I added the following comment “I agree with you – lightweight governance is the way to go – as you say “just formalized enough” Data Governance framework, creating “good enough” deliverables to record your decisions, alternatives, precedents, drivers, policies, procedures/processes, business rules, enforcements and metrics – and find them later when you need to invariably make changes – OR WHEN THE REGULATOR asks to see your audit trail.
The fact is that regulators increasingly require evidence of the data quality of the underlying data on which you base your regulatory submissions. Not just that they require evidence of your data quality management processes, i.e. your Data Governance.
For example, in the UK, Deposit Holders are required to build a Single Customer View (SCV) of depositors (UK FSA Single Customer View requirement) They must not only build an SCV, the regulation states “We… would need to verify that the SCV information being collated and stored by a deposit taker was adequate and fit for purpose”. Consultation Paper CP 09/3 about the SCV states “As part of their data cleansing, deposit-taking firms would be required to ensure the existence, completeness and accuracy of all data required for each depositor to facilitate fast payout”
A second example affects Insurance companies providing insurance in Europe (this also affects US Insurers operating in Europe). EU Directive 2009/138/EC (Solvency II) – Article 82 states: “Member States shall ensure that insurance and reinsurance undertakings have internal processes and procedures in place to ensure the appropriateness, completeness and accuracy of the data used in the calculation of their technical provisions.” In other words – the regulator in each member state is required to review and approve the Data Governance processes of insurers.
Failure to comply with Regulatory requirements can prove expensive. Ask Standard Life. It cost them over £100 million. I presented details of the Standard Life case at the Information and Data Quality Seminar Series 2010 – Dublin. (For more details, see slides 11 and 12 in my presentation “Achieving Regulatory Compliance – The devil is in the data“.)
Shortly, working together with DataqualityPro, I will publish an E-Book on how to cost-effectively satisfy the (UK FSA Single Customer View requirement). UK Deposit Holders must submit their SCV implementation plans to the FSA by the end of July 2010, and must complete their SCV by Jan 2011. Time is running short.
Are you aware of other laws requiring evidence of Data Governance and Data Quality? If so, please share them.