Launch any meaningful discussion about data, and data ethics will be high on the agenda. In fact, it has long been at the heart of what those in the financial sector have been trying to do, it just hasn’t been referred to by name. The financial sector is all about relationships and trust and, in terms of data ethics, an awful lot of responsibility is being placed on banks with the expectation that they will behave correctly and fairly.
Creating a safe environment
Historically the story has not been a good one and as a result, vast amounts of regulation are in place to hold the financial sector to account for what it does. Regulations that cover everything from proper conduct and behaviours to tracking the mis-selling and mis-pricing of financial products. Customers should feel that their interests are transparent and what that means is an audit trail of every conversation and every data point. From an ethics point of view, it’s clearly not only about trust but also about creating a safe environment in which the financial sector can operate.
The financial sector also remains reactive rather than proactive to incidents, and due diligence is still an issue. The recent collapse of the Archegos Capital hedge fund caused huge losses for the financial sector and some of the banks that suffered the heaviest losses had trusted the reputations of individuals that proved to be built on sand.1
Financial crime is a huge problem for the sector. From a data ethics point of view, it’s fundamentally important to know who your customer is and their financial viability. Cyber risk is of great concern and the financial sector is investing heavily in tackling this too. The problem is less about people gaining access to your data and more about people gaining access to your network, as recent well publicised ransomware attacks have shown. These attacks are very sophisticated and are exposing technological flaws in the financial system.
Taking care of data
Following the financial crisis of 2008, a framework of governance was put in place to make clear who is responsible for the different parts of a bank. The culture is now to encourage people to speak out and share where there has been a breach, a mistake, or an issue. The financial sector has got used to planning scenarios and preparing for ‘what if’ eventualities and there is continued significant investment in this space. Nearly every bank will now have a CDO (Chief Data Officer) to answer questions about data ethics. Although the elements of data ethics (conduct, control, data-sharing) are there and in isolation companies are strong, if asked to explain the entire framework there could be gaps. This is at a time when it is clear that for a whole new generation of employees, ethics matter much more than they ever have done before.
Banks should be able to set out clearly and culturally where they stand on data ethics. They must show a vision of how and why data ethics are important to their clients and employees and the UK financial services sector should be taking the lead in demonstrating the transparency, consistency and security of their customers’ data. This in turn will highlight areas that could, and should, be improved.
Data maturity simply means ensuring that data is clean, of the right quality and from the right source. An understanding of the source of that information is important, as is the journey that the data has taken, how complete it is and then how it is being processed and if that is happening in a timely manner. Data maturity is a good benchmark for organisations to use to assess themselves and an entire regulatory framework exists to support this.
Migrating data to the Cloud is another challenge that regulators, companies and individuals are having to address. The concerns about who can see this data, and what they can do with it, are very real and are a key consideration in data ethics.