SMCR: Empowering Ownership, Accountability and Governance

By Howard Travers
on Jul 15, 2020

After working for the leasing division of Barclays for 11 years, it was very strange to move from an established process of working, to join the ‘dark side’; a start-up software company selling trading software back to Banks. It was an exciting time, as financial services organisations were going through dramatic change and adopting new technology and practises. 

With the advent of relational databases, knowledge management, group chat and messaging, the industry was not frightened of making big changes. I remember one instance when working for the UBS chat spin-out MindAlign, being rebuked by one of the Senior Directors of Deutsche Bank for not integrating fast enough with Blackberry, saying “Deutsche Bank is like a Lamborghini driving 250 miles an hour down the road and we don't have a brake pedal, so either keep up or **** off”.

The Investment Banking world was competitive (and hard on the liver), but organisations were always looking to innovate and were not scared of change and investing in good ideas. The headlong rush for financial gain had well-documented issues, internal governance was drowned out by the business, while the Regulators were far too slow to react and could not keep up. Internal and external controls and governance were often loosely in place and, as a consequence, we had the 2008 financial meltdown. From that point, the pendulum has swung completely the other way. Regulators have brought out a raft of new policy regulations and risk assessments which have tied the financial services industry up in knots; created vast reporting groups, strangling change and crippling transformation projects. The industry that prided itself on the latest technology and applications are, in many cases, using tools years behind the things we take for granted on our own phones and laptops.

The Regulators and the Industry are realising that there has to be a middle ground. The Regulators are changing and starting to adopt new practises and processes to deliver regulations digitally, rather than static documents. GDPR and other regulations like the Senior Managers and Certification Regime (SMCR), recently published by the Financial Conduct Authority (FCA), are looking for the Banks to show a culture of compliance and not simply treat the regulations as an annual ‘tick box’ exercise.

So it has been a refreshing change to work with the senior executives of a well-known Investment Bank, who have pragmatically decided to change their working practises and empower all levels of the organisation to better visualise, understand and improve how their data is used on a day-to-day basis. With the Executive support of the COO, CRO and CDO they took the opportunity to use the updated SMCR regulations as a catalyst for change and have introduced Solidatus to meet their needs.

They recognised that one of the major difficulties in reporting was that the underlying technology platforms could not change fast enough and that large amounts of important business data are created, maintained and presented in tools like Excel, Visio and PowerPoint. By using Solidatus, and with only minor changes to their processes, they have removed their dependency on 150+ spreadsheets (EUDAs), utilising the tool to support the creation, management and reporting of non-application data.

The bank now has a strategic tool that can replace their reliance on offline spreadsheets to store information assets used to run their business. All non-application data is tightly controlled, audited and governed, while being quicker and easier to maintain than countless spreadsheets. For the first time, it is possible to show a complete trace from business product, through the three lines of defence, to show adequacy and effectiveness of their control - meaning that business owners are quickly able to visualise and sign off or remediate issues and gaps.

In short, in a matter of weeks rather than months or years, they have significantly improved how their data owners, directors and decision-makers engage together and have significantly reduced the risk of reputational and financial penalties to the Bank and the Senior Managers.

Topics: Regulatory Compliance, Data Lineage, Metadata Management, Data Quality, Data Management

Author: Howard Travers

With over 20 years of experience in developing businesses, Howard is an accomplished commercial director with a proven track record with start-ups. He has played a pivotal role in bringing Solidatus to market.
Find me on: