous process to create and improve policies and standards around managing data to ensure the information is usable, accessible, and protected.
In banks, this means leaders prioritize governance tasks like:
Setting data format standards
Identifying structured and unstructured data that needs to be protected
Tagging data types
Creating roles and assigning responsibilities.
Establishing metrics to quantify effectiveness.
Incorporating automation
Monitoring and measuring to identify improvements
Establishing a data governance program can feel overwhelming, especially at the beginning. But, having all of the puzzle pieces in place allows for better business strategies and supports ongoing compliance programs.
Banks typically prioritize compliance, with regulators visiting their offices frequently, checking off boxes, and monitoring their activities. However, data governance does more than just satisfy the auditors — it can also support business initiatives. Let’s explore some benefits of such a program.
Banks are constantly considering ways to better connect with customers, create new products, or change their operations. They may also want to expand their reach by acquiring a smaller bank or opening a new branch. These decisions aren’t made in isolation. Senior leadership needs access to the right data to make educated choices to adopt innovation and advance the business.
Enabling data access is the first step. To be trusted, this data also needs to meet quality standards. If there is duplicate, outdated, or incorrect data, you can’t rely on it to make decisions. Everyone in the organization, from analysts to senior leadership, should feel comfortable and empowered to use data. Governance programs ensure that you are delivering trustworthy information.
Senior leadership teams and the Board of Directors at banks continuously look at market trends. Throughout the year, your Asset-Liability Committee (ALCO), a group that manages risks related to the bank’s assets and liabilities, also reviews risks from a balance sheet and market perspective.
You need data governance if you want to use analytics in this review. Whether you’re examining market share or stock prices, you want to use all the data possible (both structured and unstructured) to support decision-making.
Do you already have data governance policies and procedures in place? The question is, are they working to enable your employees? And can you measure that impact and use that knowledge to enhance your governance program?
For instance, if your analytics team spends more time cleaning data than analyzing it, that is a problem. At this point, you’re not effectively using your digital or human resources. Adopting a continuous governance process that includes monitoring current policies to understand their actual usage and impact and updating your current policies and procedures can result in better data management and higher-quality data. This means you’re optimizing all your resources, not just the technology ones.
Banks must protect all the information they collect, ensuring it's tracked and managed from start to finish. To do this, teams must know what data they have, where it's stored, and who can access it. This becomes even more important when banks modernize and migrate to the cloud. Understanding where data resides, how to keep it safe, and which rules it needs to follow is key to successful data management programs.
Data governance helps you meet compliance requirements by establishing security and access controls and tagging to safeguard sensitive data effortlessly.
Hurdles are common when implementing data governance in banks. Many are security-related, some are business process-related, some data-related, and others regulatory in nature. Below, let’s explore frequent data governance delivery challenges.
Data complexity and volume - Banks deal with vast volumes of data, including customer information, financial transactions, and market data. Managing this sheer volume and ensuring its quality can be challenging.
Data silos - Financial institutions have disparate systems and databases that lead to data silos. These isolated sources hinder visibility and accessibility.
Data security - Banks are naturally prime targets for cyberattacks. Striking the right balance between data security and authorized access is delicate.
Regulatory compliance - The banking sector is subject to numerous data-related regulations, such as GDPR, Basel III, and the Dodd-Frank Act. Complying with these requires meticulous data governance practices.
Data privacy - Protecting customer data and ensuring its privacy is paramount. Data governance must address anonymization, encryption, and consent management.
Legacy systems - Many banks rely on legacy systems that lack modern data governance features. Integrating data governance into these systems can be challenging.
Change management - Introducing data governance requires cultural and organizational shifts. Support from stakeholders and employees is vital; otherwise, deployment teams may face resistance.
Data quality - Banks face data quality issues such as duplication, inconsistencies, and inaccuracies.
Defining a data governance framework - Creating and building consensus on a governance framework that matches the organization's goals and meets regulations is challenging.
Training and Awareness - Educating employees about data governance and promoting a culture of data responsibility is an ongoing task.
Measuring Success - Measuring the effectiveness of data governance initiatives involves quantifying their impact on the organization.
Cloud Migration and Adoption - Banks must extend data governance practices to their cloud environments as they modernize and transition to private or public cloud infrastructure.
Tackling these challenges requires a well-planned data governance strategy, leadership commitment, team collaboration, and a focus on balancing data security, compliance, and accessibility. Effective governance is a regulatory requirement in banking and can also be a competitive advantage.
In banking, data governance has significant benefits in ensuring data is managed effectively, securely, and compliantly. The top five key benefits in the banking sector are:
Enhances data quality by establishing standards and validation processes, leading to more accurate insights and better decision-making.
