The Guidelines clarify the structure of data governance in banking financial institutions, aiming to eliminate ambiguity in the powers and duties among various departments and to create unified data management.
Under the Guidelines, banking financial institutions must build a top-down and coordinated system for data governance, allocating responsibilities among the board of directors, board of supervisors and its senior management team.
Specifically, the board of directors must:
- formulate a data strategy;
- approve the major issues related to the data governance; and
- take ultimate responsibility for data governance.
Senior executives are responsible for setting up:
- a data governance system;
- a mechanism for data quality control; and
- the necessary incentive and accountability mechanism.
The board of supervisors, on the other hand, must supervise and evaluate the performance of the board of directors and senior executives on data governance.
In addition, banking financial institutions may set up a position of Chief Data Officer (the CDO), even though it is not a mandatory requirement. The institutions can determine whether the CDO is a member of the senior managers based on their business needs. For those CDOs who are considered to be senior managers, they should also be subject to relevant qualification requirements specified by the CBIRC.
The CDO, as a newly created role, currently lacks any more detailed descriptions of its duties and responsibilities in the Guidelines. Generally speaking, in the light of domestic and global data security laws and regulations, the CDO is expected to have a well-balanced mix of technical know-how, analytical skills, expertise in legal and regulatory matters as well as business acumen.