Memo to businesses - Stop being so risk-averse when it comes to data!

Digital leaders must develop an organizational culture that allows employees to exploit data effectively and create new opportunities for the business and its customers.

That was the conclusion of a roundtable event with business leaders and industry experts that considered the data maturity of private and public sector organisations. The event was held by consultancy Carruthers and Jackson and discussed results from the firm’s recently released Data Maturity Index.

The Index highlights how 44% of data leaders believe their organisation only considers data risk within the confines of a regulatory framework, such as GDPR, BCBS 239 or MiFD. Attendees at the roundtable agreed that, while adherence to regulations is important, digital leaders must ensure their organisations are not risk-averse.

Exploiting opportunities

Mary O’Callaghan, Director of Technology Engagement at the British Heart Foundation (BHF), said it can be hard to get people in the organisation to stop fixating on rules and regulations. Digital leaders are often aware that a focus on regulatory requirements can make it easier for senior stakeholders to invest in people, processes and technologies that help reduce data risk:

Sometimes, we’ve almost played on that because we can go to a board and say, ‘You have to make these investment decisions’. There's fear of getting caught out or making a mistake.

Meanwhile Ashley Cairns, Delivery Director at Carruthers and Jackson, said her interactions with major businesses suggest key pieces of legislation, such as GDPR, can give C-suite executives a focus when it comes to understanding the risks associated to data use. However, while concentrating on regulations can make it easier to gain funding for data protection projects in the shorter term, executives must be careful to also consider long-term implications:

It’s important to not only think about data in terms of, ‘we've got regulatory issues coming up’. And a lot of the work around GDPR, unfortunately, involved thinking about ‘what data have we got and why are we using it?’. And actually, I think if you think about regulations in the right way, you can have very positive conversations.

Cairns suggested organizations should use the regulations to foster a joined-up approach that helps people across the business think about how data can be used to create new opportunities. BHF’s O’Callaghan agreed, suggesting organisations that only use regulations as a lever for investments in data might miss out on a bigger prize:

Doubling down on risk might work for a while, but it does leave you open to the potential of missing out on rewards and opportunities. If all our decisions are based on, ‘How do we not get things wrong?’, we're missing out on the opportunity of, ‘What we can do right?’”

She argued that digital leaders should create strategies that help employees know what they can and can’t do with data. Once boundaries are established, it’s easier to give staff freedom. Bob Michael, head of data at retailer DFS, agreed with those sentiments but suggested that, even when boundaries do exist, they’re often centred on data protection. While his own organisation makes new employees go through a course on information security, other more proactive areas remain off the agenda:

There is nothing about how we make the most of data. That's because the business sees the consequential cost of not complying with regulations.

Delighting customers

While Michael suggested people are often turned off by governance and the thought of adding more layers of bureaucracy, he cautioned that digital leaders must help develop a data-led culture within their organisations – and success there relies on increasing data literacy:

We’ve worked to raise data skills and confidence across the organisation. Then, on the back of that work, I'm also saying that if we’re giving people tools, data and the opportunity to use and exploit information, then they’ve got to think about what they’re doing with it. Yes, we want people to use data, we want people to share data, and we want to maximise value. But how do we do that while ensuring we have the right governance around it.

Carruthers and Jackson’s research found that 56% of digital leaders believe data either doesn’t flow efficiently through their organisation or the data journey is unclear. Michael suggested real progress on understanding the risk of data in a measured way will only take place once data is considered as part of the balance sheet:

If data is at the heart of what we're doing as a business, we should be recognising its value. But we should be able to measure its use consistently across the organisation, in the same that we have rules to follow when it comes to financial reporting. So, we've got to think about the value of data and the use of that corporate asset.

There was broad agreement that the definition of data has evolved considerably during the past few years. Most executives now understand data is a crucial corporate asset. For example, the value of data to retailers soared during the COVID pandemic as more consumers started shopping online, said Caroline Carruthers, former CDO at Network Rail and now CEO at Carruthers and Jackson:

New data came in and it flooded a lot of organizations. And I think that ties back into all the risk opportunities and how they handle those. That’s all about creating a framework to get people on the ground to come up with the most interesting ideas because they're facing the customers.

In the case of DFS, Michael explained that his company’s sofas are made to order, which can take up to 14 weeks. His challenge is to keep customers interested during this waiting period and to potentially sell them related items:

We're looking at moving more into the home market. So, can we actually sell the look of a room? Can we sell the idea and use the information we've got about that customer, so we’re taking them on a journey? We want to get away from having a lack of information between the point at which they sign on the dotted line and the point where we contact them to say, ‘Your sofa is coming’.