No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Demystifying Regulatory Compliance with MDM

by Martin Samuel Nielsen
August 27, 2018
in Compliance, Featured
gear organizing jumbled lines

Using Master Data Management as Part of a Robust Compliance Program

Martin Samuel Nielsen discusses how leveraging master data management as part of your compliance arsenal will allow you to understand, manage and control information about your customers, products and more to safeguard how data is managed and maintained across your business.

As the world becomes more digital, the number of regulations designed to protect individuals, govern the products and services they purchase and monitor their related data “footprint” increases dramatically. According to an Ernst & Young survey, intensifying regulatory pressures are top of mind for business leaders, with 78 percent of respondents expressing increasing concern about data protection and data privacy compliance.

Organizations are faced with two unique challenges: first, to determine how they govern, use and protect data to comply with mandates such as the EU’s General Data Protection Regulation (GDPR); and second, how to manage the vast amounts of data needed to perform due diligence for mandates such as Know Your Customer (KYC). Whether your business sells B2B or B2C, the requirement for regulatory compliance is here to stay. In fact, it is likely to get more difficult as organizations struggle to understand the growing amounts of data found in their data lakes and other sources.

The True Impact of Regulatory Compliance

Today, organizations are amassing large volumes of critical business information about not only their customers and partners, but also their products and their individual components. Compliance comes in many forms and spans numerous industries. Furthermore, it is forcing organizations to understand and access their organizational data to comply with various overarching regulations, including those that are specific to their business or geographical region.

For instance, the number of regulations that require a company to have control over data has increased over the last couple of years and includes well-known directives such as the GDPR, the International Financial Reporting Standards (IFRS) and others.

KYC, in particular, is covered in many anti-money laundering acts across the globe and includes verifying the identity of your clients to assess risk during the due diligence process. To ensure compliance with these mandates – as well as other regulations, such as the FDA’s Unique Device Identification (UD law that requires a unique identifier to be assigned to medical devices and the Food Labelling and Education Act, etc. – organizations need to assemble sources of truth to ensure data is accurate. More importantly, they need to ensure the data is fit for purpose, meaning they can understand how the data will be used throughout the organization (and in what setting) to ensure conformance.

Yet many businesses maintain an IT ecosystem that is not well-suited to support regulatory compliance. This is because they rely on various legacy systems that cannot easily be retired, and they often have one system per line of business, resulting in duplicated data that resides across the IT landscape. Aside from the time it takes to onboard a customer, one of the biggest challenges to complying with regulations such as the Bank Secrecy Act and the related anti-money laundering (AML) rule is the ability to identify the client/customer across the enterprise. This is because institutions are often required to provide the same information about the customer repeatedly, making this approach unacceptable.

Taking the Reins on Risk: CDOs to the Rescue

In an attempt to support the needs of the CIO and the various data requirements from business users, organizations in regulated industries and beyond are adding a new seat to the C-level table in the form of a Chief Data Officer (CDO). CDOs are often defined as the person responsible for enterprise-wide governance and use of information as an asset via data processing, analysis, data mining, information trading and other means. They primarily have a business background rather than an IT background, as they focus on ensuring data quality and transparency for regulatory and risk management, as well as analytics reporting. In fact, according to a recent Gartner report[i], CDOs spend, on average, 27 percent of their time on risk management and compliance.

According to Gartner’s latest Magic Quadrant for Data Quality report, these CDOs realize the importance of data quality in reaching the goals laid out for them, which include not only compliance and risk mitigation, but increasingly growth, customer and product priorities. “To achieve CEOs’ business priorities in these categories, data and analytics leaders — including Chief Data Officers and CIOs — must ensure that the quality of their data about customers, employees, products, suppliers and assets is ‘fit for purpose’ and trusted by users. Without trusted data, efforts to achieve these objectives will be impeded, which will result in less value for shareholders, reduced competitiveness, rising operational costs, loss of customers to competitors and, potentially, fines for noncompliance with regulations.”[ii]

In reaction, C-level executives, with support from business users, began adopting new solutions, such as master data management (MDM), to better organize, understand and apply how data is being used today and how the business hopes to use it in the future. MDM also supports critical identity resolution, so organizations can identify their customer, products, individual components and geographies to ensure proper due diligence to assess risk and maintain compliance.

