Why data regulation can be like a Greek tragedy
FinTech – Financial institutions can feel there is no end to new governance, risk and compliance (GRC) rules, but things run smoother if they manage their data effectively, says business information evangelist Tom Butler (Professor in Business Information Systems at University College Cork and GRC Technology Centre Principal Investigator).
In Greek mythology Sisyphus, the King of Ephyra, was punished for his deceitfulness by the God Zeus and condemned to roll an enchanted boulder up a hill.
Zeus ensured it rolled back down again, condemning Sisyphus to an eternity of futile, repetitive activity.
The financial industry feels just as condemned, given the volume and complexity of regulations drafted since 2008.
Having reached the top of the hill and performed regulatory change management with rules such as MiFID, for example; MiFID2 comes along and the process begins again.
In dealing with regulations, organisations generally apply fixed models for decision-making and problem solving and rarely go beyond this behaviour.
They fail to question the assumptions underpinning their strategies or decision-making routines. Hence they fail to build or evolve their technical knowledge and skills.
Financial institutions are travelling down informatics cul-de-sacs because their traditional data management tools and techniques are limited. They must learn to navigate the labyrinths surrounding their structured and unstructured data.
Organisations must transcend the restrictions of their siloed SQL data stores and repositories of unstructured data by using No-SQL approaches. This way they can process and unlock data in reports, text fields and documents for in-depth analysis.
One answer is to build an organisational knowledge base to an industry standard.
Semantic technologies are emerging as part of a paradigm shift in the IT industry with the emergence of NoSQL (Not only SQL) solutions. These have made it easier to manage, mine and process structured and unstructured data.
Semantic models and related technologies enable data to be analysed and integrated so information can be extracted and knowledge gained.
Researchers at the GRC Technology Centre have developed a standards-based methodology for understanding and complying with regulation. The model, called Ganesha, is a Regulatory Compliance Information System and Knowledge Base.
Currently there are no solutions available for legal and financial experts to capture, store and transfer/share knowledge of regulatory compliance rules.
Ganesha provides these capabilities in an easy-to-understand regulatory natural language. Navigation is via hypertext links and users will soon be able to draft governance policies.
The other solution to managing regulatory change and overcoming the digital labyrinth is to ensure structured and unstructured data processes perform as they should. Data must be clean and accurate so trends and problems can be identified and answers extracted.
One approach is Data Virtualisation which provides access to data directly from one or more disparate data sources, without physically moving the data.
There is broad agreement across industry sectors that semantic metadata is required to make data virtualisation and other No SQL approaches work effectively.
All this provides an opportunity for Irish FinTech companies, particularly in light of the BCBS 239 Principles for effective Risk Data Aggregation and Risk Reporting instituted by the Basel Committee on Banking Supervision.
Dublin can become a RegTech centre of excellence especially if a Regulatory Clearing House is established as part of the IFS 2020 Strategy outlined by the Irish government. This would act as a standards-based, industry-wide platform enabling semantically-enriched regulations (unstructured data) to be presented as structured data.
Those in the financial industry ecosystem just need the will to make this a reality.