Compliance through Data Governance: A Forced Positive for Business?

South African companies, like their global counterparts, have an obligation to comply with a number of regulations that govern various aspects of business processes and operations. Many of these regulations are underpinned by a focus on data and the usage thereof. Three of the most pressing regulations in South Africa currently are POPI, KYC/FICA and BCBS239.

It stands to reason that data professionals are driven by two distinct forces when it comes to the management and usage of data across their organisations. The first force is that of business performancehow can we use our data to improve the performance of the business? This brings into play analytics to gain insights from the data that can be actioned. The second force is compliancehow do we manage our data to ensure we are compliant with regulations? It’s here that a well thought out and enforced data governance framework is required.

Corinium recently hosted a series of breakfast roundtables with Oracle where the focus was on financial regulations, BCBS239 predominantly, and how data governance plays a role in driving compliance to those regulations. Arthur Britz and Varsha Ramesar of Hoonartek, during their presentation, asked the audience, all of whom were from the banking sector, to describe the impact of BCBS239 on their work in one word. They were duly surprised when the responses from the finance executives were overwhelmingly positive. Some words used were: comfort, trust, fantastic, governance, opportunity and advocate.
The meaning behind these responses is that data professionals view compliance as something that actually helps them drive data governance across their organisations – it’s a forced positive. The belief is that it’s much easier to get buy-in at all levels using, what is effectively, a stick approach. Data governance is positioned as not only a strategic imperative but a risk mitigating imperative too.

Readers from outside the financial sector shouldn’t turn away here. Compliance to POPI requires a very strong data governance and management framework. According to POPI Solution 360 the consequences of contravening POPI are “a maximum period of imprisonment of 10 years, or an undisclosed maximum fine (each fine to be determined by the relevant court on a case-by-case basis) can be levied. Furthermore, the Regulator may institute administrative fines up to an amount of R10 million.

That alone should be enough of an incentive for you to use to drive data governance from board level right down to front-line users of data.

But, the threat of fines and/or jail time doesn’t magically create strong data governance principles across businesses. It probably acts as a motivator for funding and resources but the technical work and change management still needs to be done. And this is where many data professionals are currently focused in South Africa.

When asked about where the majority of South African companies are in their data journey, Craig Steward, Managing Director, EMEA for Corinium Global Intelligence said “Our research has shown that most data professionals are acutely aware of the need to institute strong data governance frameworks in their businesses but only about 47% feel they have the support and buy-in from the board or the relevant C-level executive.

It is clear that there is a drive towards better governance and usage of data but many legacy challenges still dog the progress of data professionals. Solutions to these challenges will be presented through case studies, discussion groups and workshops at the annual Chief Data & Analytics Officer Africa event that will be taking place at The Maslow in Sandton from 3 to 5 July 2017.

The event has an unrivalled line-up of speakers including 5 Chief Data Officers and representation from large organisations such as Barclays, Alexander Forbes, Multichoice, Hollard and Transunion.

To view the full detail of the conference, visit

For all enquiries please contact:
Raluca Apostol, Marketing Manager: EMEA, Corinium Global Intelligence
[email protected] 

Related Posts

Leave a Reply

Corinium Global Intelligence is registered in England & Wales, number 08520994. Registered office:
Brook House, School Lane, South Cerney, Cirencester, GL7 5TY.

Share This