Data programme assurance:

The most successful financial services firms have complete command of their data to drive product quality, decision making, customer service, and operational efficiency.

However, information comes with responsibility. Companies must ensure their data programmes meet increasingly stringent regulator expectations.

In addition, a malfunctioning data programme can also cause irreparable damage to customer trust – take a company that sends out incorrect billing information or accidentally shares third-party information.

In short, regular assurance is needed to ensure data frameworks are working hard from a business perspective yet are also reliable, accurate, and secure.

Preventing penalties

The following high-profile (anonymised) cases are instances in which financial services institutions sought external assurance of data programmes to resolve issues that had already resulted in heavy financial penalties. The fines ran into millions of pounds that could have been avoided had external assurers been involved at an earlier stage.

• The Financial Conduct Authority fined a leading UK bank for failing to ensure that its lending decisions were free from discrimination. External assurers were engaged to ensure its future lending practices were fair and free from discrimination.
• A large European bank appointed external assurers following a money laundering scandal in its Estonian operations. The bank stated that the external review was part of its efforts to strengthen its AML and sanctions compliance programme.

Introducing a powerful data assurance framework 

A review of your data programmes offers valuable insight into various aspects of operations, including data strategy, process design, technology, and governance.

Our Assurance Maturity Framework is a useful tool for validating data programmes. It splits the programme lifecycle into five stages, from requirement management to final reporting.

Each stage is evaluated using three sources of information:

• Stakeholder questionnaires
• Analysis of artefacts, including documentation, solution architecture, testing, and governance processes
• Continual feedback from stakeholders regarding ongoing observations 

The result is a clear picture of a programme’s strengths and weaknesses, which quickly identifies any necessary remedial action.

The benefit of external assurance

Though frameworks such as the above can guide internal teams, an external perspective is a powerful way to identify gaps and weaknesses that might be overlooked.

External assurance specialists can also help with strategy, process design, technology, implementation, and governance while ensuring you're compliant with the latest regulatory changes.

The assurance challenge

A leading retail and commercial bank in England asked us to conduct a comprehensive review of their payment protection insurance (PPI) data waterfall programme, specifically:

• to validate its design approach to data sourcing, risk and issue escalation, as well as data extraction and collation
• to review the accuracy of data output, QA framework design and adherence, and technical architecture design
• to review all documents relating to the programme.

Our approach

The programme collated data for complaints, commissions, returns, payments, and many more workstreams acquired from means, such as phone calls, emails, and certified management consultant files. 

We evaluated the PPI programme using our Assurance Maturity Framework and methodology (questionnaires, artefacts and continual feedback). Our work involved:

• reviewing documents for all data sources, ensuring there was sound rationale and evidence for each design or data gap decision
• assessing the efficacy and processes surrounding internal and external QA documents
• assessing technical architecture and database design documents against industry standards.

The value we added

Our review identified one high, four medium and three low-risk action points.

We identified major gaps concerning test case traceability and the reconciliation of final output numbers with the data sources.

Additionally, our advice on identifying critical data elements and establishing data validity rules not only ensured report accuracy but also led to improved compliance and performance, enabling a clear assessment and comparison with industry standards.

What's it like working with an external data assurer?

External data assurance can ensure that your firm has access to up-to-date insights on industry standards and best practice to improve your internal processes and decision-making abilities.

It should provide a robust gap analysis and a clear set of metrics to assess your data and compare it to others in the industry.

Our five-phase agile process ensures continuous engagement for swift risk mitigation.

How to get started

To create compliant data programmes that unlock value for your organisation, contact Nikhil Asthana or Kamaldeep Kaur.