The Titanic set sail on its maiden voyage on April 10, 1912. Four days later on April 14th, the ship collides with a submerged iceberg and sinks in less than three hours. The captain and his crew had insufficient knowledge of the danger that lurked beneath the sea. This lack of awareness led to the unfortunate deaths and tragedy associated with the Titanic. In a sad irony, sonar had been developed and was being tested on the military front to search for submarines and other hidden dangers lurking beneath the sea.
The Titanic was a technological achievement for its time. It heralded the latest instrumentation and safety measures. From the command center, the captain and his crew had visibility to a series of operational controls including speed, engine performance, weather conditions, and other factors that should have led to a smooth sailing. They, however, lacked the ability to see beneath the sea surface. They simply had no visibility to what lied beneath the surface.
Now, I want to fast forward to a century later. Shipping companies empowered by sonar have solved this awareness problem of hidden issues in the sea. These same ships are now fitted with very advanced operational controls to monitor the current state of likely 1000’s of systems within the ship. They also have excellent navigational aids to ensure they arrive at the desired location with minimum course corrections.
This morning, I was reviewing my daily control ‘briefing’ via my email for a client we monitor. Additional controls revealed the state of the data within the data centers we manage. These controls leverage the InfoCheckTM (our software) engine and look for data issues. I noted there was a significant discrepancy in the reconciliation between the General Ledger and the underlying financial transactions that warranted a phone call on a Sunday to prevent a fire drill on Monday morning.
I have become accustomed to these emails for with little effort on my part, they alert me to any hidden data issues before they manifest in bad reporting or business decisions. The power of red, yellow, and green results.
I was struck by the similarity of this control framework used for financial and operational integrity and the situation on the Titanic. Knowing what lies beneath is one of the most important aspects of enterprise risk management.
Our clients are primarily in the highly regulated environments of finance, banking and insurance. Operational controls, financial controls, and SOX controls are mandatory. There are manual controls on top of manual controls to ensure accurate disclosures. These controls attempt to verify underlying data, but often fall short due to the sheer amount of data. True reconciliation would require cross-department involvement, which often is not possible given time constraints.
Like the captain of the Titanic overlooking the gauges on his control center, the department heads monitor the results of the controls and make adjustments as needed for accurate disclosure. The goal is to get the best reporting and business action given the available knowledge of the data.
But what lies beneath? What data issues are undetected? Is there any material variance that is not transparent due to the lack of automated data controls? What feedback loops are in place to provide decision makers with true awareness of the seriousness of the underlying issues? In the case of the Titanic, this lack of awareness resulted in untold tragedy. In the case of business and governments, the lack of awareness of what lies beneath translates into material weaknesses, significant deficiencies, examiner findings, lost profit, and reputational issues.
The key to successful risk management is to have technology that continually scans the data looking for what lies beneath. Modern Artificial Intelligence (AI) applications continually compare and contrast data, so the strongest patterns are revealed. Detecting what lies beneath is not as complicated as AI solutions. A company simply needs to understand what database is the official system of record, along with awareness of where copies of this data exist, to the extent they are used for reporting or operations. Technologies such as InfoCheckTM then compare the data, sending emails or providing dashboards on the state of the data. Risk management tools such as Data Governance then provide the procedural remedy as needed.
The story of the Titanic would be very different if only the captain had the ability to see what lied beneath. By analogy, Risk Managers, Accountants, and Operational teams need the same ability to avoid costly errors. Our company has become very proficient in providing awareness of what lies beneath across the data landscape of a company.