Page 211 - Building Big Data Applications
P. 211
Chapter 11 Data discovery and connectivity 211
have not been proposed to meet 21% of the law’s requirements, underscoring
that even 7 years later, the regulation’s full impact remains uncertain.
4. General Data Protection Regulation (GDPR)
1. When GDPR came into effect on 28 May 2018, it will impose new penalties for
companies that run afoul of its cross-border data transfer requirements: fines of
up to V20 million ($23.5 million) or 4% of the company’s total annual world-
wide revenue, whichever is higher. That’s just one way in which GDPR seeks to
strengthen data protection for EU residents. It puts a greater onus on financial
services firms to understand the data they collect and transmit. Importantly, it
also impacts banks outside of Europe e any bank with customers in Europe
must also comply. Under the regulation, bank customers will need to provide
explicit consent for data collection, banks will need to disclose data breaches
within 72 h, and banks will need to wipe customers’ personal data after a pre-
scribed period of time.
5. USA Patriot Act
1. An older and wide-ranging law focused heavily on preventing terrorism, the
Patriot Act also includes specific regulatory burdens on financial services com-
panies to prevent money laundering, and to report and classify international
transactions. Specifically, “suspicious transactions” need to be reported to regu-
lators, and banks must identify individuals opening new accounts who meet
certain criteria, i.e., owning or controlling 25% or more of a legal entity.
Several of these regulations overlap in terms in their substance and reporting re-
quirements e for example, Basel III and Dodd-Frank both seek to increase bank capital
and liquidity requirements, even if the method may vary. Each regulation shares the
same overall impact, in that they impose significant burden on organizations in how
they analyze and report their risk exposure.
The burden flows down to the IT department, which must find ways to collect,
aggregate, and understand sensitive corporate data. Speed is important, enterprises have
a limited amount of time to find, understand, and report the required information. Even
so, they cannot sacrifice data quality, because mistakes in reporting can lead to costly
rework or even expensive compliance penalties.
In this world is where we have technologies that have AI built into them and the al-
gorithms, they have can be used to implement the data governance needed for both the
catalog of data and the compliance requirements. The neural networks that are in the
system will recognize data patterns, metadata and provide us with data discovery that will
be the first step in creating the data catalog. This data discovery and cataloging is an art of
the process of automating data governance, which will ensure the ability to manage data
effectively with efficient processes and minimal human intervention providing benefits of
error management and correction automatically as much as possible.
One of the vendors in the ecosystem who has a tool with features is IO-Tahoe. I have
played with this tool and can confidently tell you that incorporating this tool in the
