Steven B. Adler is Director of IBM's Data Governance Solutions and a recognized authority and innovator on Data Governance, security, privacy, operational risk management, and business process transformation. Mr. Adler is Chairman of the IBM Data Governance Council, an international leadership group of 50 C-Level Executives working together to design and evaluate comprehensive data governance solutions.

In addition, Mr. Adler is an Adjunct Professor at the Stern School of Business, New York University, as well as, Adjunct Professor at the Bucerius Law School, Hamburg Germany. Steven B. Adler developed the patented Enterprise Privacy Architecture, and invented the world’s first Internet Insurance program. He is frequently quoted in European and American press articles in trade journals, magazines, and newspapers and has contributed to many publications. Among others, Steven B. Adler serves on the Board of Directors of the International Security Trust and Privacy Alliance, the NASCIO Security & Privacy Committee, the Carnegie Mellon Privacy Lab, NCSU Privacy Place, Global Forum Steering Committee.

Fannie Mae and Freddie Mac should be fired not fixed

A friend sent me an article from today's Financial Times entitled, "A Danish fix for the US mortgage crisis," in which George Soros points out how the efficient and well-balanced Danish Mortgage system would be a great solution for the inefficient and poorly balanced US mortgage mess.

Earlier this year, in February, I wrote about the 2006 IMF Report comparing the world's mortgage marketplaces. In that report, the IMF identified the US and Denmark as having the two most efficient mortgage markets in the world in terms of interest rate efficiency and availability of credit.

Since July 2007, the US has demonstrated that its mortgage market model is neither efficient at providing credit nor effective at mitigating risk, and Denmark is now the most efficient mortgage market in the world. This is why Mexico selected the Danish mortgage model for its new mortgage system.

In my earlier blog article, I recommended that the US would do well to follow the Danish example, though I hold out no great expectation that it will. In the first place, there remains an American chauvinism that prevents the adoption of many good ideas from abroad. In the second place, there are far too many vested interests in the current system, which was designed to be like managed healthcare for mortgages - private companies serving shareholders and management, lobbying Congress to protect those interests before the public's interest.

Fannie Mae and Freddie Mac are poorly run organizations who have had to restate earnings many times before the current crisis. They weakened key mortgage underwriting provisions in 2005 and allowed vast amounts of poorly documented loan originations to seep into the global MBS market undermining the very mortgage market they were designed to serve. Shareholders, the American taxpayer, and people all over the world are now paying for the gross negligence of these two firms.

I agree with George Soros. Fannie Mae and Freddie Mac should be replaced with a mortgage model similar to Denmark. It is time we fix our flawed financial model and we should be mature enough to recognize that there are indeed foreign solutions superior to our own.

http://www.ft.com/cms/s/0/ac770b58-67aa-11dd-8d3b-0000779fd18c.html?nclick_check=1

"A Danish fix for the US mortgage crisis

By George Soros

Published: August 11 2008 19:21 | Last updated: August 11 2008 19:21

The recent compromise struck between the Treasury and Democrats in Congress on the fate of Fannie Mae and Freddie Mac, the government-sponsored mortgage guarantors, constitutes the worst of all possible worlds. The Treasury offered a blank cheque to come to the rescue, if necessary, but the managements of both companies were kept in place. They know that their survival depends on not drawing on that blank cheque. They will therefore do everything in their power to reduce the need for any new equity capital that would be dilutive. In short, as privately owned but undercapitalised financial institutions, the GSEs cannot fulfil their stated mission of providing stability, liquidity and affordability to the nation’s housing finance system.

In presentations to investors, which followed big quarterly losses, the GSEs said they would curtail purchases of mortgages and might shrink their holdings to preserve capital. They highlighted that fees from their insurance guarantee business had nearly doubled. They also improved the quality of new loans by focusing on borrowers with higher-quality credit, who put down greater down payments. This means that the GSEs have significantly increased the cost of mortgages and tightened lending standards.

The problems in the banking system have left the two GSEs as the only game in town in the mortgage market. Their market share of new mortgages has doubled over the past year and is now close to 80 per cent. Much of the balance is accounted for by the Federal Housing Administration, a fully guaranteed government agency. As the two companies fight for survival and try to reduce their need for new capital, the availability and cost of mortgages in the US suffer. Coming at a time when the supply of houses is swollen by a rising tide of foreclosures, this is a recipe for disaster. House prices have already fallen sharply and will continue to fall unless mortgages are made available on more favourable terms to a broader group of people.

This compromise, or stalemate, practically ensures that house prices will overshoot on the downside. That, in turn, renders the policies of the GSEs self-defeating as lower house prices increase their losses and push them further into insolvency. The GSE crisis has merely been postponed, at a cost of making the housing crisis more severe.

Confidence in GSE-backed bonds has been shaken. The stocks remain under pressure. Markets are forcing officials to come up with a better solution. We need to recognise that the business model of the GSEs is fatally flawed. They are public/private partnerships in which the risks are borne by the public sector while profits accrue to the private sector: management and shareholders. The companies have been plagued by accounting problems and other irregularities; their managements have spent enormous sums lobbying Capitol Hill. This is not a business model that deserves to be perpetuated.

Fortunately, alternatives are available. Hank Paulson, the Treasury secretary, has suggested the use of covered bonds, a mortgage-financing vehicle popular in Europe. I would recommend the system of mortgage credit used in Denmark, where loan-to-value ratios and underwriting standards are strictly enforced by a single, strong regulator. These mortgages are transformed into instantly tradable bonds. Cover for the bonds is provided by both the mortgages and the credit of the financial institutions issuing them. The mortgages remain on the balance sheets of the issuers, eliminating the moral hazard inherent in the US system, which is based on earning fees from selling them on to the market.

The standardisation of mortgages in the Danish system promotes transparency and liquidity. Householders can prepay their mortgages at any time by buying the bonds. Since house values and bond prices tend to move in unison this arrangement reduces the danger of householders’ equity falling into negative territory. For the issuing banks, owning these bonds carries lower capital requirements so the bonds sell at a premium to ordinary covered bonds. This system has survived and provided affordable home mortgages since its creation shortly after the great Copenhagen fire of 1795.

I pioneered the introduction of the Danish system in Mexico with the support of Paul O’Neill, when he was Treasury secretary. With modification, it offers a long-term solution to providing affordable mortgages in the US.

