RobertoLofaro.com - Knowledge Portal - human-generated content
Change, with and without technology
for updates on publications, follow @robertolofaro on Instagram or @changerulebook on Twitter, you can also support on Patreon or subscribe on YouTube


You are here: Home > Rethinking Organizations > Going smart: intermezzo on the future of compliance and regulation

Viewed 18970 times | words: 9896
Published on 2021-05-30 16:00:00 | words: 9896

This article is actually a "bridge" between two (well, three) series of articles, that started in August 2020, and a new one about finance that I will start soon.

Well, considering its length and structure (almost 10,000 words across 10 sections), somebody could say that it is "a bridge too far".

But, sometimes, as my articles are "drafts" for future publications, and anyway used to publicly revise ideas, it is worth writing a "connecting the dots" article.

In this case, it is not just a connection between the articles listed within the "introduction" section and those that will follow.

The aim of this article is also to help contextualize a theme that will be in the background of future articles: are we structurally ready for the changes to come, as a society?

The common thread? Thinking systemically about the impact of developing a data-centric society.

This article has few short section:
_cultural regulatory differences
_the collaborative side of standards-setting
_digital transformation and rules-making
_the illusion of data-centric political neutrality
_redefining which competence is needed where
_the illusion of being competent
_of systems and components: constraints
_it takes a (different regulatory) village


Consider that most of our regulatory framework still has elements that sound a lot as coming from the era of Queen Victoria (in some cases, I would dare to say even the era of Elizabeth I).

These are some already published articles, by date:
_2020-08-24 Going smart or going postal? smartwork, smartcities, smartvehicles- the Turin and Italy case - part 1
_2020-10-01 Going smart or going postal? smartwork, smartcities, smartvehicles- the Turin and Italy case - part 2
_2020-11-18 Going smart (with data): the Italian case - introduction
_2020-11-20 Going smart (with data): the Italian case - a tale of two cities, virtual and physical - Turin example
_2020-12-03 Going smart (with data): the Italian case - mobility and the new automotive
_2021-04-13 Going smart (with data): the Italian case - a systemic sneak preview of the future.

As I wrote also in my latest article- discount the typos here an there- if and when my articles will evolve into book chapters, will add more material, more references, maybe clarify here and there, and... fix the occasional typos.

This article contains extracts from the articles listed above- so, you can avoid reading "few" thousands of words, to get just to the main theme that will be discussed in this article.

The overall theme is simple, as I wrote within the first article listed above:
First idea: going vs becoming smart

GDPR and ISO standards as well as privacy and competition laws, along with human rights charters are still unconnected elements of what could evolve into the founding bricks of an ecosystem or, better, the glue that keeps it together.

But the need to coordinate various "legislative" and "judicial" entities that have limited or no knowledge of the domains covered by others is a sign that we have still a long way to go.

Digital transformation implies shortening (and automating) decision times, hence we are back to Asimov's "Law of the robots": an embedded set of rules that are used to framework (and hence streamline- no need to reinvent/renegotiate the wheel every millisecond) any choice.

The fictional Asimov's laws were actually assuming a shared set of values, and an associated "ecosystem" where autonomous machines coexisted with humans and "dumb" equipment.

Also without autonomous robots, we lack for the time being a shared definition of "smart" and associated values.

Everybody talks about "going smart", but, frankly, as I observed since I started working formally in the 1980s, any "trendy" keyword is routinely hijacked to "revamp" existing products and services.

I will just ask you a question: "limiting" to the concept of a data-centric society, what is the meaning of "smart"?


I think that reality will become a data-centric society using what we are assembling now.

Initially, it will be a non-hierarchical aggregation of "ecosystems", all sharing elements of "shared socio-economic-technological infrastructure" (henceforth "shared SETI"), and adding on top of them whatever their own "ecosystem bubble" needs to deliver the value added critical to attract and retain (or develop) membership to the ecosystem.

As you can see I omitted in that "shared SETI" the "political" part.

Such an omission wasn't by chance: in my view, a view that I shared often in the past, in the XXI century (and beyond) both individual citizens and any organization (including non-profit and state) will have a continuous political role through countless interactions.

So, while there will be a "professional" element to politics (as in any other occupation, there is a series of "rituals" in anything going past the most elementary level of complexity), there will be a "citizenship" part- both individual and corporate citizenship.


Incidentally: due to the its socio-economic structure (each town is as if partitioned in villages, and anyway there are still the basic tenets of local life in many smaller villages, plus companies are on average much smaller than in other G7 countries), Italy could actually be used as a "testing ground" for the future of business and society not just in Italy, i.e. by evolving some local (tribal) habits while integrating the XXI century "national shared SETI".

Of course, if you think that the only way a data-centric society can work is with a kind of "data Gosplan" and gigantic bureaucracy (human or automated, doesn't matter) that considers each citizen and each interaction/transactions between humans and between humans and machines or even machines and machines as something to monitor, collect, process according to Bentham's "Panopticon", you can skip the next section: there is nothing that you will find interesting.

