BFSIBusiness Functions

Practical steps to enhance your corporate governance framework with a data governance function alongside a risk appetite

By Tejasvi Addagada, Data Strategist and Privacy Leader

Tejasvi Addagada

The impact of corporate Governance on a firm’s value has become a great interest for shareholders, practitioners, and government regulators. An increasing trend recently noticed is the stakeholders garnering interest in corporate governance aspects while firms create long-term value.

The general principles of corporate Governance are aligned to foster and sustain an environment of accountability, transparency, and trust, thereby supporting a more purposeful society. The relationship in its perceived sense between the management, board, shareholders, stakeholders, including employees, is based on trust. Trust is a perceived qualitative facet that cascades from an enabling yet controlled environment that essentially is created by the board stewarding best practices.

I have highlighted specific priorities of corporate Governance that add value by aligning with Data Governance Tone at the top and effective communication in grassroots, Self-assessment and continuous improvement,   Accountability, Quality of data and decision making, Risk and Compliance, Ethics and Culture.

Ethics and culture, along with accountability and consistency, are critical to organizations’ principled performance. These aspects, specifically data ethics, are qualitative facets, but you can gauge them with an appropriate review framework that includes holistic data-management requirements. Customize the yardstick as well as benchmarks based on a focused executive and grass-root study.

The final report can consist of qualitative and quantitative analysis, capability gaps, and features to match the maturity level agreed by the board to create value. It is vital for a data officer to speak up as a vibrant voice and have constant communication with the board to define the risk associated with data and the trust stakeholder have about data.

In your organization, who has ownership of imbibing an intrinsic data culture – “Is it a Data Office, Risk Office, IT, Ethics, or Compliance?”

Corporate Governance cannot be effective in the absence of proactive risk management; Also, Data governance can be more effective if the risk associated with data can be included in the overarching risk management framework. While value continues to dominate the Data Governance priorities in organizations, imbibing an active risk-based approach is essential. Risk appetite articulates the tolerance levels for data-risk that an enterprise is prepared to accept in the execution of its strategy.

The guidance in countries from regulators, especially around data privacy and Governance, has been fast influential since the General Data Protection Legislation came into effect. Most frameworks stress on legitimate processing of personal data from natural people and emphasize maintaining personal qualitative data. The organizations can relate and align their data governance frameworks to such compliance programs that impact regulatory risk and compliance.

Data Governance enables us to harness the correct data required for efficient decision-making by management and the board. Also, reporting using quality data for compliance ensures building confidence in regulators. The first line of defense with business operations has accountability to own these quality metrics associated with managing their data. A few questions to ask yourself:

“Are your thresholds for data quality, security, and privacy management in line with your enterprise’s risk appetite and tolerance?”

“How often do your organizational risk priorities, appetite, tolerance, and limits change – annually or bi-annually?”

Financial institutions that have accounted for risk principles in Data Governance are significantly well prepared for the upcoming changes that may result from regulators asking firms to maintain consistency in running compliance programs. The scenario with most organizations is very similar to quoting, “We think we are prepared to monetize data, but we can still re-look at our risk appetite to be confident.”

Moreover, compliance can take a broad role in building accountability to drive fairness in managing data and using a mix of discipline and incentives to promote accountability and consistency from data-based regulatory programs. This cross-alignment of compliance, risk, IT, Internal Audit with the data office makes organizations more effective across all lines of defense. Business lines can combine a strong culture of adhering to thresholds on quality and managing their data-risk exposure. If we can take a step back to the basics, data has always been owned by Business lines to make it more effective for creating value to customers and using this value on balance sheets.

Corporate Governance is not limited to earlier narratives, and it also includes environmental awareness, ethical behavior, corporate strategy, and compensation. The basic principles are accountability, transparency, and fairness, structured around aspects of purpose, people, process, and performance. Good corporate Governance creates a transparent rule book in which internal stakeholders, including data owners and stewards, have aligned incentives along with shareholders while the earlier make data-trusts out of organizations.

I have put my vivid thoughts that can help provide direction to your Data Governance in alignment with your Corporate Governance –

  1. Is risk management integral to your Data Governance program or function? Or does your operational risk management take into account data management principles?
  2. Have you considered addressing gaps and enablers between risk and data functions?
  3. Have you accounted for priorities like Regulatory risk associated with data quality or consistency, and have you cascaded these risks to your operational frameworks to reflect these priorities?
  4. Does your critical-data-element framework take into account risk parameters apart from value parameters?
  5. How differently do you manage data that is high risk or high value from perceived low-risk and value?

 

About the author: Tejasvi Addagada is a data strategist and privacy leader in the Financial services Industry across the Globe. He helps to build and optimize data management and governance solutions. He is an early data provocateur in the industry, connecting with many thought leaders, in standardizing facets of data operations. His write-ups address common challenges and opportunities that organizations need to embrace in carving their way forward.

Tejasvi published his best-seller, Data Management and Governance Services: Simple and Effective Approaches.

Show More

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

Back to top button