The writer, author of The New Paradigm for Financial Markets, is chairman of Soros Fund Management, which has held and continues to hold short positions in GSEs"

The US Federal Reserve Needs Data Governance

The US Federal Reserve announced new mortgage lending standards today that are designed to address so-called deceptive business practices among lenders. Those measures include:

¶Bar lenders from making loans without proof of a borrower’s income.

¶Require lenders to make sure risky borrowers set aside money to pay for taxes and insurance.

¶Restrict lenders from penalizing risky borrowers who pay loans off early. Such ”prepayment” penalties are banned if the payment can change during the initial four years of the mortgage. In other cases, a penalty cannot be imposed in the first two years of the mortgage.

¶Prohibit lenders from making a loan without considering a borrower’s ability to repay a home loan from sources other than the home’s value. The borrower need not have to prove that the lender engaged in a “pattern or practice” for this to be deemed a violation. That marks a change — sought by consumer advocates — from the Fed’s initial proposal and should make it easier for borrowers to lodge a complaint.

“Rates of mortgage delinquencies and foreclosures have been increasing rapidly lately, imposing large costs on borrowers, their communities and the national economy,” Mr. Ben Bernanke, the Federal Reserve Chairman, said.

“Although the high rate of delinquency has a number of causes, it seems clear that unfair or deceptive acts and practices by lenders resulted in the extension of many loans, particularly high-cost loans, that were inappropriate for or misled the borrower,” he added.

Excellent. Markets around the world can feel confident again that the US Federal Reserve has rooted out the major mortgage lending problems confronting the US Economy and has the entire situation under control.

NOT!

It is beyond shocking that deceptive lending practices like this even exist in the most "efficient mortgage market in the world" (according to a 2006 IMF Mortgage Market Survey). What's more shocking is that the Fed knew about these practices, had data attesting to their impact on rising rates of mortgage fraud going back to 2005, and did nothing about it until today.

And how do I know that, you ask? Well, the Fed's own economists put out an insightful summary of what went wrong in the current credit crisis and you can read it here:

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1020396

The first draft of this report was published in October 2007. And in perfect hindsight, the economists concluded,

"Were problems in the subprime mortgage market apparent before the actual crisis showed signs in 2007? Our answer is yes, at least by the end of 2005. Using the data available only at the end of 2005, we show that the monotonic degradation of the subprime market was already apparent. Loan quality had been worsening for five consecutive years at that point. Rapid appreciation in housing prices masked the deterioration in the subprime mortgage market and thus the true riskiness of subprime mortgage loans. When housing prices stopped climbing, the risk in the market became apparent."

Now the US Federal Reserve would not be the first organization in history to have better hindsight than foresight, but shouldn't we expect them at least to move faster with policy controls when the global credit market is facing the second worst crisis in history? And if it takes the Federal Reserve 2 years to study market data and write a telling report more than three months after the crisis has hit, and 8 months more to digest and issue lending guidelines to restrict fraud in the mortgage marketplace, how long exactly will it take them to react when Hank Paulsen consolidates all financial regulation in their hands?

To me this story offers some important lessons that I do hope Congress recognizes:

1. Regulatory Consolidation is not a panacea. Consolidated beauracracies do not historically produce operational efficiency. Witness the Department of Homeland Security and the performance of FEMA during Hurricane Katrina.

2. Data is useless without people empowered to act. The Fed had ample data to control mortgage lending fraud and prevent the worst aspects of the current credit crisis and it either chose not to act or its internal governance is so poor that there was no mechanism in place to forecast non-monetary economic risks and make micro-policy adjustments.

3. More important than regulatory consolidation, Congress should review the operational procedures and data governance practices at the Fed itself. A GAO Audit of Fed operational procedures and internal, below the Board, decision-making would be a great start!

4. The Subprime Credit Crisis was preventable! The Fed had the data and they had the economic skills to use it. They proved today that they even had the regulatory mandate to affect the changes in lending guidelines necessary.

Congress, the US Public, and the world at large, have a right to know what took them so long to use their own data before we entrust that organization with even more regulatory responsibility.

From where I am sitting, the Fed really needs Data Governance.

Why Fund Managers Should Care About Data Governance

The Subprime Credit Crisis is not even half over, but one thing we should have all learned by now is that Banks that paid attention to Data Governance lost the least. Whether they were able improve decision-making with better quality loan origination data or calculate risk with enhanced x-functional tools, some banks had better operational programs and show better returns.

In the wake of Subprime, fund managers should be asking companies they invest in about their Data Governance practices. Questions like:

1. Do they have a DG Organizational Structure that creates enterprise policies and reports results to the Board of Directors?
2. Is there a Stewardship function that assess data quality on an ongoing basis and works to improve operational decision-making with high quality data?
3. Are Data, Security, and Risk functions working together to maximize internal intelligence about operational, credit, and market risk controls?
4. Can the organization calculate risk and forecast potential losses?

If a company today can't answer these questions intelligently, they are not governing their information assets and the market should represent those management failures in share prices.

Data is the raw material of the Global Information Economy. Companies that govern its uses well will demonstrate better bottom line performance. Companies that don't carry an investment risk. It's that simple.

Education is the Great Equalizer

In Europe last week, I read this Financial Times article:

"WHY FREE MARKETS HAVE LITTLE TO DO WITH INEQUALITY
By Philip WhytePublished: June 1 2008 19:27 | Last updated: June 1 2008 19:27
Many Europeans believe liberal economic reforms are incompatible with social justice. The US and the UK, they point out, have more liberal markets for products and labour than in continental Europe – but also higher levels of poverty and income inequality. European countries therefore face a choice. They can either free their product and labour markets and accept the downsides or they can protect social solidarity by resisting Anglo-American neo-liberalism.

But the belief that market liberalisation increases social inequalities is not borne out by the evidence. The UK certainly has higher levels of poverty and inequality than France or Germany. But pointing this out is just selective use of evidence to support a predetermined conclusion. If there were a strong correlation between levels of market liberalisation and social outcomes, one would expect to see the pattern replicated across the European Union – not just in a carefully selected group of countries."

