How data are collected and used affects the course of business for almost all firms in the world. As the field of data collection matures and transforms the economy, its importance has not escaped the attention of European and national regulators. In this article we look at the regulatory trends and the ways your organization can implement data management tools that lead to reduced risk, better communications and ultimately a better environment for profitability.

Data have become an invaluable asset for organizations. They are the backbone of all critical business processes. This results in increased risks, which must be controlled and mitigated.

More and more, regulators request large datasets and complex reporting in order to better understand risks taken by financial institutions. Data quality and data governance are considered essential to ensuring these datasets and reporting present an accurate picture of the situation.

Therefore, most new on-site inspections and regulations include a section dedicated to data. Following an initial push by the Basel Committee with BCBS 239 principles, European and Belgian regulators have published several regulations, including data management chapters, which require financial institutions to make significant efforts to become compliant.

This article aims to provide you with an overview of key data regulations applicable to Belgian organizations. In addition to providing a summary of each regulation, we will provide an outline of major areas on which regulators are likely to focus. 

Download the full article on main data regulations impacting companies.

What are the major regulatory trends?

Most regulations we have analyzed include common principles. We have grouped them in three categories and summarized the main trends.

1. Data Governance

Most regulations require the establishment of “strong data governance.” However, they fail to precisely describe their expectations. Many of them mention the definition of roles and responsibilities, and a few of them refer to a business glossary. In order to translate “strong data governance” into practice, it takes knowledge of the market and an understanding of the regulator’s expectations.

2. Processes

Most regulations require robust data and IT architecture. These technical resources must work even in times of stress or crisis. Therefore, the regulator expects financial institutions to be able to rapidly produce new ad-hoc reliable reports upon request or need.

In addition, many regulations require institutions to have appropriate tools for a timely detection and resolution of errors and inconsistencies in reports. Regulators also require that processes get documented end-to-end (i.e. from data sourcing to reporting), and reporting processes get automated to the greatest extent in order to minimize risks.

When it is not possible to automate a part of the process, a few regulations mention explicitly that End-User Computings (EUCs) should be documented and that related risks should be managed. They mention as well that key controls should be documented. Finally, they indicate the frequency and recipients of the reports should be appropriate.

3. Data Quality

Most regulations include requirements regarding data quality. They mention different dimensions, including completeness, accuracy, validity, consistency and integrity of data. Other standards include the adaptability/flexibility of the reporting process and the timeliness of the reporting. They also require data to be traced and auditable (which is usually done via data lineage). Finally, many regulations mention confidentiality and security as data quality dimensions.

Regulations only describe the expected result (“…data should be of sufficient quality…”), not how institutions should achieve this result.

How to benefit from data management and create value for your organization

Beyond regulatory compliance, there are numerous incentives for improving data management practices of your organization:

  • Data governance increases responsibility and accountability of data by defining clear roles and responsibilities.
  • A data quality management process improves the quality of the data; good data quality is a requirement for performing proper data analytics and reporting, as well as data monetization. It increases trust of users in data, which is a key prerequisite to change the data culture of an organization. The quality of the output is essential when corporate decisions are based on data.
  • Metadata management improves the understanding of data and increases awareness of the quality of data. This results in fewer errors of interpretation, smoother collaboration within the organization and a decline in erroneous decisions.
  • Data documentation and data governance reduce the time and costs needed to understand and use data, resulting in improved operational effectiveness.
  • Data lineage facilitates an impact analysis in the context of change management and allows for the identification of the source of errors, duplicate or wrong data sources or the usage of wrong data for reporting/analytics. This can ultimately lead to cost reduction.
  • A data catalogue increases awareness of available data and authoritative sources, which makes finding relevant data easier.
  • Data classification improves the security and privacy of data, allowing for a better management of access rights and the avoidance of data breaches. It also helps identifying key data elements.
  • Data access and security management are improved when you know who creates and uses the data.
  • A better knowledge of the data landscape and improved data consistency result in an easier integration of data from different systems.
  • Defining and measuring KPIs helps management make informed decisions on data.
Data regulation overview

Download the full article, including an overview of all the data regulation fiches:

How KPMG can help

Leveraging our experience and track record across many industries, KPMG can assist you in complying with regulations and overcoming challenges in your data transformation. Thanks to our multidisciplinary approach (combining regulatory and data experts with sector knowledge), we adapt our proven methods and tools to specifically help you comply with various regulations and reap the benefits of trustworthy data assets.

In the context of such a regulatory-driven data transformation, we can assist you by:

  • Assessing your organization against regulatory requirements
  • Designing your Data Strategy and guiding the implementation of your transformation plan
  • Guiding you through the identification and prioritization of remediation actions (on data governance, metadata management, data quality, data lineage, etc.)
  • Evaluating the best tools to support your progression and assist in their integration