Protects and secures sensitive customer information through access controls, encryption, and data classification.
Ensures compliance with data-related regulations, reducing the risk of non-compliance penalties.
Identifies and mitigates data-related risks, allowing banks to manage credit, operational, and compliance risks effectively.
Supports data-driven decision-making by providing high-quality, well-managed data for strategic choices, performance evaluation, and innovation.
Other benefits of data governance in banking include operational efficiency, enhanced customer trust, reduced costs, deeper market insights, thorough auditing, and more. Banking leaders should consider these primary benefits to establish effective practices.
Five key principles of data governance are universally applicable to banking and beyond. These are:
Assign explicit ownership of data assets to individuals or departments. This fosters accountability for quality, security, and compliance — vital components in banking for maintaining trust and regulatory adherence.
Establish well-documented data governance policies and procedures covering classification, access controls, retention, and lifecycle management. These ensure consistent and secure handling.
Implement data quality assessment through tools and processes to uphold accuracy, consistency, and reliability. High-quality data is mission-critical in banking for informed decision-making and regulatory compliance.
Stay updated on data-related regulations and consistently follow them. Conduct routine audits of data procedures to ensure compliance with regulations such as GDPR, Basel, and others.
Use data catalogs to categorize and classify data. Implement metadata management for easier discovery and tracking, making data use efficient while ensuring security and compliance.
Banks prioritize data protection when handling sensitive data, such as personal info and financial transactions. Data governance is crucial to ensure safe and responsible use. Let’s explore some key functional roles that must be defined and assigned to groups or individuals during a data governance program.
Data stewards oversee the daily management of specific datasets, ensuring quality and consistency. They set standards, document data lineage, and resolve data-related issues.
Data owners are responsible for specific data assets, including decisions about access, security, and alignment with business goals.
Data custodians manage the technical aspects of data, including storage, access controls, and encryption, in collaboration with data owners and stewards.
Data governance managers lead the overarching program. They define policies, coordinate roles, and align them with organizational strategies.
In some organizations, the chief data officer (and team) oversees data strategy and governance and ensures alignment with business goals.
Data quality analysts improve data quality by creating metrics and working with data stewards to resolve issues.
Data compliance officers ensure that data governance practices meet legal and industry regulations crucial in the banking sector.
Business data analysts bridge the gap between business and IT, ensuring data governance aligns with business needs.
Data architects design data infrastructure and models to support data governance objectives efficiently.
End users play a role in data governance by following policies, using data responsibly, and providing feedback on quality.
Last but certainly not least, senior executives lead and support by securing resources and encouraging the adoption of data governance.
In the banking sector, these roles work together to set data governance frameworks, define standards and policies, maintain security and privacy, and support data-driven decision-making while complying with regulatory requirements.
Implementing data governance in banking involves establishing a structured framework and processes to manage, protect, and utilize data assets within the financial institution. This framework ensures accuracy, security, and compliance with regulatory requirements.
In banking, a set of key principles and practices drives a data governance operating model:
Data Classification - By categorizing data based on sensitivity and importance, banks can prioritize security measures and access controls for different types, including customer information, financial transactions, and internal records.
Governance Framework - includes roles and responsibilities for data stewards, owners, and compliance officers. It also outlines decision-making processes and establishes accountability.
Data Standards - Standards are developed to maintain data consistency and quality. This includes naming conventions, formats, and data quality rules. Standardization ensures that data is accurate and reliable.
Data Stewards - Assigned to specific data sets and responsible for ongoing management. They monitor quality, resolve issues, and enforce governance policies.
Access Controls: To protect sensitive data, restrict data access to authorized personnel only, and grant access rights based on roles and responsibilities.
Compliance and Privacy - Banks adhere to data privacy regulations, such as the GDPR or industry-specific requirements. Data governance practices ensure compliance with these, reducing the risk of non-compliance penalties.
Data Quality Management - Data quality is continuously monitored and improved. High standards are maintained through profiling, cleansing, and validation processes.
Documentation and Metadata - Detailed records must be maintained, including data lineage and metadata. This documentation assists in finding data, comprehending it, and meeting regulatory reporting requirements.
Training and Awareness—Employees and stakeholders receive training on data governance policies and best practices. Promoting awareness and responsibility is essential.
Monitoring and Auditing - Tools and processes monitor data usage, quality, and compliance. Regular audits help identify areas for improvement and ensure adherence to governance policies.
Iterative Improvement - Data governance is not a ‘one and done’ project. It’s an ongoing process that adapts to changing business needs, regulations, and technological advancements and requires continuous assessment and refinement.
Technology Support - Technology solutions automate processes, track data quality, and facilitate stakeholder collaboration to support data governance.
