Opportunity to apply lessons learnt in my new job

April 13, 2013

This week I started a new job as Head of Customer Information at Bank of Ireland in Dublin. I am excited at the prospect of applying the lessons I have learnt for the benefit of our customers.

I would like to take this opportunity to thank my fellow data management professionals worldwide for generously sharing their experience with me. I started to write this blog in 2009. My objective was to “Share my experience and seek to learn from the experience of others”. I have certainly learnt from the experience of others, and I hope to continue to do so.

The opinions I express on this blog will continue to be my own. I look forward to continuing to hear yours.

4 Comments | Data Governance, Data Quality, Information Management, Master Data Management, MDM, Regulatory Compliance, Single Customer View | Tagged: , , , , , , , | Permalink
Posted by kenoconnordataconsultant

FSA imposes £2.4million fine for inadequate risk reporting systems

March 18, 2013

London 18th March 2013 – FSA imposes £2.4million fine for inadequate risk reporting systems, which led to a failure to keep investors informed ahead of a profit warning which wiped 57% off the company’s share price. (See London Evening Standard: “Watchdog gets tougher as oil-rig firm Lamprell is fined £2.4 million over stock market breach“).

Oil services group Lamprell is not a bank. However, Lamprell could have avoided this fine, if they had implemented the new BCBS principles for effective risk data aggregation and risk reporting practices, as published in January 2013; principles, which I describe in a previous post as Data aggregation and reporting principles – applied common sense

I include below some quotes from the article, and in parentheses, the relevant text from the BCBS principles:

  • The FSA said that monthly reports to the board had been totally inadequate for a company of its size and that such reports were delivered late.”
    (Principle 5: Timeliness. Paragraph 44 “A bank’s risk data aggregation capabilities should ensure that it is able to produce aggregate risk information on a timely basis to meet all risk management reporting requirements.”)

  • “It also said the takeover of a rival in 2011, which doubled Lamprell’s size, had left the company using too many different reporting systems.”
    (Principle 1 Governance. Paragraph 29. A bank’s risk data aggregation capabilities and risk reporting practices should be… Considered as part of any new initiatives, including acquisitions and/or divestitures… When considering a material acquisition, a bank’s due diligence process should assess the risk data aggregation capabilities and risk reporting practices of the acquired entity, as well as the impact on its own risk data aggregation capabilities and risk reporting practices. The impact on risk data aggregation should be considered explicitly by the board and inform the decision to proceed. The bank should establish a timeframe to integrate and align the acquired risk data aggregation capabilities and risk reporting practices within its own framework.)

Tracey McDermott, FSA director of enforcement and financial crime, said: “Lamprell’s systems and controls may have been adequate at an earlier stage, but failed to keep pace with its growth. As a result they were seriously deficient for a listed company of its size and complexity, meaning it was unable to update the market on crucial financial information in a timely manner.”

The moral of the story… ensure your organisation, regardless of your industry, applies the common sense set out in: “Data aggregation and reporting principles – applied common sense“.

 

Leave a Comment » | Basel III, Data Governance, Financial Regulator, Information Management, Regulatory Compliance | Tagged: , , , | Permalink
Posted by kenoconnordataconsultant

The growing demand for food and data provenance

February 26, 2013

Last November, I presented in London at the Data Management and Information Quality Europe 2012 conference. My presentation was called Do you know what’s in the data you’re consuming.

In the presentation, I compare the data supply chain with the food supply chain.

I believe that data consumers have the right to be provided with facts about the content of the data they are consuming, just as food consumers are provided with facts about the food they are buying. The presentation provides guidelines on how you can improve your data supply chain.

Little did I realise in November that within 3 months the term “provenance” would be hitting the headlines as the European horsemeat scandal grows.

There’s a silver lining in this food scandal for data quality management professionals. As financial regulators increasingly demand evidence of the provenance of the data provided to them, it is now easier for data quality management professionals to explain to their business colleagues and senior management what “data provenance” means, and what it requires.  Retailers, such as Tesco, must have controls in their supply chain that ensure that the food they sell to consumers only contains “what it says on the tin”. Similarly, financial services organisations providing data to financial regulators must have controls in their data supply chain that ensure the quality of the data they provide can be trusted. Regulators are now asking financial services organisations to demonstrate evidence that their data supply chain can be trusted. They require organisations to demonstrate evidence of their data provenance, as applied to their critical or material data.

