Why digital governance matters
Robert Smith is the COO of ABC Insurance Company, which recently launched its latest pay-as-you-drive insurance offering, powered by a range of digital technologies.
The market has responded positively, and several thousand users have signed up, sharing various data points about their driving habits in exchange for a variable fee – and the firm has gotten a jump on its upstart rivals. But then disaster strikes: ABC’s main data center is hacked, with thousands of user records stolen.
This scenario – familiar to many firms in recent years – is not just a reputational and customer service problem for ABC but is set to become a much more material regulatory concern.
In March 2014, the European Parliament voted to move the European Union’s new data protection regime one step closer to reality. If adopted, the proposed Data Protection Directive will impose fines of up to €100 million, or up to 5% of a firm’s annual worldwide turnover, for data breaches like this.
In the absence of a dedicated digital leader, it’s up to Robert to orchestrate ABC’s response. He has to direct IT to shut down security gaps, work with customer services to deal with client concerns, and reassure the CEO and regulators that adequate controls are in place.
At the same time, he has to make sure that the business is flexible enough to tap the potential that the digital era holds, rather than stifling innovation internally.
1. What’s the issue?
The digital era has opened up wholly new opportunities to reinvent business models and transform customer interactions. This holds both great potential and significant risks at all levels of the business.
But most organizations have yet to articulate a comprehensive, digital enterprise strategy or appoint a focused digital leader, such as a chief digital officer. Each business will need to prioritize its approach based on its unique market dynamics – and relative digital maturity.
For those operating in regulated markets, the need for digital governance is more urgent. But digital requires consideration by nearly every organization, not least due to the pervasive use of digital content, channels and tools, with social networks and the ability to share built into every app and device.
2. Why now?
As digital becomes increasingly core to most businesses, several specific pressures are pushing digital governance up the corporate agenda.
- New regulatory requirements demand action. Governments are racing to catch up with the speed at which the digital world is moving, leading to new and emerging laws on tax, privacy, data handling and more, with steep fines for failure to comply.
- Growing cybersecurity risks need to be addressed. Businesses today have to assume that attacks will occur at some point, and plan accordingly. Added to this, regulators in the US and elsewhere are putting pressure on firms to admit to such breaches publicly.
- Perceived digital weaknesses can do irreparable damage to brand reputation. Consumers are becoming increasingly aware that when they bring companies their business, they must also hand over their data. Firms that show themselves as untrustworthy data custodians will face a major loss of brand equity.
3. How does this affect you?
There are several reasons why yesterday’s approach to governance may no longer serve in a digital age.
First, the legacy mindset of governance as a control mechanism doesn’t work when information flows are fluid. Second, digital governance overly rooted in mitigation will limit organizations from the potential upsides.
Various new realities need to be factored in:
- Digital is pervasive. The use of digital content, channels and tools has led to exponential growth in new market segments, business models and ways to engage employees and customers. Companies need to find ways to adapt in how they differentiate and develop products, rethink customer engagement and communication, and handle employee interaction.
- Employees are now broadcasters and publishers. Thanks to social networks, every employee can freely and easily broadcast to the world. Training and communication can help, but firms need to find smart ways to adapt to this reality – and tap its potential.
- Decision-making happens at the speed of digital. Governance is traditionally about establishing a set of “rules and processes,” providing structure and guiding decision-making in a large-scale organization. But in a digital economy, decision-making approaches are changing and processes need to be adjusted accordingly.
- It’s not just a content problem. Companies must be mindful that digital governance is not only about content and who has rights to contribute, edit or distribute that content. They must also consider how and where it is consumed and the potential for it to go viral.
4. What’s the fix?
Organizations grappling with the issue of digital governance may want to consider the following steps. COOs are often at the heart of driving such change:
- Set out an appropriate operating model
The first challenge lies in organizing the business for digital – designing an underlying operating model that is fit for purpose and defines ownership and governance for digital. In some cases, a single centralized digital team and governance model may work best; in others, a more tailored and distributed approach may be better.
- Seek to change rules, processes and behaviors
Governance in the digital era is not chiefly through rules, but through a combination of rules, processes, values, monitoring and listening, and the explicit development of infrastructure and services to support and shape how digital helps create value for the business.
- Plan for “shadow IT,” not just traditional IT
In ensuring appropriate governance, organizations need to plan for the IT spending that happens outside of the official IT budget. Digital leaders should be supporting the development of digital capabilities within business units, instead of trying to control or prevent it.
5. What’s the bottom line?
Operating in a digital world presents seemingly unlimited opportunity but also raises new risks, from cybersecurity threats through to compliance failures and organizational silos. And as companies have raced ahead in experimenting with digital, governance controls have lagged.
COOs have a direct responsibility here, thanks to their broad oversight across the business and their ability to define a viable operating model and then implement it.
A comprehensive digital governance model requires investment, but the benefits reach far beyond merely managing compliance: digital leaders will reap cost and efficiency gains, as well as reputational and competitive advantage.