Implementing data governance in banking establishes a robust operating model framework that ensures data is treated as a valuable asset, protects against risks, and enables informed decision-making while maintaining regulatory compliance.
A successful data strategy in banking requires taking both offensive and defensive approaches.
Most banks and financial institutions understand traditional defensive data strategies, including:
Protecting data and enforcing data privacy
Ensuring the integrity of financial reports
Identifying, standardizing, and governing authoritative data sources
Modern strategies also need to consider so-called offensive data strategies as well. This includes using data to increase key metrics such as:
Revenue
Profitability
Customer satisfaction
Balancing the offensive and defensive can be difficult, especially for banks. You want to use data to drive better customer experiences, yet you’re also burdened with intense regulatory oversight. Modern data catalogs effectively support a flexible and robust data governance strategy.
Selecting the right data governance platform is critical beyond simply choosing a tool based on superficial functionality or analyst positioning. A data governance solution must closely align with your organization’s unique needs and long-term goals.
Even a platform with well-regarded capabilities can become a source of frustration if it doesn’t integrate well with existing systems or if the user adoption process is too complex. Beyond evaluating a platform's technical features, look to ease of use, training requirements, and the overall impact on your team’s productivity. A steep learning curve and high costs associated with rollout and adoption can often be missed during a purely technical vendor evaluation, leading to significant failures when deployed to the enterprise.
When banks adopt a plan to centralize and unify their data in platforms such as Snowflake or Databricks, there’s a crucial distinction between a policy-driven, centralized approach and a more user-friendly, less-invasive decentralized model for data governance.
While a centralized approach might seem ideal for maintaining strict controls, it can lead to rigidity and operational inefficiencies and is often perceived as inflexible by everyday users. On the other hand, platforms that emphasize data discovery and collaboration may offer the flexibility needed to develop a more agile and responsive data governance environment.
In highly regulated commercial banking environments, rigorous compliance trumps all other needs at the risk of financial penalties or sanctions. However, a democratized approach to data governance is often a long-term success that empowers the whole organization to work more effectively with data versus the “command and control”-style enforcement of governance from above, which never truly captures the spirit of innovation or data culture.
Some form of data governance will likely already be in place to meet statutory regulations, so platform selection is rarely a green-field exercise. Ultimately, deciding to switch platforms or stay with an existing one hinges on clearly understanding how well the solution can deliver on its promises. Cost considerations are significant, but they must be weighed against the potential risks of inadequate governance or prolonged integration issues.
As alternatives are explored, ensure that any platform offers short-term savings and long-term value, supporting your organization’s growth and compliance needs without sacrificing usability or support. The right choice will empower your team to achieve operational efficiency and strategic innovation, turning data governance into a true competitive advantage.
Let’s explore how other banks and financial services companies are using data governance programs for competitive advantage:
Fifth Third Bank has hundreds of employees using data every day. To improve compliance and deliver an improved customer experience, they moved from a “command-and-control” governance approach to a non-invasive alternative and saw significant results. Sebastian LaRosa, Director of Data Platforms, Vice President at Fifth Third Bank, says, “Data is at the core of running our business, and Alation is at the center of our data ecosystem. By empowering our teams with knowledge about our data, we are lowering the barrier for generating insights and can provide a better customer experience.”
Alation is the foundation for data governance at GXS. As a new bank, GXS used Alation for metadata cataloging and tagging as they created their Snowflake data lake. As new data is added to Snowflake, it is tagged in Alation to guide users in properly using it, including consumers’ personally identifiable information (PII). They also used Alation to identify data owners and to create a glossary to define terminology clearly. GXS relies on Alation’s lineage capabilities to trace back source tables and understand downstream impact to enable users to understand and discover their data assets better.
“Alation provides the platform and capability for stakeholders — business stakeholders as well as enterprise — to be able to search for the data they need, and for them to understand that the data that they need is defined such that they have confidence in using that data for their business needs,” says Dr. Wong.
Alation makes it easier for financial institutions to balance offensive and defensive data strategies. Our data catalog breaks down the department-specific silos that they often have in place. This enables leadership to drive innovation and deliver better services and experiences.
Alation enables active data governance and compliance because banks must meet strict requirements. We provide a way to comply with Basel III, GDPR, and many more regulations without limiting the ability to use data effectively.
It is more important than ever to use data effectively while mitigating risks. Today’s data-driven businesses can use governance to grow without worrying that their analytics will put them at risk.
Want to learn more? Dive into our Customer Case Study to learn how Discover Financial Services accelerates innovation through faster, metadata-driven pipeline creation with Alation.
Data governance means putting in place a continuous process to create and improve policies and standards around managing data to ensure that the information is usable, accessible, and protected.