This article can be found at:
http://www.ft.com/cms/s/0/4b92df94-2ff9-11dd-86cc-000077b07658,noOfParas=2,emailFormat=plainText,storyType=ultralight,print=no,dwp_uuid=73adc504-2ffa-11da-ba9f-00000e2511c8,_i_email=y.html

The article goes on to contrast levels of levels of education in different countries:

"The reason the Nordics and the Dutch have the most egalitarian outcomes is that they provide the best education. The correlation between educational and social outcomes across the EU is striking. People with low levels of attainment at secondary education are most exposed to the risk of poverty. Moreover, the more educated people are, the more likely they are to be in work: the employment rate for Europeans with tertiary education is 80 per cent, whereas it is just 50 per cent for those who fail to complete their secondary education.

What makes Nordic education systems special? Partly, it is quality: 15-year-olds in northern Europe have higher literacy and numeracy levels than those in southern Europe. But the length of schooling is equally important. In Denmark, Finland and Sweden, 90 per cent of 25- to 34-year-olds have completed upper secondary education – and 40 per cent have gone on to obtain tertiary qualifications. In Portugal, the respective figures are 43 per cent and 19 per cent, while in Greece they are 57 per cent and 25 per cent."

I think these trends are indicative of economic shifts due to the transition from Industrial to Information based economics. High wages will trend towards individuals and nations with higher levels of education. This is one reason why the current debates about the proper levels of taxes in American and other countries stress the wrong solutions for the current problem.

Taxes do have an impact on income, but not to the extent most people think. Taxing rich people more might make us all feel good, but it won't solve income disparities on its own.

If you want to create better jobs, be more competitive, and see income disparates shrink, then follow the Nordic example: make education free through PhD.

In fact, I would go so far as to say that countries that do not provide adequate financial support and stimulous (Denmark pays PhD candidates a "salary" to stay in school) for higher education through PhD will not be fully competitive in the Information Age.

In the Information Age, knowledge is the only competitive advantage. In the USA, our educational system is still very much rooted in Industrial priorities, and every student who drops out of high school, can't afford college, masters, or PhD degrees will become an economic burden in the knowledge-based economy.

I hope our presidential candidates will embrace 21st Century realities and discuss this topic seriously in this election cycle. Changing taxes alone won't make the US more competitive and it won't bring back high-paying information-Age jobs lost to globalization.

Changing higher educational funding will.

High Energy Costs Will Bring Many Jobs Home Again

On the way back from Singapore, I bunked with the CFO of a large consumer goods company. After talking about family, kids, and ambitions after the rat race, we got to talking about energy policy and changes in global manufacturing.

There was a time when companies like his set down new plants for 50 years. Nowadays, plants are built for 10 years max, and companies move manufacturing around the world based on a variety of factors:

Tax abatements
Cheap Labor
Proximity to Local Markets
Energy Costs

The latter is changing behavior in consumers across the world and it is also having an impact on corporations. Labor rates have been rising in China and India for some time, and high energy prices are negating labor advantages in those countries. Manufacturers are looking to move plants closer to source markets to minimize transportation costs.

That means that manufacturers will be moving plants and jobs closer to the places where they sell but also closer to places with cheap energy, like Iceland with limitless free geothermal, or Arizona with lots of sunlight.

In Europe there are towns that have become energy self-sufficient and sell the excess to the power grid. Companies will look for locations like that to relocate and cities, counties, and towns should start investing in renewable energy quickly if they want to be attractive to companies wishing to relocate jobs from abroad.

This is the upside to expensive energy that should have every community in America and across the world scrambling to invest in solar, wind, water, and geothermal - not only because it is good for the environment and can save homeowners money. But also because it can help bring back many manufacturing jobs lost to cheap labor - now not so cheap and with expensive transportation to source markets.

Of course, other countries with sensible and farsighted energy policies will be the big winners. Iceland, for example, despite its depressed currency has nearly limitless geothermal reserves that will attract many manufacturers.

But America can catch up and cities should now be discussing policy changes to become renewable energy exporters.

Nordic banks step in to back Iceland

The Financial Times reported today

"Three Nordic central banks unveiled an unprecedented €1.5bn emergency funding package on Friday to support Iceland’s troubled currency and stabilise its banking system as the tiny north Atlantic nation tries to fend off the effects of the global credit crisis.

The plan allows Iceland’s central bank to acquire up to €500m ($775m, £400m) each from the central banks of Sweden, Denmark and Norway in the case of an emergency, the first time the region’s central banks have joined forces to help a troubled neighbour."

http://www.ft.com/cms/s/0/56a76dd4-2327-11dd-b214-000077b07658.html

This story illustrates the downstream impact of polluted data in the global economy. But of course, for the rest of us not living in Iceland the global credit crunch has impacted our lives in other indirect ways. Since September 2007, when the US Federal Reserve started cutting interest rates in a drastic program that shaved 3.25% of the Discount Rate in 7 months, the price of oil (valued in depreciated dollars) has increased 50% from $80 to $127 per barrel. Food costs have skyrocketed, and countries around the world are challenged to find credit for government bonds. Inflation, thanks to Subprime, is a growing threat to the world economy and to the lives of poor people living at the edge of subsistence.

But how is this related to Toxic Content and Data Governance you ask?

Well, of course the public Subprime narrative states that Banks invested in fancy hybrid home loans extended to subprime borrowers and created inherent risk in the market that was compounded through exotic derivatives that no one understood. This is partially true, and many banks have since admitted that they had poor internal risk governance.

But there is another part of the story that doesn't attract as much publicity. In 2005, at the peak of the Housing Bubble in the US, Alan Greenspan went before Congress to declare that the US housing market was "frothing." At about the same time, US Regulators decided to relax underwriting guidelines on new mortgage applications for a key segment of the marketplace - self-employed individuals.

Self-employed individuals face a moral hazard when they apply for a mortgage. This hazard is well known in the residential mortgage marketplace. It occurs when a self-employed individual has to demonstrate their income to obtain a loan. People who are employed by big companies get direct deposit pay checks and have income tax statements which closely match their real income. Self-employed individuals don't get regular pay checks and have tax statements that, shall we say, may frequently differ from real income.

This is especially true for the segment of the population that is paid in cash. Producing documentation of "real" income for these people is a challenge that typically caused the loan underwriting process to take longer for self-employed individuals than employed. And in 2005, as housing prices peaked and interest rates rose .25% each month, mortgage volume started to decline and for some reason US regulators chose to remove income documentation standards for the self-employed. From that time forward, they only had to make an income declaration.

