INTRODUCTION
Still in the early days of its evolution, the role of the Chief Data Officer (CDO) in financial services is evolving from a strategic second-line function to one where success will soon be measured by the executive’s ability to push the data agenda forward, driving new business insight and innovation.
The role was initially designed with a defensive posture intended to mitigate a bank’s risk and satisfy increased regulatory scrutiny and compliance reporting requirements. Now the role is in transition at a number of institutions, many of whom recognize data as a critical corporate asset, that when managed effectively, can unlock real-time insights and power new revenue-generating business opportunities. Dependent on the culture of the organization, the maturity level of the data program, and its regulatory priorities, each firm has its own reasons leading to the appointment of their CDO.
The CDO Intention
The first CDO mandates began to take shape nearly a decade ago after the global financial crisis exposed numerous gaps within many financial organizations’ risk data aggregation and reporting frameworks. New regulatory mandates such as the USA PATRIOT ACT (USAPA), the Comprehensive Capital Analysis and Review (CCAR), and the Basel Committee on Banking Supervision’s (BCBS) regulation 239 zeroed in on these inefficiencies, requiring Systemically Important Financial Institutions (SIFIs) to establish a strategic, enterprise-wide approach to the way they manage their data.
Given the massive volumes of data (structured, semi-structured, or non-structured) streaming in from various platforms within a financial organization, many firms have struggled to fully integrate this information form the source, resulting in increased fines for compliance requirements. Today, many of the financial service firms – both at the regional level and top-tier global level – are still facing an uphill battle as it relates to:
Market Protection
Consumer Protection (Consumer Financial Protection Bureau)
Financial Crime ProtectionCybersecurity
Office of Foreign Assets Control
Anti-Money Laundering (USAPA, Bank Secrecy Act)
Client Onboarding (Customer Due Diligence, Know Your Customer, Customer Identification Program)
Fraud
- BCBS 239
- CCAR
- Living Wills
Consumer Protection (Consumer Financial Protection Bureau)
Financial Crime Protection
In a recent report detailing the progress by banks in adopting the principles for BCBS 239, the Basel Committee found the banks’ level of compliance “unsatisfactory”, and the overall implementation progress remains a source of concern.1
As firms continue to adjust their data strategies around U.S. regulatory reporting demands, a new regulation from the European Union may likely keep the compliance-based pressure on the CDO. The General Data Protection Regulation (GDPR) is set to take effect in May of 2018, and will require all companies handling the personal data of EU residents to adhere to a set of policies and procedures to protect the data. According to a recent PricewaterhouseCoopers GDPR Preparedness Pulse Survey, over half of U.S. multinationals say GDPR is their top data protection priority. More than three quarters of respondents said they plan to spend $1 million or more on GDPR given the stiff penalties associated with non-compliance, which is said to be potentially 4% of global revenues.2
Will this new law lay squarely on the shoulders of the current CDO, or will it lead to the creation of a new corporate role: the Data Protection Officer?
Under Article 37 of the GDPR, data protection officers must be appointed for all public authorities, and where the core activities of the controller or the processor involve “regular and systematic monitoring of data subjects on a large scale” or where the entity conducts large-scale processing of “special categories of personal data” (such as that revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, and the like, defined in Article 9).3 In a recent analysis from the Boston Consulting Group (BCG) – Global Risk 2017: Staying the Course in Banking – banks worldwide have paid $321 billion in fines since the financial crisis, with approximately $42 billion in fines assessed in 2016 alone.4 And it’s not just the larger global investment banks in the crosshairs of the regulators. “Regulatory pressure is beginning to focus on the regional firms,” said one data executive. “Now that the regulators have a taste for the CDO role, they are expecting regional banks to have the same.”
