www.pwc.

de/financialservices

Data
Governance
Survey Results:
A European Comparison
of Data Management
Capabilities in Banks

Identifying the main

challenges for banks in
terms of Data Governance
and Data Management.

March 2016
Contents
Management Summary 03
Methodology and General Information 05
Detailed Survey Results 09
Going Forward 27
Contacts 32
Preface

Dear Readers
As stated by the ECB Banking Supervision in their paper around the supervisory priorities for
2016 of the Single Supervisory Mechanism (SSM), data quality will be one major priority in
their future work. Data quality and firm-wide risk data aggregation capabilities are an essential
precondition for sound, risk-based decision-making and therefore for proper risk governance.
Furthermore, ensuring data quality and security necessitates that state-of-the-art IT
infrastructure will be part of further reviews. Current regulations like AnaCredit, BCBS239 and
MiFID and the upcoming Basel IV Framework will also drive the requirements around data. As
a consequence, more and very detailed data has to be available in a shorter time period in high
quality for different purposes. Different information needs of the various stakeholders require
structured preparation and processing of data with differing granularity. The main success
factors are a proper corporate data governance, an effective and efficient as well as sustainable
data quality management system, a fast and effective delivery of data tapes and an effective
internal controls system around the handling of data. The banking sector faces challenges
regarding the interpretation of data, reconciliation of reports and ambitious deadlines which
require large investments. On the business side market trends like Digital Transformation and
Big Data increase competition and make an efficient and effective data governance structure a
necessity. In other words ‘Data is key!’
After having had insightful and deep discussions on Data Management topics with 45 banks
across Europe, this report shows that all of them are facing similar data challenges. Our
survey takes an in-depth look at the results garnered from many interviews with the personnel
responsible for data in banks and shows the need to get data higher up the agenda. We wish you
an insightful read and look forward to further discussions.

Best wishes

Burkhard Eckes
Banking & Capital Markets Leader

Marc Billeb
Partner Technology & Processes

PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks 1
 w

Contents

1 Management
Summary

4 Going
Forward
Data Governance
Survey
2
Methodology
and General
Information

3 Detailed
Survey
Results
w

Management Summary
Banks are investing large budgets to comply with diverse regulations, but they risk implementing
redundant and inefficient processes and shrinking margins.

After having had insightful and deep discussions on Data Management topics with 45 banks across Europe we come to the
conclusion that all of them are facing similar challenges. Furthermore, we realised that more regulation introduced by the
regulators does does not directly lead to better data and by that an in-depth view on the current state of the banks. It may be
argued that the increased regulation, which is mainly the reaction to the economic crisis, will not avoid similar crises in the
future. On the other hand we understand the rationale behind the regulatory initiatives. The key messages as a result of our
survey can be summarised as follows:

Regulation Governance and Data Quality Architecture

More regulation on its own
does not help solving the
main challenges which
banks are facing in terms
of data.
Although there are
different national areas of
focus from the regulators,
differences regarding
Data Management are not
measurable.
Reponsibilities
Most banks do not have a
common Data Governance
Framework and are lacking
clear responsibilities for
data. Furthermore, it is
unclear which department
should be responsible
and banks are afflicted
with silos.
Data Quality has been Most of the banks
identified as a major topic, neither have a central
but sustainable processes Data Warehouse nor
to address and improve well-documented data
Data Quality as well as flows. New technologies
corresponding controls are regarding data have not
still missing. Software for been adopted during
measuring Data Quality is the last few years and
used relatively widely but the architecture is not
is not standardised. flexible enough to be
adjusted quickly for new
requirements.
During the next three
years many banks plan to
implement a central data
warehouse.

Given the diverse national regulations in the past and the large investments as well as current developments in the market (e.g.
Digitization, FinTechs) banks should think of how to organise Data Management in the future. If well-organised and addressed
with the correct actions, banks will be able to comply with regulations and grow the business simultaneuously as well as save
costs and ensure that they are focused on the main risks.

