Financial institutions need to have a strong culture of data governance and accountability that goes across the whole organisation, according to a panel at the Global RegTech Summit.
Last week, FinTech Global hosted its latest Global RegTech Summit in London, welcoming RegTech leaders for a day to network and discuss the latest trends and innovations driving the RegTech sector.
One panel, ‘Data Compliance Decoded: Handling, Governance, and Technology Insight’, was featured Lloyds Banking Group head of economic crime oversight Howard Rawstron, Behavox global head of professional services Michael Talbert, TD Securities managing director, investment banking Marina Palermo and The RegTech Association CEO Simon Callaghan.
To kick off the panel, the speakers were asked how important a secure and robust approach to data compliance is for financial institutions.
Regulators around the world have been increasing rules around data protection and governance. One of the biggest drivers of this was the EU’s General Data Protection Regulation (GDPR), with similar legislation implemented around the world.
One of the panellists noted that there are a wide range of impacts that can come from dealing with data correctly and incorrectly. But ultimately, the whole financial services industry is built on trust and failing to use data correctly can erode that trust. Even if it is just using data for a simple checkbox exercise, if data is put at risk, it can cause a firm to lose customers, profits and opportunities.
Adding to this, another member of the panel noted that data management and governance has typically been segmented from the rest of operations. This creates a culture where teams would focus on their roles and just assume data governance was not part of their job. However, with the rise of greater regulatory measures around accountability, it is becoming clear everyone has a core element to play.
While group responsibility is helping with data governance, there is still a challenge of isolated teams. The disparity between teams is one of the biggest obstacles that firms can face with data governance, the panel explained. There can be many causes for this, but often it comes from a workforce that is spread across borders or a reliance on solutions that are siloed from one another. This makes it difficult for firms to get data into the right place, find the right accountable people for that data and ensure it is secure and being used properly.
To overcome this, the panel encouraged firms to seek technology partners that can help institutions consolidate their existing solutions into one single global repository.
With everyone on the same page and greater enforced accountability, data governance becomes the responsibility of the entire organisation to handle data responsibly, not just the data governance team. As the panellist put it, every colleague acts as a data steward, ensuring data remains protected.
Driving cultural change
To foster this, firms will likely need to change their data governance culture and the best way to do that is by understanding the full ramifications of when something goes wrong, the panel noted.
In the economic crime world, they stated, the data they use can have a significant impact on an individual. If a firm has inappropriate data and uses this to generate a suspicious activity report and put that through to the national crime agency, somebody could be investigated and could go through criminal proceedings.
Unfortunately, it is far too common for people making fundamental decisions about data movement, storage and classification, not to consider everything with a holistic view of risk, they said.
One of the panellists recounted a scenario they had seen when a bank had grown through an M&A deal. During the merger, a cash related payment on one book was going to be classed as a BACS payment when migrated. While a customer might not notice a difference on their statement, from a criminality angle, whether that is financial crime or fraud, the differentiation between a BACS payment and cash is actually fundamental.
This is why it is essential that firms do not think with a single-risk lens, they should consider it across the whole range of risks that the organisation operates.
A better strategy
One key area the panel discussed was the difference between fraud and financial crime, in terms of advancement.
The fraud space is very advanced in using behavioural data, biometrics and any form of data points that would generate a view of something being out of the ordinary. When you compare fraud and financial crime there is a disparity. Financial crime is still quite old fashioned, using predominantly transactional data activity. However, there is a lot of similarity between the two areas that can bring data points together, such as geolocation data. There can be a lot of synergy between these areas in terms of controls, tooling and data points and by connecting them, firms can have a much more robust and resilient to regulatory scrutiny operation for fraud and financial crime capabilities, they said.
On a final note, the panel offered advice on the best strategy firms can employ for data governance. They described a threefold strategy: having the right approach to people, processes, and tools.
For the accountability piece, having one owner is the starting point, but then dispersing or delegating authority to individuals in the business ensures the whole company is accountable for these different types of data.
As for putting in place the right processes, firms must implement the processes that cause the least friction. There is no point having a process in place that no one uses, because then data governance becomes nullified.
Finally, in terms of the technology solutions being implemented, there are many instances of firms having systems where over time they added solution on top of solution. Now it is a point of choosing the right partners and vendors that are going to scale and consolidate five different toolsets into one.
Having all of that in place means a firm can build a data governance initiative that will scale over time and can consolidate rather than cause more issues.
In September, FinTech Global will be hosting the 4th annual Global RegTech Summit USA in New York. The event is the largest gathering of RegTech leaders and innovators in the US and a great place to connect with industry experts and RegTech leaders. More information about the event can be found here.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
