Subscribe to our email list

Subscribe to our email list

Back to blog list

What Crown Casino and Westpac Need

Mark Atkins, Intraversed

ESTIMATED READING TIME: 9.25 MINUTES

What Crown Casino and Westpac Need

Stephen O'Bryn, new "special manager" for Crown Casino Melbourne, has the unenviable task of watchdogging the casino giant, which was found riddled with corruption and regulatory breaches in a Royal Commission investigation that announced its findings in October.

What O'Bryan really needs is not just to see new regulatory-compliant systems designed and implemented across Crown, but a transformation of culture that promotes whistle blowers and issues raisers, a governance approach that allows him, and all senior execs, board, and other regulatory officials, to have visibility not only over these changes to policy and procedure, but to the activity of ensuring those policies and procedures are followed.

These are governance metrics and they're part of what gives business leaders the ability to prove, not just hear, that regulatory compliance is happening.

What are these metrics? To explain that, we need to go back to information governance.

Information Governance and Regulatory Compliance

To make sure we're all on the same page, let me define a few terms I'll be using here.

  • Data management is the activity that manages the collection, use, storage, protection and disposal of all the points of data that are created during the course of business activity.
  • Information management is the activity that manages the processes and systems that define, acquire, create, store, protect, and use information artefacts, being anything that ultimately becomes published information that is of significance to the organisation. These artefacts may be created from the organisation's data, such as reports and dashboards, but also include anything used in business operations; they extend from the dashboards and designs to policies, procedures, standards, etc.
  • Information governance is the process measurement and control required to ensure that the necessary level of information management is being performed.

Whilst there is a degree of overlap, the terms are often used ambiguously, which is why organisations struggle to define the boundary of accountability.

When we talk about information management and governance, we're talking about overseeing the way this information is formed, stored, protected, archived, and how it is understood and used within the business.

There are many reasons why having comprehensive management of this type of information benefits businesses (read about this in these previous blogs: Better Business Assurance, Assessing your Business Assurance, and Investing in Information Governance).

But what does this have to do with Stephen O'Bryn's role at Crown?

No doubt Crown's new senior team will be heavily involved in ensuring the organisation has strong procedures and protocols written, reviewed by legal teams, and then rolled out through the organisation. O'Bryn is also likely to review and approve these.

And as senior managers roll out these procedural documents, and the activity they describe, through their down-lines, training in what should and shouldn't be happening, as outlined in the documents, is also very likely. Every one of their many thousands of staff need to be aware of what can and can no longer happen.

But think about this — once the procedure and protocol manuals are released, everyone's had their training, new ways of doing things are implemented, how will Crown's management, and O'Bryn, know if there are individuals breaking with protocol and continuing to allow activity that's against regulatory requirements?

How will they know if managers further down in the hierarchy are hiding breaches, accidental or deliberate?

How much visibility will they actually have? Any? Or will they simply have to trust the word of those who report to them?

It's worth noting here that the same situation exists for Westpac.

Westpac have announced an expected significant drop in earnings for the year, due to a mistake in their protocol for approving certain policies. This mistake must now be "repaid" to customers who've been overcharged, and that equates to a hefty loss of profit. And in New Zealand, the RBNZ identified "ongoing compliance issues" in Westpac, including the failure to report a key compliance ratio correctly for a period of eight years.

As senior leaders seek to rectify these problems, they'll no doubt place a heavy emphasis on new protocols and procedures, perhaps purchasing new and elaborate software that promises to ensure no such oversight again (I'm sceptical it will deliver, if it has been purchased), and everyone will be trained in the new way things must be done.

But after all that groundwork, what assurance is there for senior leaders? They can't "see" what's really happening.

In both Crown and Westpac's cases, regulatory compliance inevitably becomes an act of trust. For Westpac, that's bad business sense. For Crown, it's bad legal sense, and represents an overall threat to business operation.

Crown and Westpac — meet information management

Here at Intraversed, we describe overall information management has having four distinct foundations.

Culture: This foundation comes first because it's the most central. Without a culture that values information, none of the ‘extra effort' involved in information management will get done. It just won't be seen as important. Senior leaders set the tone for culture, both in their all-staff communications, and in how they deal with their direct reports. Part of a culture that successfully values information is its encouragement of staff to raise issues. Transparency is gold for senior managers. Those who don't want to hear about issues and problems, who scream "don't tell me about it, fix it!", will never — I mean that, NEVER — achieve great information management.

And by the way, it's not just big businesses with fatal flaws in their systems that need information management. Any business that requires reliable reporting to make business decisions needs solid information management.

So, yes, that's every business!

Language: The second foundation of information management is language. Aligning business language across an organisation allows clear communication between different areas. This is of most acute importance when IT are working with business staff to create systems and reporting that is accurate, efficient, and cost effective. We've written a lot about this in the past, here, here, and here.

In Westpac New Zealand's case, a clear understanding of terminology could have helped. The independent report that the NZ Reserve Bank required of Westpac said that some processes for the risk and compliance committee "lacked clear ownership", while the relationship between the board and RBNZ "suffered from instances of miscommunication and misunderstanding".

A well written, well defined organisation-wide glossary will enable clear communication, reliable reporting, stable tech spend, greater IT project success, and much more, including assurance of regulatory compliance. For that, read on!

Information Artefact Management: Once your language is defined and effectively documented in a dynamic and supported glossary, information artefacts — which, as outlined already, is any piece of information that carries meaning or significance to the organisation, such as reports, spreadsheets, dashboards, websites, procedural documentation, etc — can be registered, details about each artefact can be recorded and the information artefact can be managed.

In Crown's case, their new policy and procedural documents would qualify. These manuals will be of prime importance to the organisation and should be managed. They may carry privacy and security restrictions, which also needs to be registered. They need to be lifecycle managed, so staff always know they're accessing the current version. They must be owned, with responsibility for them attributed to an individual.

When these kinds of management activities are mandated over information artefacts, information quality improves. That is to say, when someone in Crown is personally accountable for a compliance manual to be kept up to date, to be accurate to regulatory requirements and to be reviewed and audited regularly, there's a far greater likelihood it'll get done!

But there's a further, very vital part of artefact management that Crown and Westpac (and all businesses) need.

An effective information artefact management platform will not only offer all the information we've covered, it'll also be a place where any staff member can go to raise issues with information.

This is key.

If you've established a culture that encourages people to raise issues when they identify them, or even when they suspect an issue, then staff who've been trained in a protocol, and who notice that protocol not being followed, can raise an issue against the protocol manual in your information artefact management system.

When such an issue is raised, either the manual is wrong, or the action being carried out is wrong, because they don't match.

In Crown's case, this could mean illegal activity — accidental or deliberate.

In Westpac's case, it could mean incorrect data entry or wrongly approved policies — accidental or deliberate.

In any business's case, it could mean the difference between fixing regulatory breaches, or facing fines, legal cases and even the cessation of business altogether.

A culture of issues-raising, with the accountability and management of information artefacts, achieved via the alignment of language across the organisation, creates assurance of information quality, and provides visibility over the current state of compliance and quality throughout the organisation.

The fourth foundation is, or course, measurability. It's great to have all these things happening, but governance teams and senior leaders need to know it's happening. A great information management platform will offer you visibility over what's happening — how many staff members are using your platform, how much of your business language is defined and aligned, how many artefacts are registered and being actively curated, and how many issues have been raised against them. Further, it will reveal how long is it taking responsible parties to address and resolve issues.

That's business assurance.

Our Intralign Encyclopaedia is built on this need, and the importance for senior leaders of ensuring regulatory compliance. We developed our information management platform with governance as a native driver to all its activities, allowing ownership and therefore accountability over every business process involved in any kind of metric.

To apply this to Crown's situation, if O'Bryan insists on thorough information management, all policy and procedure documents, all regulatory requirement reporting, all essential business processes, will have language clearly and effectively defined.

From there, ownership of definition correlates to ownership of the business process being defined. Thus, real-world governance and accountability is established.

And once this governance and accountability is in place, any information artefacts, such as policies, procedures, IT designs…anything documenting what is happening or should be happening in the business, is registered in the system, linked to relevant business terms, and ownership over the information artefact is established. This creates an accountability structure for each and every process in the business.

The beauty of this all happening in one piece of software is that:

  • Governance over all these activities happens in-platform
  • Leaders and governance teams can see how actively and efficiently terms are being defined, ownership is being assigned, policies and procedure manuals are being aligned to language and ownership established
  • A snapshot of the current state of information governance is available
  • Under-participation is identifiable
  • Accountable staff members ensure the definitions are written for the terms they own, and the language in the artefacts they own aligns to the glossary. All their owned items are signed off.

No excuses, everything has someone's name on it. Everything is visible. Everything is monitorable and trackable. Everyone can raise issues. Everyone can comment on resolution suggestions.

And this transparent collaboration on information management and quality improvement will feed actual improvement to process and practice, and it will support cultural and procedural change.

From our perspective, it's a no-brainer for Crown and Westpac — for any business — in which regulatory non-compliance presents a serious risk to business assurance.

Think regulatory breaches like these can’t happen to you or your organisation?

Think again. Without solid IM, you’ll always be at risk.

Download our free whitepaper that explores how effective information management gives business leaders the assurance of regulatory compliance they need.

CLICK HERE TO DOWNLOAD WHITEPAPER

Need help getting information artefact management in your organisation? Why not have a chat with us and see if there’s any way we can assist you.

Join the discussion on LinkedIn
Mark Atkins, Intraversed

Mark Atkins

Mark is a co-founder & Chief Development Officer at Intraversed, helping organisations establish the Intralign Ecosystem, an award winning information management & governance methodology, to achieve reliable information, stable tech spend & greater IT project success.

Connect on LinkedIn

Back to blog list

We’re excited that you’re interested in connecting with us!

We’d like to send you our monthly emails. They outline our latest blogs, talk about current events and give you information about our services and products. We strive to make them interesting, relevant and practical, so you can build your business assurance with each email. And we also do our best not to let our emails be too salesy, pushy or marketing-heavy.

* indicates required