With recent record compliance fails and fines making headlines, and ever-increasing regulation, the subsequent rising costs of compliance have been widely reported. According to a study cited in the Cost of Compliance 2018 Reportii, regulatory divergence (costs, risks, impacts) costs financial institutions 5–10% of their annual turnover.
A common concept of compliance management; the “Three Lines of Defense”, can be summarized as follows:
- First line of defense: Operational Management - a system of internal policies, procedures and controls
- Second line of defense: Internal Monitoring and Oversight Functions - designated compliance function/ compliance officer
- Third line of defense: Internal Audit - an assurance function, internal auditor function
What role does data play in the scope of things?
Another recent studyii cited institutions receive 37% of their data from third party sources. If every line of defense is essentially built on the validity of data, it is shocking to read in the same survey that 44% of those institutions have only initiated or do not have a data quality strategy at all.
Trust is Good Verification is Better
Reliable master and reference data deserves a lot more attention than it receives in the headlines. What good does any failsafe procedure or oversight provide if the foundation has not been verified? How to build a master data strategy to protect against compliance risk?
Start with Audit-Proof Data:
Audit-proof company data combines the following requirements:
- Primary source
- Guaranteed data integrity
Step 1, Primary-source data means that original information is received directly from the primary source without any third party interaction, such as a government register, financial authority register, etc.
Step 2, All primary-source data has to be time-stamped to be audit-proof, the date and time of when the data was requested is recorded to ensure transparency on the data freshness.
Step 3, To ensure the data integrity, all data and original documents need to be in the original state, with no changes or adaptions.