Rethink Your Master Data: Addressing Governance, Risk and Compliance

Data is both our most valuable asset and our biggest ongoing challenge. As data grows in volume, variety and complexity, across applications, clouds and siloed systems, traditional ways of working with data no longer work.

Increasingly, businesses are recognizing a need to harness all of their data, particularly their data around customers, products, partners and more – often called master data. Pressing business priorities such as compliance and digital transformation require a holistic view of this master data.

Achieving that holistic view requires connecting data across a myriad of sources and silos. Connecting data using flexible graph technology offers a proven approach to solving these data challenges, capturing not only data but an unlimited number of connections and relationships between data.

This blog series describes the power of connecting your most important data about customers, products, employees, business partners and more using graph technology. Along the way, real-world use cases from global enterprises to disruptive startups illustrate the power of connected data.

This week, in blog four of our five-part blog series on rethinking your master data, we look at the European GDPR and other regulatory measures, and show how your business can benefit by using graph technology in adhering to regulatory requirements.

Feature Image Scalability

Governance, Risk and Compliance

Just as data is growing more voluminous and complex, so are regulatory requirements. Compliance is a major driver of MDM initiatives. Graph technology helps enterprises navigate this new regulatory environment.

In 2016, the European Commission ratified the General Data Protection Regulation (GDPR). Under the law, companies must allow customers to transfer their personal information to competitors and allow people to exercise their “right to be forgotten,” which requires the organization to erase all their personal information.

The GDPR comes amid a broader regulatory movement. The California Consumer Privacy Act of 2018 (CCPA) imposes stiff penalties on those that misuse and resell consumers’ private information. Nevada and New York have followed suit, and many other states and nations are considering similar legislation.

Companies must not only safeguard customer data, but also track how it is collected, used, stored, shared, accessed by third parties and protected. The “right to be forgotten” poses a disruptive requirement because organizations historically have focused on protecting and preserving information. Purging data case-by-case requires new capabilities. Compliance demands traceability, time stamps and mapping all the activity around personal data. As a consequence, organizations must adopt a new approach to data governance – and a platform to match.

With graph technology, companies track the data lifecycle, build “reverse lineage” maps of data flow and provide a full accounting to regulatory authorities.

Compliance Leads to Innovation: Convergys

There is a silver lining when you solve compliance with graph technology: new opportunities. Convergys is a global customer care outsourcing firm whose clients include about half of the Fortune 500. It employs more than 115,000 employees worldwide and handles about 8 billion contacts per year.

With extensive operations in the EU, the company was alarmed by the requirements of GDPR. The company managed about 120 applications, internal storage and collaboration systems, plus more than 100 customers and 43 sites affected by the EU regulations. Initially, the company tried to build its own compliance solution.

“There’s one problem with all of these apps – they were all built to put data in,” said Lloyd Byrd, Convergys vice president of application development and technical solutions. “None of these apps were built to take data out, records at a time, or manipulate individual records. We didn’t have a good way to address this problem.”

The company partnered with Neo4j and within a couple of months built a graph-based GDPR solution running on the cloud. The solution was designed to extend well beyond the EU because data accountability is becoming a global reality.

The graph database solution opened the door to other benefits – better operational analytics, a tenfold improvement in large data loading, employee knowledge graphs and statistical insights.

“There are probably more use cases than people imagine where graph technology can enable better results,” said Byrd. “For us, we think it’s around operational results and being able to connect data better.”

Ask yourself: What compliance challenge could you overcome using connected data?

Data Lineage: UBS

Another powerful MDM capability is tracking data lineage. The UBS Group – one of the largest financial institutions in the world – built a data lineage and data governance platform using Neo4j.

The project began as a compliance mission but turned into something with broader benefits. The 2007 global financial crisis showed that banks lacked capabilities for risk data aggregation and practices for risk reporting. In response, the Basel Committee on Banking Supervision issued standard 239 (BCBS 239) to strengthen systems for risk data aggregation and internal risk reporting.

Data lineage is an essential component of risk management. It involves tracking the entire lifecycle of information – its origin, evolution and movement through the organization. With these tools, organizations trace information as it flows through the enterprise, monitor quality, discover errors, fix mistakes and reduce duplication.

After attempting a solution with a relational database, UBS switched its data lineage system to Neo4j. UBS used Neo4j to evaluate data lineages and depict the results in a lineage diagram.

UBS attained better transparency into its own data. When generating a lineage, the company no longer suffers the headaches of JOINing multiple tables of a relational database. With Neo4j, the results are obtained easily and displayed in an intuitive graph visualization.

“Neo4j helps us understand the flow of data through the organization,” explained Sidharth Goyal, a senior software engineer and technical lead at UBS. “It helps us understand how changes in one application are going to impact the entire organization. It helps us understand how errors can propagate through the system.”

Ask yourself: How could graphs illuminate your data flows?


As we have shown, using graph technology, companies create a flexible compliance architecture that enables them to track data lineage and provide a full accounting to regulatory authorities.

Next week, in the final blog of this series, we will have a look at how rethinking master data management spurs innovation and showcase how NASA captures decades lessons learned using Neo4j.

Fuel your success by connecting all of your data across silos. Click below to get your copy of Rethink Your Master Data Management.

Get My White Paper