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 3
 What should banks do next?
What do the survey results
mean for banks in their
current situation?
Banks are facing different challenges regarding Data
Management and and risk having to make multiple
investments on similar topics: As a consequence banks
should focus on the following four priorities:

Added value for banks

Cross-functional, effective and
Review all current
efficient front-to-back solutions for
projects that touch
Data Management which address
1 on data topics (e.g.
IFRS 9, BCBS 239,
regulatory as well as business aspects;
synergies and cost savings achieved.
AnaCredit)

Commitment from Senior

Define a Data Management and other stakeholders
for implementing a central Data
Strategy and link it
2 to the business and
Management strategy; a consistent
basis for solutions which support
risk strategy business goals.

Better clarity in operations; improved

Define clear reporting capabilities; and the
confidence that relevant capacity is
responsibilities
3 and a Governance
sustainable.

Framework

Improved Data Quality and more

Implement efficient processes, as less time and
effort is spent on corrective action.
sustainable
4 Data Quality
Management

4 PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks
Methodology and General
Information

PwC Data Governnace Survey Results A European Comparison of Data Management Capailities in Banks 5
PwC Data Governance Framework provides
the essence from recent regulations
The structure of this survey follows the
ata Governance
PwC Data Governance Framework, 1. D
which has been developed based on
recent regulations in Europe,
including (among others) 3. Data 4. Data
BCBS 239, AnaCredit and Management Quality
FinRep. These regulations include
requirements for Data Governance
or Data Management as well as rules 2. Data
graphic
7. Data strategy
forcing banks to collect detailed data 5. Data
Protection
in a structured and traceable manner. Model
and Privacy

The idea of the PwC Data Governance

Framework is to establish structured 6. Data
guidelines on how to deal with all Architecture
of these regulations simultanuously
and effectively.

Data Governance requires an organisational structure (e.g. department or function) to include clear guidelines and responsibilities for data.
1 Data Governance should be supported by policies and guidelines as well as job descriptions and encompassing roles and responsibilities for
data (e.g. data ownership).

Data Strategy is the overarching component, with impact on Data Quality, Data Modelling, Data Architecture, Data Protection and Privacy as well as
2 business aspects. It should be connected with the business strategy and covers at least Data Governance aspects, target architecture
for Data Management/Data Quality measurement and definition of good Data Quality including concrete key performance indicators (KPIs).

Data Management incorporates the processes and reporting capabilities of an organisation. It should ensure that an organisation has defined
3 and implemented standardised processes for normal and ad-hoc reporting requirements as well as Data Quality reporting. The required data can
be produced accurately within a reasonable timeframe and reporting requirements encompass the latest data requirements.

Data Quality deals with the appropriate Data Quality requirements which are defined and documented across the organisation (front-to-back).
4 Data Quality can be measured on the basis of criteria and methods. Moreover, a continuous Data Quality improvement process should be defined
and actively managed.

In a Data Model, data which is processed and the relationship amongst data is defined. In this respect, data is defined and documented consistently
5 across the entire organisation in a Data Model. Furthermore, the organisation uses a data dictionary to define data and describe data processing rules.
The data storage locations are known and documented (data lineage) and data aggregation is able to be reproduced.

The Data Architecture describes the state in which the organisation has an integrated finance and risk IT architecture which allows for flexible data
6 processing and data delivery. This is especially important with regards to new data requirements requested by a regulatory authority. The operations
within the Data Architecture are highly automated with a negligible share of manual intervention.

The Data Protection and Privacy requires that the organisation performs a protection requirement analysis across all IT systems in accordance
7 with the Data Governance responsibilities. Moreover, the organisation has set up a data security concept. For all data deliveries, the appropriate
level of confidentiality and data protection is defined.

6 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
 A standardised questionnaire
derived from the PwC Data
Governance Framework
formed the basis for structured
interviews with 45 banks
across Europe.
We used a well-structured methodology based on our
Data Governance Framework derived from recent

1
regulations in Europe to explore the main challenges
regarding Data Governance and Data Management
aspects in banks across Europe.
Questionnaire
Using a standardised questionnaire derived from the PwC Data Governance
Framework, we interviewed key data specialists in 45 banks across Europe. These
were predominantly Chief Risk Officers (CROs) or Chief Information Officers

2
(CIOs), but we also interviewed Chief Data Officers (CDOs) if this role existed in
an organisation. From these interviews, we were able to gather interesting insights
into Data Governance and Data Management, while at the same time gaining an
understanding of current thinking within the industry on other non-regulatory data
related topics, including the future of the business model of banks (e.g. digitization).