But what exactly is “data provenance”? The best definition I have seen comes from Michael Brackett in his excellent book “Data Resource Simplexity“.

“Data Provenance is provenance applied to the organisation’s data resource. The data provenance principle states that the source of data, how the data were captured, the meaning of the data when they were first captured, where the data were stored, the path of those data to the current location, how the data were moved along that path, and how those data were altered along that path must be documented to ensure the authenticity of those data and their appropriateness for supporting the business”.

Enjoy your “beef” burger!

1 Comment | Basel III, Data Governance, Data Quality, Financial Regulator, Information Management, Regulatory Compliance, Solvency II | Tagged: , , , , , | Permalink
Posted by kenoconnordataconsultant

The link between horse meat in beef burgers and data quality management

January 16, 2013

It was reported today that Horse DNA was detected in tests performed on frozen “beef” burgers in a number of UK and Irish supermarkets. This has come as a shock to consumers, who assumed that quality controls were in place to ensure that food contains only what it says on the label. It appears the quality controls did not include a specific test for the presence of horse meat.

Photograph: Matt Cardy/Getty Images

In an earlier blog post, I asked “Do you know what’s in the data you’re consuming?” In that post, I proposed that, as data consumers, we have the right to expect facts about the business critical data we consume – just as food consumers are provided with nutritional facts. Today’s news reminds us to be clear about the data quality facts we ask for. 

The old adage applies “If you don’t measure, you can’t manage”.

Leave a Comment » | Data Governance, Data Quality, Information Management, Master Data Management, MDM, Regulatory Compliance | Tagged: , , , | Permalink
Posted by kenoconnordataconsultant

Basel Committee issues “Principles for effective risk data aggregation and risk reporting – final document”

January 9, 2013

Today, 9th Jan 2013, the Basel Committee on Banking Supervision issued a press release announcing the final document “Principles for effective risk data aggregation and risk reporting.

I wrote two posts on the consultation paper, when it was issued in June 2012.

1. Data aggregation and reporting principles – applied common sense

2. Risk data aggregation and risk reporting – Board and senior management responsibilities

I’m pleased to see that the final document retains the applied common sense approach set out in the June 2012 version. Working together with other independent data professionals, I provided feedback to the Basel Committee on the June consultation paper. Our feedback, together with that from banking organisations worldwide was also published today – See feedback and comments. The final document has taken on board the feedback from all of the contributors and provided additional clarification where requested. For example, Annex 1 has been expanded considerably to explain all of the “Terms used in the document”.

Banks need to start working on compliance plans immediately. To quote paragraph 87 of the docment “National banking supervisors will start discussing implementation of the Principles with G-SIB’s senior management in early 2013. This will ensure that banks develop a strategy to meet the Principles by 2016.”

While compliance with the principles is mandatory for G-SIBS (Globally Systemically Important Banks), the document makes it clear that all banks should implement the principles. Paragraph 15 states “It is strongly suggested that national supervisors also apply these Principles to banks identified as D-SIBs (Domestic systemically important banks) by their national supervisors three years after their designation as D-SIBs.  

As I point out in Data aggregation and reporting principles – applied common sense, all organisations in all industries would benefit by applying these principles. Simply remove the word “Risk”, and one has “Principles for effective data aggregation and reporting”.

What do you think? Please post your views below. Join the debate.

1 Comment | Basel III, Data Governance, Data Quality, Financial Regulator, Regulatory Compliance | Tagged: , , , , | Permalink
Posted by kenoconnordataconsultant

The dog and the frisbee and data quality management

September 18, 2012

The Wall Street journal reported it as the “Speech of the year“.

In a speech with the intriguing title “The dog and the frisbee“, Andrew Haldane, the Bank of England Director of Financial Stability has questioned whether the Emporer (in the form of ever increasing, ever more complex regulations such as Solvency II, BASEL III and Dodd Frank) is naked. He points out that the BASEL regulations, which have increased from 30 pages to over 600 pages completely failed to identify banks that were at risk of collapse, while a simple measure of the bank’s leverage ratio did identify them.

