Critical Data Elements: How should you address them?

Sean Donahoe, Senior Consultant

Today’s operational data ecosystem within asset management firms is fast becoming complex and extensive, with new datasets, functions and usage applications such as, generative AI and machine learning. Regulations are beginning to come to the forefront providing guidance and directives for individual firms to assess risks associated with identifying, controlling, and reporting on critical data elements (CDE).

A critical data element can be defined as an attribute or set of attributes that is vital to the success of an organisation. The organisational success criteria will be defined by key internal and external stakeholders. Another way to view it would be, if no controls or inadequate controls exist to maintain this data, would your business be susceptible to material reputational, financial, personnel, or compliance risk?

The Role of Critical Data Elements in Data Governance

The identification, management, and reporting on CDEs should be part of an organisations data governance programme and should be agnostic of any transformational programmes or projects being undertaken. Meaning, data governance applies across every organisation at all levels and can easily be extended when migrating or adopting to new technologies like cloud-native software or implementing a new data ecosystem architecture like a data mesh environment. The applicability of data governance is independent to any specific technology, and therefore should easily integrate within any business, thus preserving its sustainable and critical function. This also increases the likelihood of buy in and continued support from key stakeholders

From our clients’ perspective, key drivers in this area are regulatory, transformational, and operational. Prominent regulatory directives such as Basel Committee on Banking Supervision (BCBS 239), GDPR (European Parliament & Council of the European Union), AI Act (European Commission), Solvency II, ESG disclosures, and more recently, the FINMA Circular 2023/01 Chapter IV D are further exacerbating the importance for businesses to initiate or enhance their data governance programmes. Transformational drivers include, but not limited to, large-scale system overhauls and cultural shifts to a “data-first” mindset (e.g. creating data governance office). Operationally, identifying CDEs will complement risk management policies such as disaster recovery and business continuity, where restoring datasets can be prioritised and stored in a more secure manner. The onus falls onto companies, but regulatory bodies are providing guidelines and frameworks to assist with these objectives

Data management teams are also becoming better suited and capable of fulfilling projects to create data catalogues and glossaries to represent true data lineage. Cataloguing provides a natural language query engine to find data attributes or sets, and their relationships with other data products, so that power users can easily find, request, and access data needed for productivity gains. Glossaries will help users understand the content of the data, usage, and relationship with other datasets within a data mesh environment. Lastly, lineage is a powerful concept where users can trace the origination, pathways, destination, and extensibility of datasets within many functions of the organisation, with the end goal of achieving new insights into owned data and discover new products as a result to better assist customers.

Methodologies for Identifying Critical Data Elements

Achieving consensus on critical data elements across all domains is essential for effective data governance. CDE identification methodology types include, Simple, Matrix, and Hybrid. The Simple methodology asks a series of Yes/No questions relating to the sensitivity of data, both from a business and technical perspective. The Matrix methodology is a weight-based calculation where scores are multiplied against given weights in specific categories. Lastly, the Hybrid methodology is a combination of the two, offering a best fit for all types of organisations. The unique balance between the qualitative and quantitative approaches of the previous two is very effective for organisations that have yet to assess their data and risk ecosystem at an enterprise level. All these methodologies are complemented with EDM Council’s Data Management Capability Assessment Model (DCAM) assessment framework. Effective implementation of robust remediation strategies is crucial for productivity advancement, ensuring that your organisation has more time to focus on revenue generating business functions.

Strong data governance programmes are a crucial underpinning of any growth plans. Ensuring data programmes are running optimally and evolving along with your business are crucial to help organisations realise lower margin cost to growth ratios, generating new lines of revenue streams, reach higher productivity and ultimate ensure a return on investment on technology stacks and advanced analytic and algorithmic models.

Liqueo’s CDE identification and remediation components are part of the overall Data Quality as a Service offering (DQaaS). This offering consists of our time-to-market accelerators, deep subject matter expertise, best practices matched with industry standards, ensuring you’re in safe hands. To get in touch for a further conversation around your requirements, please get in touch.