It is clear that regulatory reporting demands and data quality will continue to be a strong headwind for financial institutions, but there is also a growing consensus among many executives that the data function is at a tipping point. More structured and mature programs are beginning to move the needle forward and look beyond the objective of just meeting regulatory compliance. “The banks are at a transitional point right now. The foundational investments that were made are now very leverage-able,” said a CDO from a top 20 bank holding company. We took a closer look at the top holding companies with total assets of approximately $100 billion to $2.5 trillion as of 12/31/2016,5 and identified 31 out of 37 firms currently have a designated CDO in the United States, with an average tenure of just over 2 years. Three of the top ten institutions do not have a designated CDO at the enterprise level, and function as a federated model across platforms.
Given the relative newness of the position within financial services, it is not surprising to see turnover rates for CDOs on the rise. Since 2016, more than 25% of organizations have either lost their CDO to a competitor firm or have decided to remove and replace their data executive altogether. “90% of large organizations will have hired a Chief Data Officer by 2019; of these organizations, only 50% will be considered successful,” according to Gartner Research.6 As financial organizations begin to transition to a more data-driven culture, the CDO must possess skills that go well beyond the technical. He or she must be able to sell the data strategy to the executive board, operate across the institution, and work not only with the Chief Risk Officer and Chief Compliance Officer to defend against regulatory risks, but serve the businesses and support their demands. He or she must also partner with the Chief Technology Officer to help deliver the most value from the information.
“Now more than ever there is demand on the data executive to drive innovation,” said John Bottega, Senior Advisor & Consultant, EDM Council and Former Chief Data Officer, Bank of America. This aspiration to innovate and transform to a more business-focused data strategy is changing the landscape of the marketplace, and with it, the profile of the data executive in charge. Financial institutions are faced with the challenge of identifying and recruiting an individual with a strong technological foundation and solid business acumen, as well as the emotional intelligence, charisma and leadership skills to implement and drive a data-driven culture across the enterprise – a combination of skills not easily identifiable in today’s marketplace. “Communication skills are vital because you have to be able to take this technical topic, digest it and understand it, then re-configure and translate it into a different language to the business,” said the first CDO.
Understanding the talent pool
To get a better sense of the changing CDO mandate, Second Line Advisors identified six background profiles of the current-named 31 Chief Data Officers of the top 37 holding companies (^$100B) as listed by the National Information Center.
Currently, there are two banks in the market for their next CDO. As shown in the graph, the two most prominent profiles among the CDOs are Technology and Operations & Strategy. Nearly a third of CDOs have risen out of technology – a crucial foundational skill needed to successfully collaborate with IT and keep apace with the swift technological changes and demands of the organization. Operations & Strategy was equally as prevalent, highlighting the need for the executive to not only be able to define and set the strategy, but analyze the different business processes, collaborate with and support business partners in decision making, allocate responsibility for managing risks, and execute. Several of these CDOs previously held transformational agent responsibilities and had early career training with high-caliber advisory or consulting firms.
So where have the banks found this blend of tech/business talent? Interestingly, a large majority – nearly 60 percent – have promoted their CDO from within. This trend signals the critical importance firms are placing on corporate culture and internal working relationship dynamics. An external hire would not have that luxury. He or she would need to quickly get up to speed on the inner cultural fabric of the firm and be able to understand, navigate and influence around political hurdles that could obstruct their success in the role. Change is never easy. Transformational change within a sophisticated organization like a global bank or major insurer is near impossible, especially if the data transformation strategy fails to reach across the enterprise and engage the institution’s key stakeholders – its lines of business.
Current CDO Profiles
Understanding the talent pool (cont'd)
For years when it came to data, the business tended to advocate their responsibility and ownership to Technology. It was always the responsibility of data analysts and IT architects to manage, supply security, and place policies and controls around the data. With data streaming through all parts of a bank, the CDO needs to collaborate and work across each distinct line of business to break down data silos, establish a strong governance process, strengthen the quality of the data, and elevate the business’ role in the strategy – ultimately bringing accountability back into the hands of the original producers of the data in the first line.
“Accountability for the data needs to move back to the business and technology needs to become a true custodian, taking direction from people within the business who are accountable for the data they are creating,” said one data executive. “To get the business engaged and aware of what they are dealing with and what they need in order to come to realistic decisions and conclusions with respect of their data, they need to take ownership.”