Case in point. I have a friend who is a mortgage broker. He had a customer who owns a Pizza Parlor and wanted to buy a house. This customer had a good credit score and was a prime buyer. His Loan-to-Value Ratio was good. As a self-employed individual he was paid in cash, and he declared his income to be $10K a month. But when my friend input the numbers into the super-fast online loan application it turned out that his debt ratio was too high. He had some car loans and credit card debt that put the ratio above 41%, and the loan could not get through. So my friend simply changed his declared income to $12k per month and the loan got approved.

In 2007, what I described above was a compliant business process for a self-employed mortgage loan application. Income only had to be declared, not verified. In fact, by this time in the marketplace most banks had automated underwriting applications that turned out a rate quote in 40 seconds for conforming rate mortgages. But what was obviously dangerous about this process is that the Pizza Parlor owner made an income declaration without documentation. $10K might have been his best income in his best month in the year. $12K per month might have been his fantasy income. Maybe his real income is closer to $8500 a month.

But now he owns a home with an adjustable rate mortgage that he can barely afford at the current rate he's paying and certainly can't afford when the rate adjusts up.

This is a story that was repeated thousands of times in 2005-7, which is one reason why delinquency and foreclosure rates on those vintages of prime AND subprime loans is at 12-16%.

The fateful regulatory decision in 2005 to relax documentation standards in loan underwriting allowed vast amounts of Toxic Loan Content (poisonously polluted data) to enter the banking system through automated underwriting systems that got their business rules from the regulators. That created systemic risk that was entirely opaque to the MBS issuers, Rating Agencies, CDO issuers, and the marketplace. And unless the credit risk is transparent to investors, the market can't price risk correctly and default is in an inevitable outcome.

By 2005, banks were already aware of rising risk from documented subprime loans and were raising interest rates to collateralize their risk. They just weren't aware of the undocumented risks, which left their reserves deficient to cover their exposures.

But it didn't have to end this way. If regulators in 2005 had just left underwriting documentation regulations in place, or even strengthened them, the Housing market would have seen a soft-landing and the credit crisis would not have happened.

I see quite a few important lessons here for the future:

1. Regulations are not Holy Scripture. Automating Compliance in IT can just as easily automate exposure as it can value.

2. We must learn to measure data quality and validate before we trust it. Data can pollute our businesses, our societies, and our lives and we must invest in methods and technologies to certify its quality on a continual basis to enhance and protect the value of our businesses.

3. The marketplace needs new tools to measure and price business risk. Regulators should not measure risk in businesses and force process changes. This is a reactive and inefficient method.

4. Transparency creates its own rules. Businesses should be required to report and capitalize (self-insure) their risks regularly to the marketplace so that self-regulating market economics can arbitrate between good business stewardship and folly. That arbitration will be reflected in stock prices, which is far more efficient than regulatory sanctions.

We will need many new Data Governance Solutions to help banking institutions across the world adjust to the increased scrutiny the post-Subprime world will bring. But most of all, we will need international forums, like the Data Governance Council, to discuss these issues and bring different perspectives forward because this crisis was eminently avoidable. And it is only through communication that we can develop more mature practices to prevent it again in the future.

Globalization Means That Change has a New Velocity

Last week, I hosted a Data Governance Council Meeting in Kuala Lumpur. 34 participants from around the world attended and we had some excellent discussions about a wide variety of Data Governance challenges. While political structures in ASEAN companies are more rigid than in other parts of the world, the basic issues we discussed were the same challenges I've heard other companies talk about for the past four years.

Globalization means that change has a new velocity. Ideas travel the world from one geography to another at a much faster rate today, and that makes regional differences in the way things work less a factor in international business.

Case in point. During the Council meeting, one member from ASEAN talked about the challenges they had getting bank branches to address Data Quality at source. Branches are measured on Sales, and IT could not get branches to care about the poor quality of data input as a result of new account sales. Other participants chimed in and talked about various technical solutions for cleaning data after it was input. They stressed the need to make upper management aware of the problem. The member was not appeased. He had tried all those solutions and none had worked.

Next we called a member from the US and asked him if he also had this problem and what he would do to solve it. He replied that his bank had indeed confronted that challenge and they solved it by convening their Data Governance Board and discussing the issue with the HR Compensation Committee.

Their solution was to change the way branches were compensated by rewarding cross-selling to existing accounts as much as selling to new accounts. This simple change in the compensation plan made branches more acutely aware of the impact of their own bad data quality practices on their own ability to cross-sell into existing accounts. That in turn let branches to improve their data quality at source and the entire institution saw a net gain in Value Creation as a result.

For me, this story perfectly illustrated that Data challenges need common Governance institutions to discuss complex technology issues and discover solutions that may hinge on business solutions and benefits. It also demonstrated the value of an international forum like the IBM Data Governance Council, where companies from across the world can share common problems and relate ingenious solutions - thereby hastening the velocity of change.

To Govern well, We Need Better Data

In the Data Governance Community there continues to be confusion about how to Govern Data. Let me be clear: You Can't.

Data is dumb. It has no life, no self-interest. It's needs do not conflict with others. It forms no self-organizing factions, and it's vices require no political appeasement.

People can be governed, and the goal of Data Governance is to affect organizational behavior, to build accountability, over, with, and against Data.

Today, most Data Governance initiatives begin with a Board, a political institution with x-organizational representation ("factions" as John Madison called them). This board should evaluate complex issues with normalized assessment processes, providing a common forum to air issues, explore challenges, and render policy decisions and revisions...

"And time yet for a hundred indecisions,
And for a hundred visions and revisions,
Before the taking of a toast and tea."
- The Love Song of J. Alfred Prufrock, T.S. Elliott

This process, imperfect as it is, requires some governing maturity to dynamically steer organizational behavior, and it should really be seen as an initial step on the road to enlightened Data Governance. A key inhibitor in this process is the lack of organizational data reporting - data about what is going on, how policies are being implemented, organizational roadblocks, stewardship challenges, etc.

But to Govern People well, we need better Data. Better Data not only to inform Data Governors and Stewards, but also to inform People to make better Data Governance decisions on their own.

Case in point: Energy Conservation. Might seem a little off topic, but I think the analogy is apropos.