Due to privacy laws, Chief Information Security Officers (CISOs) such as myself are often the executive tasked with delivering these vital capabilities to our organization. If your organization employs a CISO, he or she likely owns the compliance task. If so, working closely with the CDO is an important best practice for the CISO.

Making the Best of Mandatory Compliance: Three Tips That Can Get You Started­­­

Organizations can take one of two mindsets when it comes to keeping up with the neverending list of regulations: They can proceed with developing only the minimum level needed without fully committing, or they can view it as an opportunity to get their house in order and connect and deliver information to every point within the enterprise to drive value. To help you and your organization comply with today’s regulations, such as BCBS239 or Title 21 of the Code of Federal Regulations (CFR), as well as prepare for future ones, start by considering these three steps:

  1. Augment Current Approaches: Rather than take an all-or-nothing attitude toward compliance, consider current methods and look for ways to supplement existing technologies and approaches. Ask yourself, can we achieve compliance by adding new data quality and data management strategies?
  2. Audit Data: Identify where, why, how and by whom the data is being used. Ask yourself how the data is being consumed and in which context it is needed.
  3. Apply Data Governance: Data governance can help you define business accountability for your different types of data and establish proper data management policies. To do so, first determine the source of the data, as well as who can access it and who can change it. This will help you identify the business processes that rely on it and apply appropriate governance policies.

Improving regulatory compliance is a critical undertaking, but it’s part of a “high-risk/low-reward” organizational capability. As a result, it doesn’t often get the attention it deserves. Poor compliance can be extremely costly and potentially damaging to both your bottom line and brand reputation. MDM will not only help you get to the true identity of your customer, product, geography, etc.; it will also help you identify and understand all the relationships each has with other relevant parties and objects. These may include stakeholders, politically exposed persons and advisor relations, products and their components/ingredients, locations, services or policies, as well as assets and important documentation. It also provides a unified view of the counterparties across the various lines of business.

Leveraging MDM as part of your compliance arsenal will allow you to understand, manage and control critical information about your customers, products and more to safeguard how data is managed and maintained across your business. More importantly, it boosts the overall visibility and traceability of your data, which streamlines your compliance efforts and frees up additional resources to tackle additional business challenges.

[i] Source: Gartner. Assess the Impact of MDM Vendors’ Machine Learning, GDPR and Cloud Solutions, March 2018

[ii] Source: Gartner. Magic Quadrant for Data Quality Tools. October 2017


Tags: AMLBank Secrecy Act (BSA)Data GovernanceDue DiligenceGDPRIFRSKnow Your Customer (KYC)
Previous Post

Mayer Brown’s Tech Talks, Episode 3: The Big Data Paradox

Next Post

Ankura Completes Acquisition of Navigant’s Disputes, Forensics and Legal Technology Segment and Transaction Advisory Services Practice

Martin Samuel Nielsen

Martin Samuel Nielsen

Martin Samuel Nielsen is Chief Information Security Officer for Stibo Systems, the global leader in business-first master data management (MDM)™ solutions. For more information, visit www.stibosystems.com.

Related Posts

data privacy leader concept

Who’s Minding Your Data? The Case for Dedicated Privacy Leadership

by Daniel Barber
June 16, 2025

As state privacy laws multiply and AI introduces new vulnerabilities, the question isn't whether you need dedicated privacy expertise —...

abstract obscured data colorful

NIST’s Differential Privacy Guidelines: 6 Critical Areas for Secure Implementation

by Michelle Drolet
June 16, 2025

Standard de-identification methods remain vulnerable to sophisticated attacks, but differential privacy offers mathematical guarantees that scale with emerging threats

drug cartel soldier camo

Leveraging Human Rights Frameworks to Combat Emerging Cartel Risks

by Nate Lankford, Matteson Ellis and Nisha Sawhney-Murkett
May 19, 2025

As enforcement priorities shift to cartels and foreign terrorist organizations, established human rights processes can identify and mitigate emerging legal...

doj building sign with flags

‘Reasonable Steps’: What the DOJ Expects From Your Bulk Data Transfer Compliance Program

by Alexandra P. Moylan, Alisa L. Chestler and Michael J. Halaiko
May 5, 2025

Sample provisions offer blueprint for compliant data brokerage with foreign entities

Next Post
concept of acquisition with buildings on puzzle pieces

Ankura Completes Acquisition of Navigant's Disputes, Forensics and Legal Technology Segment and Transaction Advisory Services Practice

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights