In the last article, from the perspective of top-level design, we explained how banks can formulate data strategies and design organizational structures under the overall framework of data governance. There is a saying that there is no way to make a circle without rules. For a financial institution, the implementation and realization of top-level design need to establish rules and regulations to guide and standardize the daily work of data governance, so as to truly and effectively improve the quality of data and ultimately enable data to empower enterprises to develop.
This issue will focus on the rules and regulations construction of data governance, and introduce how to combine the current situation of data management in banking financial institutions to build a data governance system, activate the data governance work of all participants, and form a normalized and scientific management mechanism through three steps: "defining organizational responsibilities", "building a system" and "continuous operation optimization". Through the continuous optimization of the system operation stage, banks can keep pace with the times, meet the internal and external management requirements, and promote their own digital transformation.
The top-level design of data governance defines the centralized management department of data governance. Promoting data governance to take root in the whole bank is inseparable from the cooperation and collaboration of all participants in the whole bank. Defining the responsibilities of all participants, rationalizing the cooperative relationship among all levels, departments and institutions, and sorting out the management processes of major departments in the field of data governance are the basis for building an institutional system.
Collaborative work in the field of data governance involves many departments in the front, middle and back office of banks. Under the overall planning of the centralized department of data governance, all participants rely on the professional ability and data jurisdiction of their respective departments to cooperate with the centralized department to carry out data governance work.
Among them, the business and functional departments, as the owners and responsible persons of their respective departments' data, are in contact with the first-hand data at the source and are familiar with the attributes and connotations of the data. They are the "business stewards" of bank data and jointly undertake the responsibilities of data standard formulation, data quality management and data analysis and application. IT department is responsible for establishing, perfecting and maintaining enterprise data architecture, establishing professional data management platforms and tools, undertaking technical support and information security responsibilities for data management, being the carrier, maintainer or processor of internal data, supporting data analysis and application, and being the "technical steward" of bank data.
The Guidelines require that the data governance system of banks cover all branches and subsidiaries, which means that data governance must cover all branches, sub-branches, subsidiaries and even overseas institutions from top to bottom. From this point of view, for banks, the head office should not only play the role of bank headquarters in implementing data governance, but also position itself as the parent bank and parent company of the group to promote data governance from the perspective of the group. Therefore, the communication channels of data management between the head office (parent company), its branches and subsidiaries should be established, and "integrated" and "personalized" management strategies should be adopted according to the different requirements of territorial management and different subsidiaries to promote the all-round development of data governance.
? Integration: Branches and subsidiaries should be responsible for their own data. According to the unified requirements of data governance of the Head Office, be responsible for data quality control and data security protection in all aspects of data generation and storage. If the quality problems found by the Head Office involve branches and subsidiaries, the institutions themselves shall bear the responsibility for rectification. Taking BCBS 239 (RDA-risk data aggregation in China) as an example, under the principle of promoting global systemically important banks to meet the requirements of effective risk data aggregation and risk reporting, the parent company is required to promote data governance within the group as a whole to ensure that the group can collect and summarize risk data from different countries and institutions in different formats for analysis, decision-making or regulatory reporting.
? Individualization: According to different territorial laws and regulations, banks should formulate corresponding data management strategies. Take GDPR as an example. If a China bank has a branch in the EU, the branch will be regarded as the entity responsible for implementing the legal requirements of GDPR (general data protection regulations). In view of this, banks need to optimize personal data privacy protection and other management contents on the basis of the existing data governance system to meet the requirements of GDPR.
|
Article 18 A banking financial institution shall formulate a comprehensive, scientific and effective data management system, including but not limited to organizational management, departmental responsibilities, coordination mechanism, safety control, system guarantee, supervision and inspection and data quality control.
Article 25 Banking financial institutions shall strengthen the unified management of data, establish a comprehensive and strict management process and filing system, clarify the requirements for filing handover and caliber sorting, and ensure data comparability.
Article 33 Banking financial institutions shall establish a data quality on-site inspection system, organize its implementation on a regular basis, in principle, at least once a year, submit major problems according to the established reporting path, and implement rectification according to the process.
Article 37 A banking financial institution shall establish a regulatory data quality control system, including but not limited to: data quality commitment of key regulatory indicators, analysis and report of abnormal data changes, notification of major errors, accountability, etc. .
-Guidelines on Data Governance of Banking Financial Institutions
|
To build a bank's data governance system, we must first conform to the bank's data strategy, then fully combine the organizational structure and management status of data governance, embody, implement and implement the top-level design requirements of data governance, and gradually incorporate the data governance system into the management practice of the whole bank.
