With recent record compliance fails and fines making headlines, and ever-increasing regulations, the subsequent rising costs of compliance have been widely reported. According to a study cited in the Cost of Compliance 2018 Reportii, regulatory divergence (costs, risks, impacts) costs financial institutions 5–10% of their annual turnover.
A common concept of compliance management; the “Three Lines of Defense”, can be summarized as follows:
- First line of defense: Operational Management - a system of internal policies, procedures and controls
- Second line of defense: Internal Monitoring and Oversight Functions - designated compliance function/ compliance officer
- Third line of defense: Internal Audit - an assurance function, internal auditor function
What role does data play in the scope of things?
Another recent studyii cited institutions receive 37% of their data from third party sources. If every line of defense is essentially built on the validity of data, it is shocking to read in the same survey that 44% of those institutions have only initiated or do not have a data quality strategy at all.
Truth is better than Trust
Reliable master and reference data deserves a lot more attention than it receives in the headlines. What good does any failsafe procedure or oversight provide if the foundation has not been verified? How to build a master data strategy to protect against compliance risk?
Start with Audit-Proof Data:
Audit-proof company data combines the following requirements:
- Primary source
- Time-stamped
- Guaranteed data integrity
Step 1 Primary-source data means that original information is received directly from the primary source without any third party interaction, such as a government register, financial authority register, etc.
Step 2 All primary-source data has to be time-stamped to be audit-proof, the date and time of when the data was requested is recorded to ensure transparency on the data freshness.
Step 3 To ensure the data integrity, all data and original documents need to be in the original state, with no changes or adaptions.
i https://legal.thomsonreuters.com/en/insights/articles/cost-of-compliance-2018-report-your-biggest-challenges-revealed
ii https://www.paxata.com/wp-content/uploads/paxata-sourcemedia-data-quality-infographic.pdf