Getting big data right can help businesses make money and follow the law. So why do financial firms get it wrong?
Big data is a big deal. By getting to grips with it, businesses can improve efficiencies, find opportunities and ensure that they comply with laws like the EU’s General Data Protection Regulation (GDPR). However, many financial firms still make a lot of mistakes. While there are ways to fix these problems, businesses must first become aware of them in order to do something about them.
“I can’t speak for all firms but I am surprised that big data and indeed all things digital, is still often considered an afterthought in financial services,” David Clee, CEO of MirrorWeb, the RegTech company, tells RegTech Analyst. “Regardless of how digital or traditional a business is, data and its management are central to financial services business models. Therefore, there needs to be a stronger understanding of big data – and the importance of its security – running throughout a business and especially when compliance processes are designed.”
The need to collect and manage data has become greater over the past few years with lawmakers around the world legislating to protect users’ data. For instance, the EU has the GDPR and in the US there’s the California Consumer Privacy Act (CCPA).
With more legislation, the stakes are even higher to get data right. European authorities have already slammed businesses with €114m in fines for breaching GDPR, a figure that could grow to €329m.
“The biggest mistakes firms might make are failing to consider the privacy and security implications of collecting, using and storing big data,” Marc Gilman, general counsel and vice president of compliance at Theta Lake, the RegTech company, tells RegTech Analyst. “Whether using internal data or data from third party sources, ensuring that data privacy impact assessments under GDPR are conducted and implementing appropriate notification and consent mechanisms under CCPA and other regulations is key.”
However, understanding what is required to obey the legislation is not always easy. “Keep in mind that regulatory implications extend to information security mandates under [New York State Department of Financial Services] and other state rules as well as SEC guidance,” advises Gilman. “Once data is being managed internally, firms must ensure that appropriate controls around its processing and use are in place.
“For example, as collaboration platforms like Zoom, RingCentral and Microsoft Teams are being used to support business continuity and remote working scenarios, applying technical compliance controls offered by purpose-built RegTech solutions to identify data leakage in video, audio and text content is essential. As digital communications shift to new platforms, transparency into all the ways that information, including confidential data and elements of big data sets, can be shared must evolve as well.”
Thomas Russell believes financial firms must look over how they deal with data because it can yield massive business advantages. As the founder and CEO of the Dublin-headquartered RegTech company Think Evolve Solve, he has devoted a lot of his time since launching the venture back in 2012 to empower companies to use data to drive innovation and business performance.
And he believes that there is one huge mistake financial firms keep doing when they collect data. “They assume that getting accurate data is a technology problem, that if we give it to the IT team they can build an API/technical script/ETL routine that will resolve the issue,” Russell tells RegTech Analyst. “APIs/Scripts and ETL routines are great for sharing information but they depend on technical resources to build and maintain. They are also only possible if both parties have the technology and skills to deliver.
“Business need to realise that data is a business need and that business teams need to be enabled to solve the problems with data flows without having to revert to IT or specialist data ops and engineering teams.”
Russell has no qualms about why it is important for firms to get this right. “Because the inefficiencies that dirty data create for a business are enormous and an ever growing cost for business,” he argues. “Dirty data fundamentally undermines the business ability to use data.”
But what should they do instead? “Business teams need to be enabled to define the data they need, request it and then be positioned to quickly and easily analyse the data,” Russell says. “To do this the tooling they use needs to be designed for business people so that they can maintain the flow of data from a data supplier or to a data consumer without a dependency on IT or data engineering resources.
“Smart tooling in this place makes it easy to re-mediate the issues and for issues with the data from a supplier to be highlighted to the supplier so that they can resolve it easily. Approaching the challenge from this perspective significantly reduces the costs of gathering data and resolving data issues and provides business teams and data scientists with the data they need to deliver.”
Copyright © 2018 RegTech Analyst