Denmark today is the most energy efficient country in the world. Despite the fact that it is a net oil exporting nation thanks to rich oil deposits in the North Sea off the Faroe Islands, Denmark gets close to 60% of its energy needs from renewable sources such as Wind, Geothermal, Solar, etc.

Cars and Benzine are heavily taxed, but people have choices. Despite 220% car taxes and 50% gas taxes, People can choose, if they can afford it, to drive big Jeep Grand Cherokee's with V8 motors or tiny Fiat's diesels.

Taxes on cars, registration fees, insurance, and even Benzine are weighted based on carbon emissions, and the emission information is published along with the tax rates.

This is a Governance Policy that leverages Information to inform decision-making. Obviously the Danish Government is working to change people's behavior by associating higher taxes with higher carbon emissions, but people still have a choice. They can pay more to drive more, and the State takes in that extra tax and uses it to subsidize renewable energy sources.

The point here is that we can attempt to Govern People using Data by gathering organizational information and leveraging it for informed decision-making by the Board, or we can pass it on to the People, as "Tax" or "Subsidy", and let human self-interest create an internal market for decision-making about value and risk.

"Bad decisions" can be taxed at a higher rate than "Good decisions," and the excess remittances can be used to fund "clean data" initiatives.

More on this topic in my next blog...

What Leads to Data Governance Failure

A colleague wrote to me today with the following question:

"Would you be able to point me to information that describes what can make a data governance effort fail? Points about technology problems, organizational politics, a lack of organizational leadership, etc. come to mind. Are you able to expand this list or explain how to avoid failure in a data governance program?"

I get asked this question often and my answer is an easy elevator pitch for anyone looking to explain Data Governance:

"Two things always lead to failure:

- Lack of outcome oriented programs

- Lack of power and accountability in the data governance board.

Of course, no one has a monopoly on screw-ups so there are innumerable additional options for modest and wholesale disaster in any organization run by human beings. Important thing is to be ready for failure and catch them when they are small, institutionalize the learnings, adjust and move forward."

People who say that failure is not an option are dangerous fools. Statistically, failure has the same odds as success, and if you plan for both your program will grow in wisdom and effectiveness - which is the very best from Data Governance that we can all plan for.

We are all victims of Toxic Content

Last week I was in Hamburg Germany teaching my Data Governance Course with my friend Christa Menke-Suedbeck at the Bucerius Law School (www.law-school.de). One evening, I went to the Deichtorhalle to see a lecture from one of my old Hamburg friends, Tom Holert. His lecture was part of a larger panel discussion on modern photography, focusing on the 19th Century artistic techniques photographers use to "stage" their photos, blurring both photo journalism and art.

Tom Holert is one of Germany's most prolific and well-respected art and music critics, and his presentation left me deeply concerned. Have a look at this photo that Tom presented. It is by Eric Baudelaire and it is called "The Dreadful Details."

http://baudelaire.net/fs/index_dreadful.html

At first glance, it looks like any other horrific photo from the Iraq War that we have all become uncomfortably comfortable viewing. These depictions of fear, death, power, and dread no longer shake the subconscious as they once did during Vietnam.

However this one should, because it is entirely fake. The photo was taken on a Hollywood backlot and all the people in it are actors. It is a modern example of staged art to resemble reality. But you will think it is reality unless you are aware of this context - unless you know the provenance.

Yesterday, the NY Times reported that 16 retired US Generals working as military analysts on Fox, ABC, NBC, CBS, and CNN News had been secretly collaborating with the Pentagon to shape US public opinion in the most brazenly documented form of government propaganda I have certainly seen in my lifetime. These military analysts acted as supposed "impartial" experts on network TV but in reality were toting the Pentagon public line.

http://www.nytimes.com/2008/04/20/washington/20generals.html?em&ex=1208923200&en=a4ee1c89d3b31d22&ei=5087%0A

Again, staged reality. We all believe this stuff unless we are informed of the context, the provenance of this data.

Whether you support the war or not, you have to recognize that these distortions have an enormous cost. A recent Harvard University study put the direct and indirect costs of the Iraq War at $1 trillion, a figure I'm sure the Pentagon has already developed analyst talking points to refute.

Of course the loss in human life on all sides of the conflict outweigh the economic costs. But I would argue that the most enduring damage is in the global brand of the United States of America, whose public image around the world has been so tarnished.

In the Information Age, we are all victims of Toxic Content in our data streams. This Toxic Content makes the truth the most endangered data asset in the world and I fear that what we have lost so far we will struggle to regain against new data distortions that will make old lies seem like quaint nostalgia.

And if you think propoganda only invades public data streams, read my articles on Subprime...

Subprime is a Data Governance Challenge

The IMF put out the Global Financial Stability Report last week and it contains a very accurate and sobering description of the systemic failures involved in the Subprime Financial Crisis. It has an institutional focus, and makes some solid observations and recommendations.

The entire report is worth a read, but the Executive Summary contains most of the key points if you just want the meat of the matter:

http://www.imf.org/External/Pubs/FT/GFSR/2008/01/index.htm

I will summarize the findings and recommendations that have Data Governance implications:

"The events of the past six months have demonstrated the fragility of the global financial system and raised fundamental questions about the effectiveness of the response by private and public sector institutions. While events are still unfolding, the April 2008 Global Financial Stability Report (GFSR) assesses the vulnerabilities that the system is facing and offers tentative conclusions and policy lessons.

Some key themes that emerge from this analysis include:

• There was a collective failure to appreciate the extent of leverage taken on by a wide range of institutions—banks, monoline insurers, government-sponsored entities, hedge funds—and the associated risks of a disorderly unwinding.

• Private sector risk management, disclosure, financial sector supervision, and regulation all lagged behind the rapid innovation and shifts in business models, leaving scope for excessive risk-taking, weak underwriting, maturity mismatches, and asset price inflation."

Conclusions:

What follows are a number of short- and medium-term recommendations relevant to the current episode. Several others groups and for a—such as the Financial Stability Forum, the Joint Forum, the Basel Committee on Banking Supervision—are concurrently developing their own detailed standards and guidance, much of which is likely to address practical issues at a deeper level than the recommendations proposed below.

In the short term...

The immediate challenge is to reduce the duration and severity of the crisis. Actions that focus on reducing uncertainty and strengthening confidence in mature market financial systems should be the first priority. Some steps can be accomplished by the private sector without the need for formal regulation. Others, where the public-good nature of the problem precludes a purely private solution, will require official sector involvement.

