Data Governance – Understanding its Importance for AML Compliance

December 14, 2018 by Rama Pappu


While the financial institutions have the desire to improve the data quality and availability, data governance is often driven by external regulations to implement a program to ensure requirements outlined in DFS Part 504 regulation are met.

What Does Data Governance Do?

Data Governance refers to the overall data management that will enable a financial institution to maintain a high quality of data. The key focus areas of data governance include availability, usability, consistency, data integrity and data security.

Protect Information Privacy

Data governance can be used to protect information privacy. If a financial institution has strict controls over who can access and use sensitive data, it is less likely that data will fall into the wrong hands or be used incorrectly. This is particularly important with the personal data that is used in anti-money laundering (AML) know your customer (KYC) checks.

Lower Compliance Risk through Consistency and Quality

Data governance frameworks should help to make data more consistent, accurate and complete – improving data quality. Implemented correctly, a better approach to data management should also lower compliance risk, including the risk of regulatory fines and sanctions.

Improve Business Functions with Faster, More Accurate Reporting

The same infrastructure that delivers improved regulatory reports will also be able to deliver higher-quality management information to the C-suite and the board faster. Organizations that implement data governance frameworks also usually see an increase in accountability around data, and more collaboration among the teams that create and use data. Implementing a data governance framework empowers the organization – including the compliance team – to share information more easily, have increased confidence in the quality of the information, and make better data-related decisions.

Launching a Data Governance Program

It’s important to have a good road map for the data governance journey. A program should include the following elements:

  • Obtaining buy-in from key stakeholders - To get started, it’s important to have buy-in for data governance from the following:
    • Board and C-suite - Both groups should sign-off on, publicly endorse, and enforce the new data governance policies and procedures 
    • Individual Business Units and the IT team - A good data governance program will be an opportunity to solve many day-to-day challenges for both of these groups. Listen to their needs and incorporate them into the program. For example, the benefits of a good data governance program could translate into faster customer onboarding times through a more efficient approach to KYC processes.
  • Defining a strategy – The team should outline the business and compliance drivers, create a mission or vision statement for the project, and establish goals. A roadmap should be created for the implementation of the project, with both accountabilities and responsibilities clearly stated.
  • Establishing a governance function – In larger organizations, a data governance office should be created. In smaller firms, this responsibility should be assigned to an individual. Data governance includes functions such as Data Owners, Data Creators and Data Stewards. These roles need to be identified within the organization and their responsibilities defined.
  • Creating a data management process – This has several components to it, and may require external expertise for some firms to accomplish. Actions include:
    • Defining policies and standards for data management, data availability, data transparency and data privacy
    • Stating the review frequency for policies, standards, governance structure roles
    • Establishing metadata standards (business and technical metadata), policies for data lineage and data dictionaries
  • Building the data architecture and tools – This is a group of activities that may require specialized knowledge. Data governance is a relatively new discipline, and there are many possibilities for implementation that organizations may explore and evaluate. Key activities are:
    • Creating data models and a data quality architecture. o Identifying the master data management (MDM) and ETL tools that are best suited for the organization
    • Providing guidelines to improve data quality and accuracy
    • Defining business rules for data quality
    • Developing data quality metrics and dashboards to evaluate the effectiveness of data governance

Having a robust approach to data governance enables clear ownership of data, enhances business rules around data activities, improves operational processes, enriches decision-making and increases collaboration. It also helps make core compliance activities quicker and easier to accomplish – reducing resources and costs, and decreases the risks associated with reporting errors and failures.

How ACA Can Help

Our team of experts can assist you to develop a data governance program, or review your current program for efficiency effectiveness.

To learn more about how data governance can help improve compliance processes, or to discuss your data governance program, contact Rama Pappu at rapappu@acatelavance.com or your ACA consultant.

Additional Resources

ACA recently conducted a webcast on data governance practices to combat AML. You can view the replay here: Webcast: Data Governance and Management in BSA/AML and Sanctions Compliance.

Johan Glozman, Head of Product Management at ACA Technology, recently shared his insights to alleviate challenges you might face when trying to implement a new data governance program. You can view his article here: Employee Data Governance Policies: Minimizing Impact, Maximizing Value.

ACA also recently hosted a webcast outlining best practices for protecting data. You can view the replay here: Webcast: Safeguarding Data: Protecting Your Company’s Crown Jewels.