Extract from IPRO’s article “Managing Financial Services Data Information Governance, Compliance, and Operations”
When it comes to data management, financial services organizations face many of the same data concerns other corporations do, including:
- An exponential increase in the amount of data created, stored, archived, and deleted
- A lack of understanding of value of all that data, both to the organization and custodians
- Various federal regulations covering the privacy and security of data
- Enormous financial and reputational risks if data is exposed or breached
Often when organizations across any industry focus on Information Governance to mitigate these challenges, they only concentrate on the risks and requirements when handling their private data. But any Information Governance programs financial services organizations implement also must balance with the need to access, utilize, and analyze their data for operating purposes.
In addition to these challenges, with the various types of data financial services organizations manage by the nature of their market, they have several unique compliance requirements they must follow when handling data, including:
- Protection of unauthorized access to Private Personally Identifiable Information (PII),
- Compliance with regulatory frameworks like the Payment Card Industry (PCI) Data Securities Standards (DSS) and the Privacy Act of 1974, and
- Oversight from institutions such as the Securities and Exchanges Commission (SEC) and the Financial Industry Regulatory Authority (FINRA).