Areas in which the private sector could usefully contribute are:

• Disclosure. Providing timely and consistent reporting of exposures and valuation methods to the public, particularly for structured credit products and other illiquid assets, will help alleviate uncertainties about regulated financial institutions’ positions.

• Overall risk management. Institutions could usefully disclose broad strategies that aim to correct the risk management failings that may have contributed to losses and liquidity difficulties. Governance structures and the integration of the management of different types of risk across the institution need to be improved. Counterparty risk management has also resurfaced as an issue to address. A re-examination of the progress made over the last decade and gaps that are still present (perhaps inadequate information or risk management structures) will need to be closed.

• Consistency of treatment. Along with auditors, supervisors can encourage transparency
and ensure the consistency of approach for difficult-to-value securities so that accounting
and valuation discrepancies across global financial institutions are minimized. Supervisors
should be able to evaluate the robustness of the models used by regulated entities to value securities. Some latitude in the strict application of fair value accounting during stressful events may need to be more formally recognized.

• More intense supervision. Supervisors will need to better assess capital adequacy related to risks that may not be covered in Pillar 1 of the Basel II framework. More attention could be paid to ensuring that banks have an appropriate risk management system (including for market and liquidity risks) and a strong internal governance structure. When supervisors are not satisfied that risk is being appropriately managed or that adequate contingency plans are in place, they should be able to insist on greater capital and liquidity buffers.

In the medium term...

More fundamental changes are needed over the medium term. Policymakers should avoid a “rush to regulate,” especially in ways that unduly stifle innovation or that could exacerbate the effects of the current credit squeeze. Moreover, the Basel II capital accord, if implemented rigorously, already provides scope for improvements in the banking area. Nonetheless, there are areas that need further scrutiny, especially as regards structured products and treatment of off-balance-sheet entities, and thus further adjustments to frameworks are needed.

The private sector could usefully move in the following directions:

• Standardization of some components of structured finance products. This could help increase market participants’ understanding of risks, facilitate the development of a secondary market with more liquidity, and help the comparability of valuation. Standardization could also facilitate the development of a clearinghouse that would mutualize counterparty risks associated with these types of over-the-counter products.

• Transparency at origination and subsequently. Investors will be better able to assess the risk of securitized products if they receive more timely, comprehensible, and adequate information about the underlying assets and the sensitivity of valuation to various assumptions.

• Reform of rating systems. A differentiated rating scale for structured credit products was recommended in the April 2006 GFSR. Also, additional information on the vulnerability of structured credit products to downgrades would need to accompany the new scale for it to be meaningful. This step may require a reassessment of the regulatory and supervisory treatment of rated securities.

• Transparency and disclosure. Originators should disclose to their investors relevant aggregate information on key risks in off-balance-sheet entities on a timely and regular basis. These should include the reliance by institutions on credit risk mitigation instruments such as insurance, and the degree to which the risks reside with the sponsor, particularly in cases of distress. More generally, convergence of disclosure practices (e.g., timing and content) internationally should be considered by standard setters and regulators.

• Tighten oversight of mortgage originators. In the United States, broadening 2006 and 2007 bank guidance notes on good lending practices to cover nonbank mortgage originators should be considered. The efficiency of coordination across banking regulators would also be enhanced if the fragmentation across the various regulatory bodies were addressed. Consideration could be given to devising mechanisms that would leave originators with a financial stake in the loans they originate."

******************************************************

New standards and banking practices will clearly be needed moving forward. But we already have most of the regulations we need to mitigate most risks identified in the report. Indeed, one of the great ironies of the crisis is how little Banks used their own fraud and risk management systems to catch underwriting errors and omissions in Loan Origination applications, House Assessments, risk capitalization, etc.

I suspect that the IMF's warning on regulation will not be heeded in Washington, though I do hope regulators will listen to the seasoned advice of some Data Governance veterans because this is a crisis with so many Data Governance challenges.

The Value(lessness) of Music (in Denmark)

Denmark is always at the vanguard of new trends and if you are into free music Denmark is the place to be, though you won't have to wait all that long for this trend to cross the Atlantic. In the battle to win broadband customers, TDC (formerly TeleDanmark), has signed deals with major recording companies to provide free access to MP3 files over its network. In a way, all that TDC is doing is paying the music companies a volume royalty on their music portfolios - just like radio stations do today to BMI and ASCAP, as intermediaries to the recording industry.

But of course, by selling music for broadcast royalties, TDC is not equating broadband to radio. Rather they are shrewdly taking advantage of a reality the music industry is just acknowledging - the price of music data people are willing to pay today is next to nil when it is infinitely redundant, of consistent quality, and immediately available.

If you can read Danish, have a look, though I doubt you will have to wait too terribly long to discover an ISP in your neighborhood making the same announcement in your native language...

http://politiken.dk/tjek/digitalt/article489204.ece

Holacracy

In my notes from our last Data Governance Council Meeting, I commented on the continuing confusion in many organizations on where Governance below the board fits and how it works. I continue to hear questions about "Business" and "IT", how they should get along and contribute to Data Governance.

In my own presentations on Data Governance, I often talk about the "Six Question Every Company Should Ask about Data Governance" and #1 is always

"Do we have a Government?"

And, I often go on to show a top-down hierarchical Governance model and talk about the need for functional and operational charters to define governing powers. But, to be self-critical, I haven't help define the questions that are central to governance; ie, where does it fit and how does it integrate within the organization.

A few months ago a colleague in Germany sent me an interesting white paper called Holacracy. It was long and boring looking so I let it sit on my desk for three months before reading it seriously. The paper, and the Methodology, is the work of a small company called Ternary Software and Holacracy can best be defined as a new method of x-matrix communication and decision-making in a more formalized manner.

There are many aspects of this model that are, in my opinion, hopelessly idealistic in large organizations. But there also some extremely useful ideas that I do think can help large and small organizations to better integrate Data, IT, and even SOA Governance in context to the culture and expectations of "The Business." There are three ideas in this model that I think are especially important to Data Governance:

Double Linking
Integrative Decision-Making
Dynamic Steering

http://www.holacracy.org

A few excerpts from one of the papers to whet your appetite:

"Double-linking - Circles are not fully autonomous; each circle is linked to the circles above and below it by at least two people who participate in the decision-making of both circles. One of these two people (typically the manager of the business unit or department, called the “lead link”) is appointed from above. The lead link is responsible for representing the needs of the higher-level circle, and is accountable for the lower-level circle’s results. The other person, called the “representative link,” represents the needs of the lower-level circle at the higher-circle meetings.