Structured Interview The results have been aggregated and consolidated by a central team and the key
results and insights are provided in this report.

3
Analysis and evaluation
of the results

4
Overview report of the
data framework

5
Identification of
improvement possibilities

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 7
 Participating banks are spread
across 12 European territories.

Type of banks which participated in the survey The 45 banks which took part in the survey are spread
across 12 European territories:
3 banks from Northern Europe
33 banks from Western/Central Europe
9 banks from Southern Europe
n Wholesale Bank
n Retail Bank
nS pecial
Institutions
19
14
12

Mostly the participating banks can be categorised as Participating banks according to balance sheet
either Wholesale (14 of 45) or Retail (19 of 45) banks. amount in € billion (bn):
Special institutions include especially public-owned
and mortgage banks as well as specialised banks for
e.g. wealth management. 8.9%
13.3%

9.0% 22.2%

4.4%

73% … of participating
42.2% n 500 - above 1000bn
n 150 - 500bn
n 100 - 150bn
banks are supervised by
n 30 - 100bn
the Single Supervisory n 10bn and under 30bn
Mechanism (SSM). n Other

8 PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks
Detailed Survey Results

PwC Data Governnace Survey Results A European Comparison of Data Management Capailities in Banks 9
 The vast majority of banks surveyed do not
have a Chief Data Officer (CDO) in place to
address Data Governance issues.

Banks are facing more and more requirements to
deliver large amounts of data to regulators at a very
low level of granularity; furthermore, regulations
such as BCBS 239 require a well-structured Data
Governance function, without defining clearly
what this means. Against this background it is
surprising that …
Reporting lines for CDOs. When banks that do have a
CDO function were asked where in the organisation
the function sat, the answer varied widely. There is no
clear consensus on where the CDO function should be
best placed. If the CDO function is to be independent
and accepted across the organisation, it may be best to
either create an entirely new department with direct
reporting lines into the CEO, or to link the CDO to the
COO function.

76%
9%

... of European Banks do NOT have a CDO function. 18%

46%
For those banks that have a CDO function, the role
focuses mainly on the following topics (more than
one answer was allowed): 18%

3 9%
10

12 n Chief Operating Officer (COO)

nC hief Risk Officer (CRO)
n Chief Information Officer (CIO)
n Chief Finance Officer (CFO)
8
n Assess data relevance n Chief Executive Officer (CEO)
nM anage data
availability
n Ensure data quality
n Other

10 PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks
Banks are failing to address Data Governance
in a structured way, with a lack of an overall
Data Governance Framework across surveyed
banks. This leads to redundant costs and
inefficiencies.
Two thirds
… of banks do NOT have an overall Data Governance
Framework. And despite the significant increase
in data-related regulation, banks are seemingly
indifferent about the topics which should be
addressed in a Data Governance Framework.
The No.1
reason for addressing Data Governance aspects is
To comply with regulatory and/or
compliance requirements (71 %)
Followed by
2. To reach strategic goals (38%)
3. To fulfill the requirements of the organisation’s
corporate governance policy (33%)
PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 11
In a more and more competitive banking landscape, it
is crucial to not only consider a bank’s Data Governance
Framework from a regulatory perspective, but also to
ensure that it also addresses business aspects. Well-
defined and structured Data Governance and Data
Quality Management processes should help to make sure
that a bank is operating in line with minimum regulatory
requirements, but should also increase business
opportunities by, for example, making available valid
and accurate customer and product data. In an industry
where margins generally are shrinking, the ability to
draw relevant conclusions from data will be essential in
ensuring that a bank remains competitive.
The survey found that Data Governance aspects are
mainly addressed through the creation of policies and
guidelines, or through the establishment of a robust
organisational structure. But other actions, such as
regular awareness initiatives and culture change are
important to preserve Data Governance and quality.
Banks are planning one or more of the following actions:
Create Data Governance policies and guidelines
31
Establish an organisational Data Governance structure
28
Optimise the IT Architecture
27
Design a Data Governance process
26
Implement software, supporting Data Quality
and data dictionary
23
Other
9
0 5 10 15 20 25 30 35
 Data Ownership is not clearly defined –
defining clear responsibilities for data will
be crucial going forward.

