Accelerate Regulatory Compliance with Informatica
The 2007-2008 global financial crisis led to multiple regulations created to protect citizens, banks and the economy itself. Dodd-Frank, Markets in Financial Instrument Directive (MiFID) II, BCBS 239 etc. all define numerous principles, guidelines and imperatives that need to be complied with, sometimes at very high costs. But even after spending millions of dollars there remains a lot to be done, especially to accelerate regulatory compliance.
A case in point is BCBS 239. It consists of 14 principles that need to be adopted for full compliance. The principles were first published in Jan 2013 with the implementation deadline of Jan 2016 for G-SIBs (global systemically important banks). A recent report however suggests that only 1 GSIB could satisfy all the required principles and the Basel committee is now urging banks to step up efforts to comply.
Complying with these regulations is a complex, enterprise-wide exercise that requires consolidation of information across a broad range of functions and legal entities. However, while there are multiple regulations, a common data management theme across all of them is- the need to be transparent. For example, when banks are asked to report aggregate risk metrics for BCBS 239, they are also asked to prove to the regulators that the risk scores have been arrived correctly by:
- Showing data lineage from data source to report: where was data originated, how it was transformed, what processes and decisions affected its life-cycle
- Demonstrating Data Quality Controls: identification, assessment and management of data quality
- Displaying enterprise wide understanding of business concepts: by making a data dictionary of concepts available to appropriate teams in the organization
A banking CDO that I was talking to recently, had a team of 20+ people charged with manually drawing lineage diagrams for BCBS 239. Over two years, they had developed lineage diagrams for 200+ risk metrics. While these diagrams included multiple dimensions like quality, people, processes etc. they were:
- Onerous to create: as it required for this team to talk to multiple data owners across functions to understand which key data elements were stored and how they moved
- Onerous to maintain: as it required the team to keep track of even small changes that happened within the source systems
This is where Informatica can help. With Informatica’s integrated data governance stack*, customers can now take advantage of an intelligent solution for data governance and compliance. Below, I cover a few ways in which Informatica’s Enterprise Information Catalog, the machine learning based data discovery and cataloging solution can accelerate compliance by providing automated mechanisms to make existing data management practices be more transparent:
Smart Cross-system Data Discovery: Using machine learning and rule based approaches, Enterprise Information Catalog can automatically identify key data elements by scanning enterprise data sources. EIC has pre-built connectors to automatically scan a wide variety of data sources including databases, data warehouses, Cloud Applications, Big Data Sources, Cloud databases, BI Tools, Modeling tools and more. Additionally, the domain discovery capability allows EIC to auto-infer whether a key data element exists in a resource by looking for data patterns, column names, reference data values, etc. This step saves the governance team multi-weeks of effort as key data elements are automatically identified across systems without the need to manually look for them in meetings.
Automated Data Lineage Diagram creation: EIC extracts metadata from multiple sources including ETL tools, BI Reports, SQL Procedures to create a comprehensive and end-to-end lineage diagram automatically. Because this information is extracted from source systems directly, it is much more reliable than hand drawn diagrams, which could have stale data. A catch here is that due to the nature of the data movement processes in organizations, it may be difficult to capture all data movement processes automatically. Especially manual tasks (hand keying data) or data movement that uses proprietary hand coded applications. However, the technical lineage diagram can provide the governance team a head start, again saving them weeks of effort. It can also help in validating the accuracy of existing lineage diagrams.
Collaborative Catalog for Business and IT: It is especially important for regulated organizations to have both business and IT aligned across data definitions, policies and initiatives. This ensures consistency in the way data is created, used and communicated across the organization. Enterprise Information Catalog provides an unified view of all metadata (business, technical, relationships, quality, lineage, usage…) which is accessed through a powerful search interface and provides business and IT a single place to collaborate on data assets. All the work done in defining and enriching business context around data assets, is also used by business users in discovering the right data asset for their discovery needs.
More regulations are around the corner. In almost a year, all organizations handling EU citizens’ personal data must comply with the new General Data Protection Regulation (GDPR). Non-compliance will cost up to US$22 million or 4 percent of annual global turnover and the deadline is May 2018! CDOs and Organizations do not have the luxury to react to individual regulations separately anymore. Instead it is now time to look at principles like transparency and automation which are core to any governance strategy.
*Informatica recently introduced Informatica Axon, the industry’s first fully integrated, enterprise data governance solution. Axon integrates seamlessly with Enterprise Information Catalog and other industry-leading Informatica data management solutions for data quality, master data management, big data and cloud to form the only complete, unified data governance offering, for any market and any size enterprise.