JoFS – Data Governance: the tide that lifts all data initiatives

From back‑office discipline to strategic AI enabler

Financial institutions are under growing pressure from two converging forces: rapidly advancing artificial intelligence and an expanding regulatory landscape that demands ever-greater control over data. Drawing on her experience as EMEA Chief Data and Analytics Officer at SMBC Group, Shahina Khan argues in her article in the Journal of Financial Services that data governance, once largely confined to architects and risk teams, has become a strategic capability. It now underpins AI readiness, operational resilience, and supervisory trust. The article explores how robust metadata, lineage, and ownership transform governance from a compliance obligation into a prerequisite for safe, scalable AI.

Where governance, regulation, and AI meet

The article argues that regulation is the catalyst for this shift, rather than its ultimate objective. Supervisors such as the European Central Bank (ECB), alongside frameworks including BCBS 239, GDPR, the Digital Operational Resilience Act (DORA), NIS2, MiFID II, SOX, and the EU AI Act, increasingly expect institutions to “know their data” with a level of precision that cannot be achieved without mature metadata and lineage. As a result, governance moves from optional good practice to a structural requirement embedded in everyday operations.

Complex data estates demand pragmatic governance

Yet regulatory expectations collide with operational reality. Legacy platforms, multi‑cloud environments, fragmented tooling, and extensive outsourcing make unified governance difficult to achieve through traditional, centralised approaches. Khan therefore argues for embedding governance into existing ways of working. Federated ownership, phased roll‑out focused on critical data, and “governance by design” in new initiatives offer a more practical alternative to large, standalone programmes.

Investing in data governance is no longer just a compliance or data management move, it is becoming a strategic prerequisite for AI success.

AI for data governance: automating the hard yards

Even pragmatic governance, however, struggles to scale without automation. The article highlights how modern AI techniques can support automated discovery and classification, continuous data quality monitoring, inferred lineage, and active metadata. Governance “copilots” can answer questions on definitions, ownership, and usage, helping keep catalogues current. While human oversight, privacy controls, and stewardship remain essential, AI significantly reduces manual effort and prevents governance assets from becoming obsolete.

Data governance for AI: trusted data products as the new unit of value

This automation only creates value when it feeds trusted AI outcomes. Successful AI depends on curated, well‑understood data. Governed data products, supported by ontologies and knowledge graphs, improve explainability, bias control, and compliance with EU AI Act requirements on training data. The same logic increasingly applies to third‑party data, where vendors are expected to deliver transparent, metadata‑rich products rather than opaque feeds.

What forward‑looking leaders should focus on

The implications for leadership are explicit. AI ambitions will stall if metadata, ownership, and lineage remain fragmented. Prioritising critical domains, embedding governance into investment decisions, and demanding transparency from vendors strengthen an institution’s ability to deploy AI safely while meeting supervisory expectations. In this framing, governance becomes an organisational capability rather than a finite project.

Governance as the backbone of AI and resilience

The stakes rise further as regulation and AI use cases intensify. As high‑risk applications such as credit scoring and financial crime monitoring fall under the EU AI Act and DORA raises expectations around operational resilience, weak data foundations translate directly into regulatory, conduct, and model risk. Institutions that treat governed data as infrastructure are better positioned to achieve digital trust at scale and extract lasting value from AI.

Connecting data, AI, and institutional redesign

Finally, Khan situates data governance within a broader transformation agenda. Related Journal of Financial Services articles explore these connections further:

• Beyond the turning point: how agentic AI is reshaping financial institutions
• Agentic AI in banking: between narratives and statistics
• Data mesh as a strategic foundation for AI in financial services: from concept to scaled adoption

About the Journal of Financial Services

The Projective Group Institute’s Journal of Financial Services (JoFS) provides structured insights on developments in the European financial sector. Each edition brings together contributions from practitioners, academics and regulatory experts to help readers understand key changes in the industry.

This edition examines how data and Artificial Intelligence are influencing financial services. It looks at how modern analytics and evolving regulations such as GDPR, DORA and the EU AI Act are raising expectations for data quality, governance and oversight. Through concise, thoughtful articles, the edition highlights the practical implications for decision‑making, risk management and operational resilience.