In this way, Holacracy achieves bi-directional process control by ensuring
that each circle’s decision-making process takes into consideration the needs of its linked (higher-level and lower-level) circles."

"Integrative decision-making - This principle begins with the premise that all perspectives hold some intrinsic value, some piece of the truth. Or as integral philosopher Ken Wilber puts it, “No one is smart enough to be 100 percent wrong.”

Holacracy’s goal is tointegrate perspectives as quickly and effectively as possible. Integrative decision-making is designed to prevent people or teams from overriding an important perspective simply because they don’t see its value. Robertson offers the example of when he nearly crashed his airplane because he ignored the information on the low-voltage indicator. “All the other gauges looked fine to me, so I thought it wasn’t important,” he said. He was nearly dead wrong.

This pattern shows up all the time in modern organizations. With everything moving so quickly, it’s easy to neglect the perspectives of others. Yet, like the voltage indicator, one of those perspectives might hold the key to a more complete picture of realityone that could lead to a more effective and powerful decision, perhaps a crash-preventing decision."

"Dynamic steering - The idea that any decision can be revisited at any time is central to dynamic steering, a practice designed to help organizations learn and adapt quickly in a complex, rapidly changing environment. Essentially, dynamic steering is an agile way of guiding the organization toward its goals by holding an aim in mind, staying attuned to emerging reality and making frequent course corrections along the way."

I had to read this paper a couple of times to get over my own skepticism. Some of Holacracy reads new-age loony and I can imagine some Wall Street razor-elbowed executives using this paper to wipe up dog poop on the sidewalk. But read it again, and then change the names of what this stuff is called and imagine trying some of it, slowly, where you work. I think some of these ideas have the potential to turn the Governance part of DG into a more productive process.

Data Governance Council Meeting, NYC

On February 27-29, I hosted the 15th meeting of the Data Governance Council at the Wales Hotel, in New York City. 31 people registered to attend this meeting, including 16 IBMers, and representatives from JPMC, Bank of Tokyo/Mitsubishi, Bank of Montreal, Key Bank, State Street, MasterCard, and American Express, OpenPages, Axentis, Varonis, and Vericept.

On the first day, we had excellent keynote presentations from Garrick Utley, President of the Levin Institute, and Will Pelgrin, Director of the NYS Cybercrime Taskforce. We also had some good roundtable discussions on common challenges in Data Governance related to Sub-prime, Basel II, and other issues. On the second day, we continued discussing common challenges and reviewed IBM Data Governance Solutions with regards to Policy and Process Management, Data Modeling and Development, MDM, Metadata and Data Quality Management. On the last day, we left the agenda and had a long discussion on the future of the Council. Cal Braunstein rounded out the event with an excellent closing keynote on the risks to and from Data, and the risks to organizations from data we can't trust.

We spent a lot of time talking about Globalization and it's effects on competition, regulation, cybercrime, and risk. Globalization is having a corrosive effect on trust in many organizations. Pressure from regulations requiring oversight and reporting of employee use of IT increases distrust at all levels. Cybercrime and the increasing financial value of data challenges everyone with offers and scams that make it hard to trust information. These factors are creating internal crises in trust and confidence. The manipulation and monitoring of information technology by people over other people threatens the quality and value of decision-making at a time when global competition brutally punishes bad decisions.

The Globalization of threats, risk, regulation, and competition will immediately force organizational decision-making inward, towards hierarchical models of decision-making, even as the globalization of markets, labor and resource allocation forces more horizontal changes in culture, lifestyle, and freedom.

This Council has existed for three years, and many members, by virtue of their participation, have achieved more mature levels of Data Governance. They have cross organizational governance models, better transparency and better decision-making. Many newer members are just now exploring organizational models, business vs IT participation, the nature of Stewardship and the complexities of overcoming organizational stovepipes.

Enclosed are my notes and observations from this landmark meeting:

1. Data Governance Market Maturity: Data Governance as a market is maturing from the Innovator phase, where a few leading companies worked together to blaze a trail for others to follow, to the early adopter phase. We are clearly seeing some leading companies succeed with Data Governance, thanks in part to the Data Governance Maturity Model, and many many more now coming into this market looking to build on the success and experience of the innovators.

For those of us pioneers, this is a time of change, and we must adapt to a new market constituency requiring education and solutions with somewhat less tolerance for discovery and invention. The Data Governance Starter's Guide should be updated as an educational onboarding tutorial for new companies seeking Data Governance success. For vendors, this is a time to study solution packaging and focus on the support needs of the stewardship community. Stewardship is a profession still in its infancy, and it requires practitioner tools, education, and community forums to exchange practices and success stories.

We should all be proud that our contributions have move the market to this new phase, and the Council needs to change to grow with the Market.

2. IBM Data Governance Solutions: IBM has come a long way in its Data Governance Solution capabilities since 2006, which was the last time we had a major showcase of technologies on the Council Agenda. Most of our solutions - Compliance Warehouse, Integrated Data Management, MDM and Industry Models, Data Quality and Metadata tools - were very well received. But this Council has succeeded exactly because it is not a normal IBM Customer Advisory Board, where normal meetings are dominated by IBM solution exhibitions. Rather, it has succeeded as a unique forum for practitioner exchanges, and it must remain this way to continue.

Future meetings will be shorter, practitioner driven, and IBM will find additional venues to present Data Governance solutions.

3. Globalization: At Mohonk in 2004, at the inaugural Data Governance Summit, I presented some ideas about how information technology would transform the modern corporation, and how integral Data Governance would be to that process. I was heavily influenced by Tom Malone and his book the Future of Work, and also by the history of industrial regulation at the dawn of the 20th Century.

In NY, we re-examined some of these topics through presentations from Garrick Utley, Will Pelgrin, and Cal Braunstein, and I think we need to continue examining how the global pressures on information technology, regulation, cybercrime, risk, and transparency will impact Data Governance and organizational behavior. Many companies that have embraced Data Governance have stopped short of embracing x-organizational governance bodies with real authority. Most don't know which models to follow, examples of success to emulate, how it should work.