According to the hierarchy of data management and the order of authorization decision-making, the framework of data governance system is divided into three levels: articles of association, special measures and work rules. The framework regulates the specific fields of data management, the objectives of each data management field, the principles of action to be followed, the clear tasks to be completed, the working methods to be implemented, the general steps and specific measures to be taken, etc.
The Charter of Data Governance is the highest-level data governance policy of the Bank, the basic policy to guide the Bank's data governance and management activities and prevent data risks, the basic principles and procedures that must be followed to establish and improve the data system, and the basic guidelines to ensure the effective development of data governance and support the quality management and final application of various data management professional fields.
The data governance charter specifically includes the general principles, management scope, organizational structure, special provisions, problem handling mechanism and corresponding annexes or appendices of data governance. Charter runs through the whole process of creation, transmission, integration, security, quality and application of data and information, and special measures and rules for data governance should be formulated on the basis of conforming to the principles and procedures of data governance charter.
Data governance covers a wide range of fields. Banks should, under the guidance of the Charter on Data Governance, formulate management measures in various specialized fields according to the principles of data governance and the responsibilities of organizational structure, and according to the working characteristics of data governance, so as to guide the orderly development of all work of the whole bank.
The Special Measures for Data Governance inherits the Charter for Data Governance, followed by detailed working rules, including the general principles, work content and scope, organizational structure and responsibilities of the special work, and defines the main tasks under the special work.
On the basis of special management measures, further refine the operation process of each work. By formulating various process rules, the top-level design runs through the daily work of data governance, opening up the "last mile" of data governance at the operational level, guiding front-line staff to carry out data governance according to standardized processes, and laying the foundation for upgrading data governance throughout the Bank.
Data governance covers a wide range and is closely related to business operations, IT management, information security and other fields. When building a data governance work system, it is necessary to clarify the work content of each special field of data governance, delimit the scope of work, and clarify the connotation differences and responsibility boundaries between data governance work and related work. To implement the system text and process rules, it is necessary to ensure the integrity of the overall content of the data governance system and the effective connection with the surrounding related work.
|
Article 18 A banking financial institution shall formulate a comprehensive, scientific and effective data management system, including but not limited to organizational management, departmental responsibilities, coordination mechanism, safety control, system guarantee, supervision and inspection and data quality control.
Banking financial institutions should continuously evaluate and update data management systems according to regulatory requirements and actual needs.
Article 19 A banking financial institution shall formulate a regulatory statistical management system and a business system related to regulatory data, publish them in a timely manner, evaluate and update them regularly, and report them to the banking regulatory institution for the record. Major changes in the system shall be reported to the banking regulatory agency in a timely manner.
-Guidelines on Data Governance of Banking Financial Institutions
|
With the rapid development of digital ability of banks, the competition between banks on the application ability of data assets is becoming increasingly fierce, but whether the value of their data assets can be enlarged depends on whether there is a scientific data management system to support it. At the same time, the regulatory requirements related to various data are also deepening. As the so-called "data governance is not completed", for banks, the process of digital transformation and the appreciation of data assets depend on data governance, which is a long-term and continuous work. Taking the institutional system as the cornerstone, regular "physical examination" is carried out to ensure its operational efficiency and keep pace with the times.
? Regularly check and analyze the operation of the system.
Through the self-inspection of the data system (such as periodic evaluation of the system or internal control evaluation), analyze the operation of each management process of data governance, regularly evaluate the operation effect, find out the process nodes and causes of poor operation and low efficiency, and solve and optimize them.
With the popularity of data management and control platform, many banks began to integrate standard management, quality inspection, problem distribution and other processes into data management and control platform for unified management. Improving the overall effectiveness of data governance through digital and intelligent methods will also help banks find problems encountered in the operation process in time and help banks optimize their data governance management system.
? Keep pace with the times and ensure the forefront of the institutional system
Banks should combine the daily publicity and implementation of data governance, keep abreast of the frontier trends of financial technology and regulatory technology, combine the regulatory requirements and the bank's own situation, constantly optimize the technical capabilities and operational effects of data governance in the bank, and solidify it through institutional processes to ensure the sustainable development of data governance.
The formation of data governance system is a supplement and improvement to the overall system of banks. The normative institutional system is to control the soil and nutrients that this towering tree grows with data. Under its nourishment, the sustainable development and deepening of data governance will have "laws to follow and rules to follow". As the third issue of a series of articles on data governance, this paper discusses how to promote the long-term benign operation of data governance system by establishing institutional system and activating working mechanism. In the next issue, we will further ensure the landing operation of the bank data governance system from the aspects of the establishment of the assessment system and the effective operation of the data management reward and punishment mechanism.