If you're a CDO in banking, insurance, or asset management, you didn't just get a job in data strategy. You got a job in regulatory compliance with a strategic data mandate.
That's not a complaint, it's a feature. Financial services has been forced to build better data infrastructure than almost any other sector, and those investments are now paying off commercially.
In 2013, the Basel Committee on Banking Supervision published BCBS 239: "Principles for effective risk data aggregation and risk reporting."
The timing wasn't accidental. The 2008 financial crisis revealed that large banks couldn't aggregate their risk exposures quickly enough to respond to market events. Risk data was fragmented across dozens of systems, in inconsistent formats, with no clear Data lineageData lineageData lineage maps how data moves and transforms across systems, from origin to consumption, showing where it came from, what changed it, and where it goes.View full definition →. When Lehman Brothers collapsed, counterparties couldn't calculate their exposure in time to manage it.
BCBS 239 required systemically important banks to aggregate risk data for any exposure within 24 hours (normal conditions) or intraday (stressed conditions). This was technically impossible with the data architectures that existed in 2013.
The result: a wave of CDO hiring across global banking between 2013 and 2016. HSBC, Barclays, Deutsche Bank, JPMorgan, virtually every G-SIB hired CDOs. The mandate: fix Data lineageData lineageData lineage maps how data moves and transforms across systems, from origin to consumption, showing where it came from, what changed it, and where it goes.View full definition →, Data qualityData qualityThe degree to which data is fit for purpose: accurate, complete, consistent, timely, valid and unique. Poor quality data undermines analytics, reporting and AI.View full definition →, and data aggregation before the next regulatory examination.
If BCBS 239 was defensive (fix your data or face consequences), Open Banking is offensive, share your data to create competition.
Under PSD2 (EU) and the UK Open Banking framework, banks are required to provide third-party providers access to account data and payment initiation, with customer consent, via standardized APIs.
The initial bank reaction: defensive. Compliance cost, competitive threat, loss of data ownership.
The strategic CDO's reaction: opportunity. Access to competitor customer data (when customers consent). Superior Data products because you've been forced to clean up your own dataown dataData collected directly from your own customers and prospects through your own channels: your most reliable and privacy-compliant source.View full definition →. Data partnerships with fintechs using your APIAPIApplication Programming Interface: a standardised interface that lets applications communicate and exchange data without knowing each other's internal workings.View full definition → infrastructure.
HSBC's Connected Money app aggregated all of a customer's financial accounts, from multiple banks, into a single view. Possible only because of Open Banking APIs. The insight from seeing the complete customer financial picture was more valuable than the data silo from seeing only HSBC accounts.
Knowledge check
1. What specific aggregation timeframe did BCBS 239 require for risk data under normal conditions?
2. Which HSBC product is cited as an example of leveraging Open Banking APIs for strategic advantage?
3. Why is PSD2 considered a fundamentally different type of regulation compared to BCBS 239?
4. Select ALL correct statements about the origins and impact of BCBS 239.
Sélectionnez toutes les réponses correctes.
5. Select ALL strategic opportunities a CDO can extract from Open Banking regulation.
Sélectionnez toutes les réponses correctes.
JPMorgan Chase processes approximately $6 trillion in payment transactions daily, roughly 10% of all US economic activity flowing through their systems. The data generated: merchant trends, consumer spending patterns, credit behavior, small business activity, an extraordinary strategic asset.
JPMorgan has built commercial data products (JPMorgan Insights) selling aggregated, anonymized versions of this data to retailers, real estate investors, and policymakers. Their AI and ML teams use proprietary transaction data to build trading models generating meaningful alpha in markets where everyone else has access to the same public data.
The CDO overseeing this data moatmoatA lasting edge over competitors: a resource, capability or position they cannot easily replicate, letting a firm earn above-average returns over time.View full definition → has one of the most consequential jobs in financial services, because the data advantage is existential to JPMorgan's market position.
Three patterns emerge from analysis of CDO tenures in financial services:
1. Regulatory and commercial mandate, not either/or: The most effective banking CDOs don't choose between compliance and business value, they use regulatory requirements as the foundation for commercial data products. BCBS 239 forced data lineagedata lineageData lineage maps how data moves and transforms across systems, from origin to consumption, showing where it came from, what changed it, and where it goes.View full definition →; that same data lineagedata lineageData lineage maps how data moves and transforms across systems, from origin to consumption, showing where it came from, what changed it, and where it goes.View full definition → capability is now the backbone of their data monetization business.
2. Business unit partnership, not central governance tyranny: Data governanceData governanceData governance is the set of policies, roles, and processes that ensure data is accurate, secure, well-defined, and used responsibly across an organization.View full definition → works in banking when it's designed with business units, not imposed on them. The banks with the most advanced data programs treat their CDO function as a service organization, not a regulatory police force.
3. Technology agnosticism: Banking CDOs who attach themselves too strongly to a specific vendor's technology stack (Oracle, IBM, Teradata) find themselves locked into platforms that can't compete with cloud-native alternatives. The best banking CDOs build vendor evaluation as a permanent organizational capability.