Definition Box:

71%
Data Ownership
Data Ownership means clearly defined responsibilities
for the definition and quality of data items. It is
crucial that there is a clear structure within technical
departments. There should only be one function
responsible for defining data, although many other
functions may use the data produced.
If Data Ownership is effectively
… have defined some kind of Data Ownership. In implemented, redundant data will
most cases, Data Ownership is organised decentrally be avoided and data reconciliation
so the right skills are available to validate the data. and reporting processes will become
Nevertheless, Data Ownership is often not clearly easier and less resource
defined and responsibilities are not clearly documented, intensive.
as banks continue to face difficulties in complying with
all regulatory requirements and in delivering large,
granular data sets within a short time period.

Summary Data Governance

There is a high risk of banks No central responsibility for
investing in the wrong areas Data Management.
or wasting money on the same
topics, because they are handling
more than one project that
addresses Data Management.

Banks should implement a Data Data Quality is either

Governance Framework which not addressed or solutions
covers all recent regulations and are not sustainable.
functions within a bank as well
as defining clear responsibilities
for data.

12 PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks
Banks’ most valuable asset, although not
shown in the financial statements, is data.

Defining a Data Strategy is a cross-functional issue.

Banks that have a Data Strategy have made sure that
it is aligned to their IT, Risk and Business Strategy (see
graphic below; multiple answers were allowed)

50% 14

… of the interviewed banks do 11 16

not have a Data Strategy.

Data Strategy:
What does this mean? 16
A Data Strategy should address at least the
following topics:
High level minimum requirements on Data n Business strategy n Risk strategy
Governance n IT strategy n Other

Target architecture for Data Management

(e. g. central data warehouse implementation)
Target level of Data Quality Management as
well as concrete KPIs
Future topics such as Big Data, Digital
Transformation, Mobile Banking or Payments
Furthermore the Data Strategy should be aligned to the
IT strategy, Risk Strategy, Digital Strategy (if applicable)
as well as the overall Business Strategy.
Summary: Data Strategy
Data Strategy is a cross-functional topic.
It should occupy a central place to ensure feasibility as
well as effective and goal-oriented investments.
Data and Data Governance are the basis for risk
management as well as for business development –
alignment is essential.
Digital Strategy and Data Strategy should also be aligned.

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 13
 Ad-hoc reporting is a challenge for all banks.
Few are satisfied with the speed and accuracy
of ad-hoc reporting.

While banks are generally satisfied with their reporting

Satisfaction with processes, there is a discrepancy when we look at the
reporting accuracy type of reporting. It’s clear that the surveyed banks
are less satisfied with the speed and accuracy of their
30
ad-hoc reporting than they are with their recurring
25 25 reporting processes.
24 This is because ad-hoc reporting procedures are less
20
standardised procedures. Although ad-hoc reporting
demands are less predictable, banks should implement
15
14 procedures and responsibilities to handle these
10
demands, which come mainly from regulators.
8 9
5 5
Implemented internal and
0
2 3
external standardised
1 2 3 4
reporting procedures
n Recurring reporting n Ad-hoc reporting

75% 44%
Satisfaction with
reporting speed
25

21 Recurring reporting Ad-hoc reporting

20
19
15 15
14

10 10

5 5 5 Banks should define clear responsibilities and introduce

a structured process to address ad-hoc reporting
0
1 demands from external as well as internal stakeholders.
1 2 3 4 By doing so they will improve their ad-hoc reporting
capabilities, be more efficient and drive resource savings
n Recurring reporting n Ad-hoc reporting which could be invested into other important activities.

1 = Very satisfied 4 = Not satisfied

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 15
 Even so, only a few banks consider themselves
unprepared for ad-hoc reporting demands.

Most of the participating banks are more or less

satisfied with their readiness to react to regulators’ Top 3 Challenges for report
ad-hoc reporting requirements. But the lack of clear preparation
responsibilities and standardised procedures in banks

1
means they face the risk of failing to meet these
requirements or regulatory deadlines, or of High effort for
delivering wrong data. reconciliation of data

2 2 Manual data collection

is needed (excel etc.)