He also points out “Dodd-Frank makes Glass-Steagall look like throat-clearing.” The Glass-Steagall act of 1933, which separated commercial and investment banking, ran to a mere 37 pages; the Dodd-Frank act of 2010 ran to 848, and may spawn a further 30,000 pages of detailed rule-making by various agencies.

I recommend you read the speech yourself – his arguments, together with his wit are superb. I include a brief extract below:

‘In the UK, regulatory reporting was introduced in 1974. Returns could have around 150 entries. In the Bank of England archives is a memo to George Blunden, who was to become Deputy Governor, on these proposed regulatory returns. Blunden’s handwritten comment reads: “I confess that I fear we are in danger of becoming excessively complicated and that if so we may miss the wood from the trees”.

Today, UK banks are required to fill in more than 7,500 separate cells of data – a fifty-fold rise. Forthcoming European legislation will cause a further multiplication. Banks across Europe could in future be required to fill in 30–50,000 data cells spread across 60 different regulatory forms. There will be less risk of regulators missing the wood from the trees, but only because most will have needed to be chopped down.’

Brilliant !

Andrew Haldene is calling for more simple, basic rules. I agree with him,

I have worked in data management for over 30 years. The challenges I see today are the same challenges that arise time and time again. They are not Solvency II specific, BASEL specific, or Dodd Frank specific. They are universal. They apply to all critical data within all businesses.

The fundamental truth is “The data is unique, but the data management principles are universal”

It is time to stop writing specific data management and data quality management requirements into specific legislation.  They should all seek to refer to a common sense universal standard, such as that proposed by the Clear Information Framework – and put the effort into improving such a standard.

What do you think? I welcome your comments.

2 Comments | Basel III, Data Analysis, Data Governance, Data Profiling, Data Quality, Financial Regulator, Information Management, Master Data Management, MDM, Regulatory Compliance, Single Customer View, Solvency II | Tagged: , , , , , , , | Permalink
Posted by kenoconnordataconsultant

Risk data aggregation and risk reporting – Board and senior management responsibilities

July 25, 2012

Post #2 in my series on Data aggregation and reporting principles – applied common sense

I was saddened to hear of the death on July 16th of Steven Covey, author of The Seven Habits of Highly Effective PeopleI have found the 7 habits very useful in my work as a data consultant.

Two of the habits apply directly to this blog post.

  • Habit 1: Be Proactive
  • Habit 2: Begin with the End in Mind

I imagine the authors of the Basel Consultative document “Principles for effective risk data aggregation and reporting principles” are also familiar with the 7 habits, since the principles appear to be based on them.

Habit 1: Be Proactive

Regulatory supervisors expect the board and senior management to “be proactive” in taking responsibility for risk data aggregation and risk reporting.  The following quotes from the document illustrate my point:

Section I. “Overarching governance and infrastructure”

Paragraph 20: ”… In particular, a bank’s board and senior management should take ownership of implementing all the risk data aggregation and risk reporting principles and have a strategy to meet them within a timeframe agreed with their supervisors… by 2016 at the latest.”

Paragraph 21. ”A bank’s board and senior management should promote the identification, assessment and management of data quality risks as part of its overall risk management framework…. A bank’s board and senior management should review and approve the bank’s group risk data aggregation and risk reporting and ensure that adequate resources are deployed.”

Habit 2: Begin with the End in Mind

I advise my clients to “Begin with the end in mind” – by defining clear, measurable and testable requirements.

The authors of the Basel principles appear to agree.  The board and senior management are the people who must assess the risks faced by the financial institution, therefore they are the people who must specify the information they want in the risk reports. Don’t take my word for it – the following quotes from the document illustrate my point:

Principle 9: Clarity

Paragraph 53. ”As one of the key recipients of risk management reports, the bank’s board is responsible for determining its own risk reporting requirements.

Paragraph 55: ”Senior management is one of the key recipients of risk reports and is also responsible for determining its own risk reporting requirements.”

What is the impact of the above? 

Regulators will expect to see evidence of documented risk reporting requirements, signed off by the board and senior management.

Where are yours?

1 Comment | Basel III, Data Analysis, Data Governance, Data Quality, Regulatory Compliance | Tagged: , , , , , , , | Permalink
Posted by kenoconnordataconsultant

« Previous Entries
Follow

Get every new post delivered to your Inbox.

Join 1,688 other followers

%d bloggers like this: