Seven steps to future fit superannuation data

In this second article in our series exploring innovation in risk and regulatory data and technology, we explore ‘Seven steps to future fit superannuation data’.

At a recent industry round table meeting with a number of Australian superannuation fund trustee CEOs, APRA and ASIC expressed interested in the steps trustees are taking to strengthen data governance, including those over third party arrangements, and to ensure appropriate risk management over data reported in regulatory submissions and public disclosures.

In a continuation of our series of insights on innovation in risk and regulatory data and technology, Deloitte explores how tried and tested steps from the broader financial services industry can be applied to superannuation funds to build trust in their data and improve efficiency in the superannuation data eco-system.

The opportunity

The superannuation data landscape is continually evolving.To support a well-functioning superannuation system, trustees understand that they must focus on and invest in data governance to better understand data challenges, to facilitate accurate and timely data (including from third party service providers), and to industrialise and professionalise internal reporting functions.

Regulators are expecting trustees to strengthen data governance to ensure appropriate data risk management and to increase both the accuracy and timeliness of regulatory reporting and public and member disclosures.

The challenges

Today’s complex superannuation data eco-system is often characterised by a short-term focus and complexity that is often the result of reliance on multiple third-party service providers. Trustees’ common data challenges include:

• The ubiquity of manual data entry processes; these drive complexity and unclear roles and responsibilities across the data ecosystem, creating barriers to meeting the data quality expectations of stakeholders.
• Clearly demonstrating to superannuation fund members the financial benefits of investment in data governance solutions.
• Inefficient legacy systems; these create difficulties in meeting new reporting requirements in tight timeframes and often require manual work arounds required to address increasingly granular data requirements.
• The sources of data risk being poorly understood, prioritised and managed.
  

Seven steps to future-fit superannuation data

As pressures mount, trustees need to actively demonstrate how they can manage fund data efficiently and effectively. By taking the seven key actions below, trustees can establish future-fit data foundations that build on APRA’s CPG 235 Managing Data Risk.

1. Key Action : Know your data

How to make it work : Identify, agree and define critical data needs for today and into the future using the lenses of member service, investments, fund operations and external reporting. 

2. Key Action : Understand the end-to-end data supply chain

How to make it work : Understand and validate the data supply chain, including across third parties, to identify key data risks such as sourcing, aggregation, transformation and calculations across business and technology processes.

3. Key Action : Design data controls that address data risk

How to make it work : Design and implement data controls that address the key data risks across the data supply chain, leveraging automation and emerging technologies when it makes sense to do so.

4. Key Action :  Embed clear accountabilities for data management and expectations around quality

How to make it work :  Clearly document ‘fit for purpose’ data quality expectations and embed data management accountabilities, including within service levels with third party providers.

5. Key Action :  Implement effective data oversight and monitoring processes.

How to make it work :  Measure and monitor the leading and lagging indicators of data risk and drive actions:

• Examples of leading indicator examples are the numbers of manual processes and data sources.
• Examples of lagging indicators examples are data quality and data incidents.

6. Key Action : Invest in data architecture that supports operational efficiency and risk reduction

How to make it work : Design and implement a data and technology architecture that enables data availability and quality expectations to be realised in line with business objectives.

7. Key Action :  Prioritise data risk in the fund’s Risk Management Framework(RMF)

How to make it work :  Elevate data risk as a key operational risk that needs to be managed in line with the expectations of the fund’s Risk Management Framework.

To better understand your fund’s data governance maturity, trustees should be asking these three questions:

• What are the strategic implications and investment considerations across the business to be able to respond to the increasing breadth and depth of regulatory collections effectively and efficiently?
• What capabilities would be required to achieve this, including those around transitioning from legacy systems, rationalising reporting systems, improving data quality and embedding end-to-end reporting processes?
• Is your data risk management approach fit-for-purpose?  Does it place enough emphasis on the benefits of being in control of your data?

There are clear longer term operational efficiency and risk reduction benefits from investment in data risk management capabilities; however, the onus is on superannuation fund trustees to drive the agenda for this across the superannuation data ecosystem.  As governments and regulators look to make superannuation data sets more publicly available, transparent and portable, including through an ‘Open Finance’ regime, the time to get in control of your data is quickly running out.