7 18
3 Data granularity is
not appropriate

x Bank reporting
processes are
generally inefficient -
69% most of the surveyed
banks produce more
reports than needed,
wasting resources
18 which could be
deployed across
… of banks do not have different activities.
n Very satisfied procedures in place
to ensure that only
nS atisfied relevant reports are
nN either satisfied produced.
nor unsatisfied
n Not satisfied
Banks should think about their Data Strategy and
work on defining responsibilities and processes to
address ad-hoc reporting demands. Otherwise, they
risk losing their competitiveness while investing a
huge effort in fulfilling ad-hoc reporting requirements
from the regulators.

16 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Banks understand the importance of Data
Quality, but still have a long way to go.
The survey results show that banks have identified Data Quality as an important topic. Nearly two-
thirds of banks have implemented criteria and methods to measure Data Quality, as well as quality
gates. KPIs are used to address completeness and accuracy, but measurements around validity,
availability, timeliness, consistency and integrity are mostly missing. These criteria are just as
important and should be taken into account.

Ability for Root

Cause Diagnostics

14
Data Quality Control
Criteria and methods for determining data quality
32
64% 36%

Quality gates control instance (front-to-end) which

ensure that Data Quality

62% 36%

Continuous Data Quality improvement process implemented

40% 60%
54

0% 20% 40% 60% 80% 100%

n Yes n No n Fully able n Fully able but huge effort n Partially able

Most of the banks have not implemented a process to
continuously improve Data Quality.
The result is that significant investment has been made
to implement quality gates and controls without any
improvement in Data Quality and business processes.
Ultimately, problems with Data Quality in banks will
not be resolved and internal control systems will remain
ineffective and inefficient – while at the same time,
banks will continue to face more and more regulations
on data.
Identifying the root cause of Data Quality problems is
essential if banks are to find the best way to address any
errors. 32% of the banks said they are only partially
able to identify the root cause of Data Quality problems.
Banks will not be able to improve their Data Quality
effectively and efficiently unless they document data
flows front to back and define a clear responsibility for
data.

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 17
 Nearly half of the banks in Europe are not using
automated procedures to measure their
Data Quality and less than a third have
implemented a structured process for
reporting on Data Quality.
Although most of the banks surveyed have identified Data Quality as an important topic and
implemented criteria to measure it, they don’t consequently carry out what they have planned.
Many do not use software to measure Data Quality or have a process for reporting on it.

Nearly 50% of the banks surveyed haven’t yet Less than one third of banks have implemented a
implemented any software to measure their Data specific process for reporting on Data Quality – most
Quality; standardised software is not commonly used. of these have also implemented a standard software to
A reason for this may be that most banks are still using measure Data Quality.
many different IT systems to support their processes
(heterogeneous IT architecture) and standardised
software is very difficult to integrate into the
landscape of IT systems..

29%

38%
18%

47%
33%
29%

nY
 es, a Data Quality nT
 he organisation is planning
reporting process has to implement a Data Quality
6% been implemented reporting process
nN
o

n Standard software
n In-house development Banks will only be able to improve their Data Quality in
nO  ther a sustainable manner if they build transparency on their
Data Quality front-to-back with structured and regular
n No
reporting. Banks should take action to improve Data
Quality or risk being unable to fulfil growing regulatory
requirements in a cost-efficient manner.

18 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Reasons for poor Data Quality are numerous
and widely spread across IT systems.
Banks have identified different reasons for poor Data Quality – mainly, they are missing the ‘Golden
Source’ and clear definition of data fields. The reasons for this may be that banks are often organised
in different silos, e.g. risk management, finance, regulatory affairs etc. Within these silos, definitions
on data fields as well as the understanding of the same figures could be significantly different. Having a
unique definition of data fields and figures which is understood and applied across all banking functions
is crucial to be able to implement structured and sustainable Data Quality management. The pre-
condition for this is that different divisions decide on a common understanding for the data fields and the
main figures. Implementing clear data ownership may also help to solve this issue.