In order to effectively bridge this gap between IT and the business, today’s CDO will need a strong support team of technology and business, as well as the full backing and executive sponsorship to successfully deliver a data strategy that aligns with the firm’s enterprise wide business strategy. For many firms, this means re-aligning the functional reporting lines of the CDO away from technology (Chief Technology Officer/Chief Information Officer), and into an operational function such as the Chief Operating Officer. Many of the executives we spoke with said the CDO should be a peer to Technology. As the graph shows, reporting lines for the CDO vary widely from organization to organization. As more and more firms begin to embrace the CDO as a business function, the position is starting to move out from under Technology.
In Q1 of 2017, two out of the top five banks have opted to pull the CDO function out from under their CIO, and re-align it into the Chief Administrative Officer (CAO). A number of other banks have also made the move away from technology in recent years, realigning the reporting lines into other business lines like Risk and Operations. “I will say that where CDOs are having the best success with pushing the data agenda forward, typically they are not reporting up through Technology, but into an operational function, typically a COO,” said a business line CDO of a global bank. “The higher the stature you give it, the greater the chance of success.”
Functional Reporting Lines of Current CDOs
CONCLUSION
While still relatively new, the role of the CDO within financial services is beginning to earn its seat at the executive table as more and more organizations recognize their enterprise information as a core corporate asset. While compliance and regulatory initiatives will continue to consume a large part of the present-day CDO mandate, a new era of an insight-driven data culture is top-of-mind f
KEY FINDINGS
- The role of the CDO within financial services is an ongoing evolution, with individual firms’ strategy focused on business needs.
- Majority of current CDO mandates focused on compliance and regulatory reporting requirements; some organizations beginning to position function beyond goal of achieving regulatory compliance (defensive risk oriented vst offensive insight driven).
- 31 out of top 37 holding companies with total assets of $100 billion to $2.5 trillion have a designated CDO in the U. S., with an average tenure of just over two years. Three of the top ten companies do not have a designated CDO at the enterprise level. Two organizations are currently in the market for their next CDO.
- Annual turnover rates among financial services CDOs remain high, with 25% of firms either losing or replacing their data executive since 2016.
- Profiles of present-day CDOs more diverse; nearly a third of CDOs identified as having an Operations & Strategy profile – a key skill set needed to successfully set vision, improve processes, control costs, and influence transformational change.
- CDO reporting lines vary from institution to institution; trending toward more businesscentric functions such as COO or CAO, the latter reporting structure re-aligned by two of largest banks in the first quarter of 2017.
- Nearly 60 percent of organizations promoted their CDO from within, signaling greater emphasis being placed on corporate culture and internal working relationship dynamics.
- Organizations will continue to be faced with the challenge of identifying an executive with technical foundation, business acumen, emotional intelligence, charisma and leadership skills
While much depends on the business strategy of the particular institution, there really is no guiding light at both the top-tier and mid-tier organizations who have their data strategy completely figured out. Many of the banks are facing different challenges, be it regulatory requirements and the demand for stronger data governance, to the corporate culture and operational effectiveness of the data executive in charge. What each firm is choosing to do with the implementation of their data program has been unique and slightly different. As the role of the CDO continues to grow and financial organizations begin to fully embrace the position as a business enabler, only then will they be able to unlock new opportunities and be well on the road to becoming an insight-driven organization.
References
1http://www.bis.org/bcbs/publ/d399.pdf
2http://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/pwc-gdpr-series-pulse-survey.pdf
3http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf
4http://image-src.bcg.com/BCG_COM/BCG-Staying-the-Course-in-Banking-Mar-2017_tcm9-146794.pdf
5National Information Center. A repository of financial data and information on banks and other financial institutions collected by the Federal Reserve as of 12/31/16
6http://www.gartner.com/smarterwithgartner/keys-to-success-for-chief-data-officers/