In my travels I've seen many governance models in corporate and national entities that offer some hope to modern organizations, and I think we ought to be the Council that inventories these models, compares their pros and cons, and presents alternatives to hierarchical organization.

4. Data Risk Standards: In the Xiao Dynasty in China, rulers practiced Risk-based decision making by consulting an Oracle, who dropped an Oxen hip bone on the floor and deciphered the direction of the crack in the bone as indicative of divine truth. If the crack pointed up, you had good favor for your decision, down, well you better ask again. People consulted the Oracle on every kind of decision - dental surgery, marital options, taxation, or war - and they would drop 6-9 ox bones and average the results, thinking that more data would provide more accurate results. Every question to the Oracle was journalized, and outcomes were constantly compared to the ox-bone forecasts. Records of these inquiries survive today, providing the oldest known risk forecasting models. Three thousand years ago, this was the first form of risk-based decision making, and while it may seem primitive to us it was at least systemic which is more than we can say about ERM practices today.

Enterprise Risk Management today is still a voodoo art practiced by a secret society of Risk Managers in a language few understand. It is expensive, bespoke, non-standard, and under-utilized. Market, Credit, or Operational Risk consequences are not understood by the vast majority of employees who make enterprise decisions because none of them have access to even Oxen bones today, let alone risk-based forecasting models that allow decision makers to compare options, forecast outcomes, and compare results to the forecasts.

To get to that state, where ERM is a common discipline that every employee can use for enlightened decision-making, new Data Risk standards are needed, to make ERM simpler, cheaper, and more systemically repeatable, and that is another contribution this Council can make. We will next meet on June 26th at the Federal Reserve in Washington, DC to explore that opportunity in depth.

What was evident at this meeting is that Data Governance challenges have changed in three years. We are still at the cusp of changes in the way modern, post-industrial, organizations are governed. Even the most mature members of the Data Governance Council have not substantially changed the way their organizations perform decision-making. It is still top-down, barely delegated, with little or no trust extending from the top to the bottom of an organization. Many governance bodies or teams have little or no direct decision-making authority - neither funding mandates nor project veto powers. The light of information still shines brightest from the bottom-up, with those at the top getting the best view of the light and those at the bottom simply blinded by it.

We need new models of organizational governance, new data standards in ERM, and renewed investment in risk-based decision making at all enterprise levels. This remains the challenge of Data Governance in the early adopter market evolution.

Risk Data for Macroeconomic Governance

On September 18, 2007 the US Federal Reserve cut the Federal Funds rate by half a percent in response to the looming sub-prime loan scandal. The markets had lost confidence and Banks were holding debt they could not sell. Write offs ensued, and the market forecast looked questionable at best.

At the time, this rate cut was seen as a dramatic response to worsening market conditions and proof that the Fed would act aggressively to protect the economy from the housing bubble. In the next two months, the Fed intervened again to cut rates .25% in October and .25% again in December. Each rate cut was seen as a prudent response to market conditions.

In January 2008, just a few weeks after the last rate cut, the Fed had to intervene again with a very sudden 1.25% cumulative rate cut to stem an asian-driven equity market sell-off following more sub-prime write offs and loss disclosures. In just five months, the Federal Reserve had to intervene five times with a combined interest rate cut of 2.25% following 17 quarter point rate increases in as many months.

This was an incredible see-saw of macro-economic policy - gradual rate increases were followed immediately by sudden rate cuts. In hindsight, the half-point cut in September 2007 was not very dramatic in comparison to the 1.75% in cuts that followed in the next four months. No one then could have foreseen the volatility in the markets that was to come, or could they have?

Why is it that the US Federal Reserve rate policy was reactive to market volatility? Why didn't their monetary policy, which had run up rates from 1% in June 2003 to 5.25% in June 2006, anticipate the looming housing bubble and bank losses that would surely ensue? Hadn't Alan Greenspan warned of this outcome in 2005? Didn't we all know the housing joyride would end at some point?

Today, we can see banking and financial market data that shows the risk trends in our rear view mirror. Unfortunately, no one has a mirror that forecasts the future, but they could if capitalized risk data were collected on a systemic basis by banks and shared with the Federal Reserve. The Federal Reserve does an excellent job of studying catastrophic risks and running sophisticated macroeconomic loss models on everything from terrorist attacks to coastal hurricanes. The Fed uses this catastrophic loss data to provide capitalize insurance loss reserves for the US economy - ie, they print more money when very bad things happen.

The insurance reserves got tapped after 9/11 and hurricane Katrina, when the Fed injected huge amounts of liquidity into the economy to stabilize markets and restore confidence. Of course, the timing of catastrophic events can't be forecasted, but the monetary response can be estimated based on a variety of risk factors. the fed constantly analyzes and wargames these risk factors and the success of Fed liquidity and monetary responses to 9/11 and Katrina attest to the diligence of their planning and the value of risk-based forecasting models.

What does this have to do with the sub-prime loan meltdown you ask? Well, if the Fed had non-catastrophic risk-data forecasting models they could possibly pre-empt loss events with macroeconomic policy tools that could even out some of the worst aspects of the business cycle. Unfortunately, that kind of non-catastrophic risk-data has to come from banks, who until recently were totally incapable of providing that kind of data, let alone using it themselves for their own risk-based policy-making.

That's changing. In the last two years banks around the world have been working to assess and collateralize market, credit, and operational risks as part of the Basel II compliance process. That data isn't normalized across banks, and there are wide disparities in how risks are assessed, calculated, and capitalized from bank to bank, country to country. But the raw data, and the beginnings of the knowhow are, for the first time in history, there. And that data and knowhow can be leveraged to provide new macroeconomic tools for Central Bank policymakers around the world.

What's needed are standards in risk assessment, classification, calculation, and the reporting of capitalized risk data from US banks to the Federal Reserve. This may take some years yet to accomplish but the time is right to begin discussing these issues. As US Banks reach Basel II compliance they will be in a position to leverage risk-data for their own self-insurance against non-catastrophic losses, and if they would be willing to share their capitalize risk data they could help the Federal Reserve to reduce market volatility and improve macroeconomic performance for everyone.

Here's a case where regulatory compliance really can improve business performance.