Compliance reports – Are you certain of your data quality?

Basel II, Solvency II, Sarbanes-Oxley, HIPAA, environmental, health and safety, IT security, data privacy, industry regulations, audit requirements – as the governance, risk and compliance (GRC) environment becomes ever more stringent and complex, company directors need to be confident that the information they are reporting is accurate.

In reality, research suggests that directors are much more trusting of their company's information than they ought to be. Not just in its use for compliance reporting, but also in their perception of its accuracy for management decision making and serving business operations.

Uncertain information

Three studies into business information accuracy make sober reading:

• A survey of 200 business and IT executives by Forbes Insights[1] found that 95 percent agreed that strong information management is critical for business success. But 61 percent also said that their business processes suffer from inconsistent or flawed information.

• Research around the costs of poor information by industry analyst Gartner[2] conducted with 140 companies, suggests an average loss of $8.2 million annually, with 22 per cent of them thinking it was closer to $20 million. 4 percent put the figure as high as $100 million!

• In a further study, while more than 80 per cent of the business managers surveyed believed that their business data was just fine, half of their own technical people took a very different view.[3]

These surveys indicate that information errors are costing businesses a great deal of money. They also suggest that directors risk signing off compliance disclosures which later transpire to be unreliable, risking prosecution, hefty fines and even jail sentences for individual directors. Can you be confident in your data quality?

Cause of the problem

Enterprise level information used by directors in decision making comes from data collated from across multiple operational systems. In a large organisation, headline revenue, cost, inventory, asset and customer information for example is likely aggregated from hundreds of systems spanning multiple regional marketing, sales, production, supply, distribution and finance operations.

The source data will have been gathered, manipulated and stored according to localised processes supporting functional requirements. Aggregating information from a large array of such sources is a complex process. It can involve great upheaval, expense and manual intervention to locate, verify, extract and match information records.

Some companies employ large teams of analysts in an attempt to weave together incongruous data from dispersed sources into something that makes sense. This is an expensive, forever to be repeated exercise that's typically quite ad-hoc rather than defined by clear rules and processes. It's a method continually prone to human error.

Such approaches might present an indicative approximation of activity to guide executive decisions and management can decide whether this is sufficient. But it's an approach that's no longer adequate for today's compliance needs. Regulators seek more than an 'indication.' Returns have to be accurate. Increasingly in fact, it's now necessary to prove that the processes used to collect and verify the quality of the data are transparent, repeatable and robust.

Spotting the symptoms

The following checklist can help senior managers identify whether their business is suffering from information challenges that might compromise regulatory reporting and compliance:

• Difficult to obtain:

Is it hard to obtain reports on business performance at short notice? Is information aggregated from different regions or departments? Is validation and correction of source data typically a major manual exercise?

• Limited confidence:

Are you dubious about the finer accuracy of business performance figures? Are there inconsistencies in financial reports? Is it difficult to reconcile regional sales figures with product lines? Is it hard to verify asset values, stock valuations and other financials?

• Information gaps:

Do your sales and marketing teams lack a consistent, accurate view of customer, sales, stock data and struggle with inconsistent reporting?

If any of these apply, then there's a strong likelihood of errors arising in enterprise reporting. Yet with the burden on directors for ensuring compliance increasing, their requirement for fast access to reliable information must be met without compromise. That's why more companies are seeking to establish enterprise information quality assurance programmes.

Enterprise information quality assurance

Typically, information quality assurance programmes entail freeing information from functional or departmental silos, specific systems and technologies -and making it available as a reliable, cross-functional, cross-architectural enterprise resource.

Often referred to as 'information governance,' it involves orchestrating people, processes, technology and lines of business to secure, administer and manage organisational information and data assets in line with overall business requirements and goals.

The benefits can be widespread, going beyond enhanced compliance disclosures. For example, more accurate key performance indicators (KPIs) support better decision making. Financial control can be improved along with asset management, inventory and supply-chain management. Customer relationship management, marketing and sales all benefit from improved insight.

There are plenty of success stories. British Telecom calculated benefits exceeding $1.2 billion from a seven year enterprise information quality assurance programme focused on improving the return on investment of data dependent processes and systems investments. British Airways needs to ensure commercial data reliability in support of good customer service, effective processes and decision making. Wales & West Utilities, the National House Building Council (NHBC) and Lloyds of London underwriting group Chaucer Syndicates are further examples.

The right approach, now

Information quality assurance presents unique challenges.  Aligning people, process, and technology across an entire enterprise would be a tough prospect. But a 'big-bang' approach isn't necessary. Selecting a specific area, like sales or supply or the data domains that comprise their reporting can quickly deliver dividends.

The information reporting demands placed on businesses by regulators and management continue to grow. Organisations operating without a formal information governance policy will experience an increasing rift between the information they can muster, and its fitness to support the demands they have of it.

The winners will be those taking action now. Using proven methods, best practices and services to keep information quality assurance and compliance initiatives on track, companies can succeed even in the most complex and challenging business environments.

Biography

Ed Wrazen is vice president, product marketing at Trillium Software, a business of Harte-Hanks, Inc and a leading enabler of Total Data Quality solutions. He can be reached at trillium.uk@trilliumsoftware.com or via www.trilliumsoftware.com.

[1] Forbes Insights: Managing Information in the Enterprise: Perspectives for Business Leaders, 2010

[2] Gartner: Organizations Perceive Significant Cost Impact From Data Quality Issues, by Ted Friedman, 14th August 2009

[3] TDWI Report Series: Taking Data Quality to the Enterprise Through Data Governance, by Philip Russom, May 2006