Reasons for poor Data Quality in banks mainly are … While errors occur across all IT systems, the majority
(multiple answers were possible) occur in front-office or back-office systems as the
employees in these business areas often do not
Different understanding of data fields; no uniform understand the downstream consequences of wrong
definition of data fields, no ‘Golden Source’
information and clear agreements between divisions
30 are not in place.
No appropriate definition of data responsibilities
18
Inconsistent data across systems
16
Weak internal control system
15
10
Other 28
16

0 5 10 15 20 25 30 35
10

13
23
Summary: Data Quality
• Data Quality has been identified as an important topic.
• No consistent use of software to measure and processes n Front-office systems
to report on Data Quality. n Back-office systems
• Reasons for lack of Data Quality are numerous and n Data warehouse
widely spread across all IT systems and business units. n Reporting platform
• Lack of know-how in business units to ensure Data n Usage of end user computing
Quality. (IDP - Individual Data Processing)

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 19
 Focus: Sustainable Data Management
Data Quality (Management) has to be improved
continuously and must be combined effectively
within the existing Internal Control System.

Define Strategy and

1 plan Data Quality level 2
Plan and
implement

6
Report
and
review
3
Perform

5
Correct and
Improve 4 Monitor
and detect

1 2 3 4 5 6
At the first stage, a Data Quality Throughout the Weaknesses in Data Depending on Regular reports on
Data Strategy should measures should be day-to-day business Quality and controls the type of error Data Quality and
be defined and planned front-to- all Data Quality should be identififed corrective actions the main reasons for
include an overall back throughout measures should be by collecting the should be taken weaknesses as well as
Data Quality Level to all processes and IT performed. results of the Data which may be actions being taken
be achieved. systems including Quality measures. 1. Correct the should be prepared
a clear description By using that wrong gathered and provided to the
of all measures to information the Data data; 2. Change board. Furthermore,
achieve the defined Quality Level can be IT applications or the process of
Data Quality determined and be 3. Implement new Continuous Data
Level. Automatic compared against the detective controls. It Quality Management
checks should be Data Quality Level is important not only should be reviewed
implemented upfront specified in the Data to correct the wrong (second line of
by using the existing Strategy. data but also to think defence).
Change Management of long-term actions
procedures. to continuously
improve Data Quality.

20 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Nearly half of the banks surveyed do not
have a clear and documented Data Model
and diverse responsibilities.

IT department CDO Finance or Risk Different No

department department department responsibility

Who is considered to be Although half of the

banks have defined and
responsible for the Data Model? documented a Data Model,
there are high levels of

54% uncertainty about the

responsibility for defining
and maintaining this.
IT department Currently, responsibility for
the Data Model is widely
spread across surveyed
banks. As a well-structured
and clearly defined Data
Model builds the basis for
fulfilling ad-hoc regulatory
… have a defined and data requirements and
documented data efficient Data Quality
model in place. Management processes,
CDO banks should:

Define clear responsibilities for defining

and maintaining the Data Model

Define and document the Data Model

including descriptions of the content
of data fields

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 21
 More than 90 % of banks either have not or have
only partially documented their front-to-back
data flows across the organisation.

As well as having no distinct source of data, banks either

have not or have only partially documented their
front-to-back data flows.

6.7%

64%
15.6%
8.9%

x 26.6%

42.2%

… have no distinct source

(‘Golden Source’) defined n Documented across the
whole organisation
n Documented but not across
the whole organisation
n Partially documented across
the whole organisation
n Partially documented
but across the whole
organisation
n Not documented at all

Not only for regulatory reasons, banks should define a

Banks are facing high risks of not being able to
sustainably fulfil regulatory requirements. Without
having a distinct source for data and documented data
flows, it will take a lot of time and investment to identify
the correct data, to reconcile the data and last but not
least to implement necessary changes in IT systems.
If banks do not manage these risks responsibly,
they will not have sufficient time to care for and
grow their business.
clear, well-structured Data Model and document the
data flows as the basis of coordinated Data Management.
By doing so they will be able to:
1. React to ad-hoc data requirements from regulators.
2. I mplement changes in the system landscape due to
legal regulation or product changes/new products.
3. E ffectively analyse their business model to improve
services for their customers.

22 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Banks will implement a bank-wide Data
Dictionary within the next three years.

… currently the scope of the Data Dictionary is mainly

By now … an internal view for each single division. Banks do not
have a clear view whether to use the Data Dictionary
product or IT system related.

64% BUT

The majority of the survey participants plan to have a

… of survey participants have a group-wide roll-out of their data dictionaries within the
Data Dictionary next three years.

Top three reasons not to use a

data dictionary software

36.4% 36.4%
Consider the selection of a data dictionary
software not a high priority

Implementation costs and change

15.9% 11.3% management efforts are too high

Processes in the organisation are not

n Yes n No, but we plan to implement adequately structured to support
n No, an excel-based n No, the organisation does standardised software
worksheet is used not use Data Dictionary
software

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 23
 Most surveyed banks have implemented a
central Data Warehouse (DWH) and even 50%
of those banks that do not have a central DWH
have defined a ‘Golden Source’.
On the other hand, the majority of banks are facing Data Quality issues due to missing ‘Golden
Source’ (see page 22). What is driving this?
It seems that while individual business units often have their own ‘central’ Data Warehouse, this is
not always rolled out on a true, consistent, bank-wide basis.

Does the organisation have

an implemented central Data
Warehouse?
15 50.0%
Southern Europe
28
73.0% 28.0% 10
Middle Europe
13
50.0% 23 Northern Europe

0 20 40 60 80 100
n Yes n No and have no ‘single
n Yes n No
n No but have a ‘single point- point-of-truth’ (golden
of-truth’ (golden source) for source) for each data field
each data field

If not implemented with well-structured processes

to ensure Data Quality and robust reporting, a

60% central Data Warehouse or technology like Business

Intelligence will not address the challenges banks are
currently facing with regards to data.
In the end, there is a high risk that despite investing
heavily in the implementation of a central Data
Warehouse, banks will not be able to realise the
advantages, which include more efficient processes,
... of banks have NOT changed less costs and faster data delivery.
their Data Architecture during In the past, many projects for implementing a central
Data Warehouse have not proved advantageous as
the last few years due to new these projects have mostly been IT or technology
technologies or requirements driven, with business aspects, as well as process
control topics, not being adequately addressed.
(e.g. Big Data).

24 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
All banks have installed a Chief Information
Security Officer and introduced more or less
mature policies and guidelines regarding
data protection and privacy, but they are not
proving effective.

… have installed a … have implemented

Chief Information an Information
98% Security Officer 48% Security Management
System
2.3%

18%
Does the organisation have policies, processes and
controls for Data Protection and Privacy?
48%
maturity high

20.0 37.8
Yes,

32%
Yes, maturity

n Yes n No
35.5 6.7 n Yes, but only partially n No response
low

implemented
Banks who have mature policies and guidelines in
place continue to experience data protection laws
and regulations as an obstacle for Data Management
and as a hindrance for their business.
N0

0 0
One of the biggest challenges over the next few years
will be to fulfil all legal requirements and achieve
Yes No
a business model which will enable banks to stay
competitive.

Do you see data protection laws/regulation as an

obstacle for Data Management?

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 25
 One third of the banks surveyed do not have any
or have only an incomplete overview of relevant
regulations.

Summary: Data
Protection and Privacy

65% 1 Although all banks have

implemented a Chief
Information Security Officer
(CISO) function and defined
guidelines, most of the banks
do not have a structured and
effective Information Security
Management System (ISMS).

… of banks have an overview about all relevant

legal requirements in all relevant countries of
operation related to Data Protection and Privacy. 2 More regulation does not
consequently lead to better
data protection or at least more
Nevertheless, banks face neither a large number nor effective Data Management.
value of losses with regards to data due to insufficient

3
data protection.
Monetary losses due to
2.3% insufficient data protection
8.9%
4.4% are relatively minor.

4.4%

80.0%

n Yes, total loss > €0.1 n Yes, but do not want to

n Yes, total loss > €1 million disclose the amount

n Yes, total loss > €10 million n No

n No response

26 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Going Forward

PwC Data Governnace Survey Results A European Comparison of Data Management Capailities in Banks 27
 Summary: Framework Aspects – Data
Governance and Data Strategy

Key learnings What banks should

• No responsibilities for Data Management.
do now
• Missing Data Governance Framework. 1
• Missing linkage between Digital Strategy
Consolidate Data Management topics
and Data Strategy as well as between
and address them in ONE central
Data Management, Risk Management
Data Management Project
and Business Development.

2
• Data Quality is not being addressed
sustainably.
• Data Strategy is cross-functional Build a Data Governance Framework
• High risk for misinvestments; need for including a clear definition of
effective approach and goal-oriented responsibilities
investments.
• Topics on Data Management are being
addressed in multiple ways due to 3
several regulatory topics. Define a Data Strategy addressing business
topics and Risk Management as well as
building a linkage between the Data Strategy
and Digital Strategy and other topics

Advantages:
More efficiency, less costs for
implementing Data Management topics,
effective solutions, optimised structure
for Data Management.

28 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
Summary: Processual Aspects – Data
Management and Data Quality

Key learnings What banks should

• Ad-hoc reporting is a challenge for all
do now
banks; satisfaction level with speed and
accuracy is very low.
1
• Reporting demands are becoming less Agree on a clear definition of data
predictable. and all key figures; select ONE
clear definition applicable for every
• Banks invest a lot of effort in the Business unit
reconciliation of data, perform a lot
of manual data collection and data
granularity is often not appropriate.
2
• Banks have identified Data Quality as an Define processes to measure and
important topic, but structured processes report Data Quality; implement
to measure Data Quality are mostly not software to measure Data Quality
implemented and software to measure
Data Quality is not used at all.
• A continuous Data Quality improvement
3
process is not being implemented. As Train all employees on Data Quality
topics and the necessity of correct
a result banks risk having poor Data information
Quality after having invested in large
projects over the next few years.
• The main reasons for poor Data Quality
are unclear definitions of data fields and
missing ‘Golden Sources’.
Advantages:
Improved ad-hoc reporting capabilities,
more efficiency, resource savings, clear
processual structures as well as transparency
in Data Quality.

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 29
 Summary Data Modeling Aspects – Data Model,
Architecture and Security

Key learnings What banks should

• A lot of uncertainty about the
do now
responsibilities for Data Modelling and
the corresponding Data Architecture.
1
• Lack of documentation in the banks’ Define a clear, well-structured Data
front-to-back data flows across Model and document data flows as a
organisations. basis of coordinated Data Management
• Banks are facing big risks of not being
able to sustainably fulfill regulatory
requirements and distinct data sources
2
(‘Golden Sources’ are missing). Consider implementing Data
• Data Dictionaries are mainly an internal Dictionary software
issue for each division and not bank-wide
solutions; but banks mainly plan to create
a bank-wide Data Dictionary.
• Although most of the banks surveyed
3
have implemented a central Data Force implementation of an
Information Security Management
Warehouse they are suffering from poor System (ISMS) as well as find
data quality. pragmatic ways to fulfill regulations
• Banks which have implemented
implemented older security policies and
guidelines experience this as an obstacle
for Data Management and a hindrance
for their business. Advantages:
Clear structures in data flows and fields,
basis for faster reporting due to clear data
structures, efficient change management
procedures due to data dictionary software

30 PwC Data Governance Survey Results: A European Comparison of Data Management Capailities in Banks
 Contacts

If you would like to discuss the issues raised in this

paper in more detail, please speak with any of the contacts
listed on the next page or your usual PwC contact.

32 PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks
Anne-Kristin Kuttert Marc Billeb
PwC (Germany) PwC (Germany)
[email protected] [email protected]
+49 (0)69 9585 1421 +49 (0)69 9585 2723

PwC Data Governance Survey Results A European Comparison of Data Management Capailities in Banks 33
www.pwc.com/financialservices

This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information
contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness
of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers does not accept or assume any liability, responsibility or duty
of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.

© 2016 PwC. All rights reserved. Not for further distribution without the permission of PwC. “PwC” refers to the network of member firms of PricewaterhouseCoopers
International Limited (PwCIL), or, as the context requires, individual member firms of the PwC network. Each member firm is a separate legal entity and does not act as
agent of PwCIL or any other member firm. PwCIL does not provide any services to clients. PwCIL is not responsible or liable for the acts or omissions of any of its member
firms nor can it control the exercise of their professional judgment or bind them in any way. No member firm is responsible or liable for the acts or omissions of any other
member firm nor can it control the exercise of another member firm’s professional judgment or bind another member firm or PwCIL in any way.