Do you understand your own data?
This is something to consider when undertaking various Due Diligence efforts such as Third-Party Risk Management and Core Integration projects. While the software system your core banking software participates in may not be fully controlled by your financial institution, the quality of this data is vital to understanding gaps in your own AML and Financial Crimes monitoring regime. This includes other third-party services, which may send data back and forth with the core. Knowing the gaps in your data will assist you in determining how to address these gaps; it may be possible to cover gaps in data by looking to native systems that are merely summarized in your core’s database.
For example, many core banking software systems receive data from various system providers that are then summarized as statement entries, without any rich detail as to what occurred. This is seen in various ways with Card, Wire, ACH, Bill Pay, Teller and Shared Branch (credit union network) and other network transactions, and greatly depends on the core system. This gap in understanding can be covered by your financial institution’s insistence on data maps and an institution-wide data management strategy. It is imperative that the financial institution document and validate any changes to the data schema so that dependent systems continue to work.
Best practices for implementing an institution-wide data management strategy starts with appointing a qualified professional to become a ‘data steward’ to gain an understanding of your financial institution’s various data streams, and then outline a data management strategy to keep all systems in sync. A good concept for data management is often called data governance, but there are a variety of concepts out there for your financial institution to emulate. Ensure your understanding of the concept is in sync with the technology department of your organization.
By treating the task of data management as essential to the organization’s overall health, the financial institution will have a better grasp of how it interacts with various systems, the gaps in the data exchanged, and the risks involved with summarized data in the risk management process. The topic of data integrity and quality is covered in greater detail from a variety of sources; do not hesitate to bring up the subject with your IT or IS Staff for more information.
Below are a few resources that may help you gain a further understanding of the topic from a regulatory framework perspective: