What We Do

Risk Reduction and
Operational Improvement

Our goal is to help companies address their significant and increasing Information Governance risks and objectives. We have a “track record” of delivering Information Governance Objectives for major banks, financial services companies, and others.

Hover on each Objective to see our track record

Tap on each Objective to see our track record

Regulatory Intelligence


Specify what Information Governance requirements apply to data, including retention and privacy, and identify information subject to such requirements.

Regulatory Intelligence

  • Implemented a regulatory intelligence service and knowledge base to identify and maintain global Information Governance requirements
  • Identified “Regulated Roles”, allowing a major bank to systematically link electronic communications surveillance and retention to professions and business units

Information
Lifecycle Management

Assure the management of information in all formats, from creation or receipt to final disposal, in order to meet retention, archiving, disposal, or other legal or regulatory requirements.

Information
Lifecycle Management

  • Developed enterprise Information Lifecycle Management programs that included newly-created policies, processes, governance, technology, and controls
  • Conducted training for 500+ records officers in multiple geographies and business lines

Data Privacy


Collect, use, safeguard, and share “personal data” in compliance with the requirements of privacy laws and regulations (such as GDPR and the California Consumer Privacy Act).

Data Privacy

  • Relocated compliance archives for the UK subsidiary of an EU bank for post-Brexit data-residency compliance
  • Implemented the GDPR inventory of Personally Identifiable Information in unstructured data sets across multiple business lines and geographies

Regulatory Responsiveness


Respond effectively to courts and regulators requesting information (improved eDiscovery), and to consumers exercising their Data Subject Rights.

Regulatory Responsiveness

  • Established a global unit to coordinate data retrieval for regulators, courts, and management
  • Developed a Record Preservation Process for the preservation (Legal Hold) of eDiscovery relevant data

IG Risk Management,
Controls, and Monitoring

Assure and substantiate that Information Governance requirements are taken seriously by the organization and third-party vendors, are complied with, and are part of “business as usual” operations.

IG Risk Management,
Controls, and Monitoring

  • Implemented enterprise policies and governance procedures for the introduction and use of electronic communications systems (email, chat, and messaging)
  • Established governance of third-party messaging archiving vendors that reduced the number of severe incidents by more than 80%

Defensible Disposal


Reduce the amount of data held, to decrease risk, lower processing costs, and streamline control processes.

Defensible Disposal

  • Led a defensible disposition project for a global bank that reduced the amount of data held, decreasing processing costs and streamlining control processes
  • Led a legacy clean-up and remediation of paper archiving, resulting in a cost reduction of over $10 Million

Data Storage and
Retrieval Efficiency

Improve effectiveness and reduce the costs of storing, retrieving, and processing information.

Data Storage and
Retrieval Efficiency

  • Reduced archiving and retrieval budget by $40 million over five years
  • Reduced the number of employees requiring electronic communications archiving by 70%

Acquisitions and
Divestiture Compliance

Retain and transfer information to meet contractual and regulatory obligations and government oversight.

Acquisitions and
Divestiture Compliance

  • Created a Records Management checklist to provide guidance for employees and external parties involved in divestitures, mergers, and acquisitions in multiple geographies
  • Provided guidance on contractual language for the proper retention, storage, and maintenance of data following business line and country “exits”

Information Security


Safeguard critical information by incorporating Identity and Access Management and Data Loss Prevention considerations into Information Governance solutions.


Information Security

  • Developed data retention and storage policy documentation to comply with the NYSDFS Cybersecurity Regulation, including how non-public personal information is disposed
  • Worked with the CISO to ensure that message encryption solutions met requirements for both managing Confidential data and applying eDiscovery tools and procedures

Operational Effectiveness


Implement “enterprise solutions” to enable Information Governance requirements and reduce operational complexity and costs, including archiving technology and migration to cloud infrastructure.


Operational Effectiveness

  • Implemented “enterprise” archiving solutions that met retention requirements for voice, electronic communications, and unstructured data
  • Integrated electronic communications records retention with “enterprise” IT service tools

Read Our Perspectives

Find out more about our perspectives on Information Governance. Our years of experience give us a unique insight into the world of Information Governance.

Read Our Perspectives