Mitchell De Sil­va

Banks can store hun­dreds, even thou­sands of da­ta points on their cus­tomers. They in­clude every­thing from ba­sic bi­o­graph­ic in­for­ma­tion (name, ad­dress, na­tion­al ID num­ber, etc) to com­pre­hen­sive big da­ta pre­dic­tive mod­els based on past trans­ac­tions, de­mo­graph­ics, and a wealth of oth­er in­puts.

Many fi­nan­cial in­sti­tu­tions fo­cus on mit­i­gat­ing the reg­u­la­to­ry com­pli­ance and se­cu­ri­ty risks of col­lect­ing, stor­ing, and analysing that da­ta. How­ev­er, they can al­so ben­e­fit tremen­dous­ly by de­riv­ing la­tent cus­tomer de­mand and mar­ket trends from that in­for­ma­tion. Good da­ta gov­er­nance can help banks do both.

Sim­ply stat­ed, da­ta gov­er­nance is the in­ter­nal process­es in­sti­tu­tions im­ple­ment to man­age their and their cus­tomers’ da­ta se­cu­ri­ty, us­abil­i­ty, and avail­abil­i­ty. Ef­fec­tive da­ta gov­er­nance can be split in­to of­fen­sive and de­fen­sive el­e­ments. The lat­ter com­plies with reg­u­la­tions and safe­guards da­ta from hack­ers and oth­er ma­lig­nant ac­tors. The for­mer di­rect­ly im­pacts the bot­tom line by en­sur­ing da­ta can be eas­i­ly ac­cessed, in­dexed, and analysed to iden­ti­fy rev­enue op­por­tu­ni­ties.

De­fen­sive da­ta gov­er­nance

Most fi­nan­cial in­sti­tu­tions are in­ti­mate­ly fa­mil­iar with de­fen­sive da­ta gov­er­nance. Most com­mon­ly, de­fen­sive da­ta gov­er­nance dic­tates whether banks com­ply with da­ta pri­va­cy and se­cu­ri­ty laws in­clud­ing the Cal­i­for­nia Con­sumer Pri­va­cy Act (CC­PA) and the Eu­ro­pean Union’s Gen­er­al Da­ta Pro­tec­tion Reg­u­la­tion (GDPR).

Fi­nan­cial in­sti­tu­tions that process EU cit­i­zens’ per­son­al da­ta out­side the EU run the risk of trig­ger­ing GDPR fines. Coun­tries around the world—in­clud­ing many in the Caribbean such as the Ba­hamas, Bar­ba­dos, Ja­maica, and T&T—, there­fore, draft­ing a suite of laws and reg­u­la­tions to align their da­ta gov­er­nance com­pli­ance with the GDPR.

“We’re see­ing ef­forts across the re­gion to re­in­force and stan­dard­ise da­ta gov­er­nance across the Caribbean,” stat­ed Marce­lo Gor­ri­ni, Citi’s Cen­tral Amer­i­ca & Caribbean CEO. “That’s why our long-ex­ist­ing strong da­ta in­ter­nal gov­er­nance strat­e­gy grants Citi a com­pet­i­tive ad­van­tage. It helps us bet­ter man­age risk, com­ply with reg­u­la­tions, achieve ef­fi­cien­cies, and as­sist clients with first-class ser­vice.”

Good da­ta de­fence al­so low­ers costs by pre­vent­ing fraud and theft. These mea­sures have the added ben­e­fit of im­prov­ing fi­nan­cial in­sti­tu­tions’ pub­lic trust, there­by re­in­forc­ing their mar­ket po­si­tions rel­a­tive to com­peti­tors. Broad­ly speak­ing, de­fen­sive strate­gies in­ter­face with com­pli­ance, fi­nan­cial, IT, and le­gal de­part­ments. En­sur­ing da­ta ac­cu­ra­cy and tag­ging are key to a good de­fen­sive strat­e­gy, which is why con­trol is of­ten more pri­ori­tised than flex­i­bil­i­ty.

“We place an ex­treme­ly high pre­mi­um on da­ta se­cu­ri­ty and reg­u­la­to­ry com­pli­ance,” ex­plained Max­i­mo Vi­dal, Citi’s Do­mini­can Re­pub­lic man­ag­ing di­rec­tor.

“Our cus­tomers trust us with their da­ta. Main­tain­ing that trust is fun­da­men­tal­ly im­por­tant to our con­tin­ued suc­cess, which is why we con­stant­ly de­ploy the lat­est in de­fen­sive gov­er­nance strate­gies.”

Of­fen­sive da­ta gov­er­nance

Of­fen­sive da­ta gov­er­nance takes a more proac­tive ap­proach to im­prove cus­tomer sat­is­fac­tion, prof­itabil­i­ty, and rev­enue. It seeks to de­rive ac­tion­able in­sights and trends from large datasets that grant fi­nan­cial in­sti­tu­tions com­pet­i­tive ad­van­tages over ri­vals. Its analy­ses and re­ports can help launch, ex­e­cute, and re­ori­ent prod­ucts and ser­vices.

Of­fen­sive da­ta gov­er­nance projects di­rect­ly sup­port busi­ness ob­jec­tives, mak­ing them more fo­cused on re­al-time trends than de­fen­sive ef­forts. Their ac­tiv­i­ties di­rect­ly af­fect sales and mar­ket­ing teams. As a re­sult, they place a greater em­pha­sis on the flex­i­bil­i­ty and util­i­ty nec­es­sary to op­ti­mise da­ta an­a­lyt­ics than de­fen­sive da­ta gov­er­nance ini­tia­tives.

“Citi is on the cut­ting edge of da­ta man­age­ment,” said Mitchell De Sil­va, Citi’s T&T chief coun­try of­fi­cer. “We use the lat­est strate­gies to de­sign in­no­v­a­tive fi­nan­cial ser­vices that best cater to cus­tomers’ con­stant­ly shift­ing needs and de­sires.

Strik­ing a bal­ance

Good da­ta gov­er­nance de­mands fore­sight and a set of prin­ci­ples that can be ap­plied uni­form­ly across datasets. At min­i­mum, cus­tomers’ bi­o­graph­i­cal in­for­ma­tion must be cor­rect­ly as­cribed, tagged for fu­ture analy­sis, and se­cure­ly stored. How­ev­er, ex­act­ly how it is or­gan­ised may lead fi­nan­cial in­sti­tu­tions to feel they are stuck in a ze­ro-sum game. If they choose to fol­low a more de­fen­sive strat­e­gy, then they will need to im­ple­ment more con­trol. A more of­fen­sive stance will de­mand more flex­i­bil­i­ty.

Rather than ex­clu­sive­ly opt­ing for one strat­e­gy or ar­bi­trar­i­ly choos­ing a 50/50 split, banks should reg­u­lar­ly as­sess their needs and the needs of their clients to cor­rect­ly pin­point where they should land on the of­fen­sive-de­fen­sive spec­trum, al­low­ing them to de­ploy both de­fen­sive strate­gies that meet com­pli­ance re­quire­ments that pro­tect per­son­al da­ta and of­fen­sive mea­sures to de­rive cus­tomer in­sights from it.