Why implementing an NoSQL database is the silver lining the GDPR compliance cloud

By David Northmore | 12 January 2017

The compliance cauldron is bubbling over with toil and trouble for the financial sector. MiFID II, Dodd Frank and BCBS 239 are just some of the regulations circling the stew, demanding tighter controls and more granular levels of reporting in an industry where data is its lifeblood. The EU General Data Protection Regulation (GDPR) – which defines the rights of EU citizens around the privacy and protection of their personal data – is another ingredient for the compliance melting pot. And as almost all financial and banking data, from customer financials and account information to cardholder data and transactions, is potentially sensitive or private, GDPR spells double trouble indeed.

The new law, which comes into force in May 2018, will impact any financial organisations offering services to EU citizens. Even if a firm has no European offices, it can still be investigated, fined and even prosecuted under the upcoming regulation if it holds EU citizens’ data.

And as the financial sector knows, falling foul of the regulators can be an eye-wateringly expensive business.  Those who don’t comply with the GDPR can face crippling fines as high as 4 percent of the company’s global annual revenue.

But there is a flipside to this compliance coin. By proactively preparing for the GDPR to mitigate risk and maintain compliance, the financial sector has a golden opportunity to profit from getting its data in better shape. Financial institutions of all kinds – from banks to wealth management firms – can gain valuable and potentially revenue-generating insights into their business processes or customers’ preferences by building a single, consistent and persistent 360-degree view of its employees, customers or citizens.

One of the biggest issues currently preventing a single 360-degree view is that much of a financial company’s data currently lies in multiple, unconnected data silos, which are often a legacy from earlier departmental initiatives. Mergers and acquisitions have conspired to create even more silos and multiple copies of data spread out across silos, threatening data integrity issues. 

Being able to aggregate data from disparate sources is an essential component in the new financial regulatory environment. And, as several firms have already discovered, there is an easy way to bring all these silos of data together. Using an operational data hub – built on a flexible, enterprise-grade NoSQL database with integrated Google-like search - can pay dividends for data challenges where the data and requests from regulators change over time.

An operational data hub is a virtual filing cabinet that can hold a single, unified 360-degree view of all data. Because up to 80 percent of today’s enterprise data is unstructured or semi-structured – for example PDFs or online data – it makes sense to build an operational hub using a database that can handle the full range of data types. A NoSQL database fits the bill, because it can handle any type of data, and also removes the need to resort to many costly hours of complex data integration challenges and wrangling - extraction, transformation and loading (ETL), which is a major weakness of traditional relational databases.

Choosing the right NoSQL database is important though. Open source variants do not have all the enterprise-grade features required. These critical features include support for ACID transactions, government-grade security, high availability, scalability and disaster recovery. An enterprise NoSQL database provides financial institutions with a flexible, agile and scalable platform, giving them the assurance that their data will be secure, never lost and always available.

ABN AMRO, the international bank based in Amsterdam, The Netherlands, is currently using the MarkLogic enterprise NoSQL database to bring vast amounts of unstructured and structured trade data into one central operational trade data store. With a consistent, transparent record of every order and trade event, ABN AMRO can more easily comply with existing and forthcoming financial regulations given that the required data is in one place, ensuring data lineage and provenance through an append-only model and providing a uniform and consistent view of orders and trades. Additionally, MarkLogic’s bitemporal capability allows ABN AMRO to minimize risk through “tech time travel”— time-stamping and rewinding trades.

Another global investment bank built a Trade Store on the MarkLogic database in just six months, even though it connected over 30 trading systems. This Trade Store brings vast amounts of unstructured and structured data into a central repository accessed by many line of business applications. This approach allows the bank to support various reporting requirements, including regulatory reporting, and helps to protect against regulatory fines.

GDPR goes beyond trade data by setting out new responsibilities for the financial sector to adhere to regarding any personal data. In essence, financial organisations need to identify the personal data they have, work out how best to store and process it, and make decisions on its continued existence and usage.

This presents financial companies with a complex data processing task. But by using an operational data hub to record, organise and index both the systems that contain personal data and the personal data itself, financial organisations can ensure compliance; reduce the risks associated with not being able to find the data or action a specific request by a given deadline; and automate many of the steps required, saving considerable time and effort.

Having a golden reference of personal data – stored in one place, with a single view – will give financial institutions valuable insights into the touch points for every individual. This can be leveraged to give customer service, marketing and sales teams a joined-up view of customers and prospects – a golden record, if you like, of everything relating to a customer or individuals working for each customer.

Each golden record may include behavioural, social, transactional, descriptive and product/service data taken from multiple sources ranging from CRM systems and analytics databases that record user click-through/search to call centre audio records, marketing databases, LinkedIn and more.

The resulting 360-degree view can help organisations increase revenues and reduce churn by making it easier to identify and manage customer interactions, as well as allow them to target individuals with more effectively with tailored, contextual offers across multiple channels.

With GDPR only 16 months away, the clock is ticking for the financial sector to get its data in order. But rather than viewing this as the unwelcome addition which makes the compliance cauldron finally boil over, look at it as a golden opportunity. An operational data hub can blend disparate data ingredients together to solve today’s complex data integration challenges. It can bring relief from the international complexity of ever-changing regulatory compliance requirements whilst revealing new insights.  What started out as a GDPR risk reduction exercise is in fact a recipe to create new revenue-generating applications and services for the business, while boosting customer satisfaction.

David Northmore, VP of EMEA, MarkLogic

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development