My interest is in seeing how technology can be used to create a more "fluid" set of social relationships extending to those between citizens (private and corporate) and state, avoiding to venture into Orwellian or Hobbesian scenarios, and removing from the table the Panopticon option.

And I must add: even the latest "streamlining" of Italian bureaucracy announced contains elements that make me think of Orwell's "newspeak", as when in UK was announced long ago a new framework on privacy that was anything but.

It was funny to read in that table, summarizing the latest degree on streamlining bureaucracies, under the banner "overcoming digital divide"... the interconnection of databanks.

When I was living in Brussels, and attended workshops related to e-government, e-democracy, e-health, and, yes, e-inclusion, "overcoming the digital divide" meant something else.

As I wrote recently- as this and other recent regulatory, decree, legislative releases from the Italian Government and the Italian Parliament as touted as being functional to the Italian proposals for the fund allocations associated with the #NextGenerationEU, the #PNRR, I will wait for the finalize version after a consensus is reached in Brussels and the documents will be all made public (there were to be 2,500 pages of additional documents attached to the Italian proposals sent in Brussels, but last time I checked were not visible online, on the page where are listed the documents presented by EU Member States).

For now, all the summaries are, in my view, interpretations, and all the official releases should be considered as interim, work-in-process documents.

If you want, in Italy, often it is a dichotomy akin to the honne - tatemae- what appears (or, at least, is expected), and what is.

So, we better see the end product, not interim elements that are part of the routine continuous "negotiation via indirect communication" that I witness each day since March 2020 by reading few Italian newspapers each day before breakfast.

Cultural regulatory differences

When I resumed to work in Italy in 2012 (and re-registered locally), for the first time in a long, long, long time I was almost on a daily basis in Italy- except for business trips in the first half of 2012 to USA, Brazil, Switzerland, and visiting an American friend in London while attending technology and cybersecury conferences in London, and an annual visit between 2016 and 2018 in November to Frankfurt to update on digital transformation (and a month to study German in Frankfurt in 2017), I was as resident as anybody can be.

With a twist: I never felt so "foreigner" anywhere I lived- Italy seems to be living in a bubble in time, with plenty of gaming and scheming that is frankly, from my Italian, foreign, but also business experience a little bit too naive, a little bit too blatant, a little bit too self-centered and self-aggrandizing, assuming that nobody who is not local would not understand.


Being on a daily basis locally, I was able to use my past experience to carry out a "live exercise" on cultural and organizational analysis- as a pastime, while waiting (and working) for a return to better times.

As I did in the Army when, after some kidney and blood circulation issues that resulted in few visit to hospitals and a surgeon intervention, I was told that, if I had had just one of those occurrences before being called up I would have been sent home, but, once in, it was not enough, and I should have completed my twelve statutory months.

Then, back in the barracks, I was told that I could hang around the infirmary all the day, after the routine daily roll call.

It took barely two days of inaction, before I went to the office in my group and asked if there was something that I could do, as I had been using a typewriter machine since I was 9, and I was studying information technology, and had some knowledge in science etc.

My group was an Artillery Specialist group, and my initial assignment, before I went to hospital, was with the code 217/A, in transmissions, then shifted to be trained as an "aerologist", i.e. weather forecast for artillery, as I am shortsighted, and eventually, as I had been converted to a PQ, "perequazione quantitativa" (bureaucratic lingo for "use as you see fit"), got an official new code only when I completed my service- assigned as 40C (radio operator- also if I never even touched a military radio, albeit... long before I had studied Morse code and radio operations in my self-study as a teenager hoping to eventually get a private pilot license- but I never used it, so forgot almost everything: could be useful one day to recover?).

Well, when I visited the office, I was asked to try typing- and, used to play piano and use a mechanical typewriter, the typewriter that they had was something you could fly your fingers on.

But my induction training in that role showed me that the job as "furiere" came with some perks- including plenty of spare time.

Personally, I suddenly found again a role as the one I had seen in my toying with politics year before.

The role was a bureaucratic role- but, beside applying my librarian skills to re-arrange the filing, I took to heart that my group was unique: in a country where, at the time, less than half had a high school diploma, and barely 5% had a university degree (or so said at the time), my side of the group, the "batteria specialisti", being tasked not just with weather forecast at the divisional level, but also topography and nuclear bacteriological chemical (NBC) had a high degree of people with or approaching STEM degrees.

So, in barracks of around 1,200 (artillery), we could make a difference in the well-being, and, as part of my role was the check on each new batch that arrived each month, for assignment to roles, let's say that I was reprimanded as quite a few of our STEM were re-rerouted to the infirmary, often by indirect calls from higher up, and we were way above our quota of personnel, or so I was told.

Well, a quota system that assumes that a doctor can deliver in an infirmary the same level of service than somebody with an elementary school leaving certificate has a peculiar concept of "competencies".

But that was not enough- you can have a at the bottom of the last page of my CV to see how many other activities made up and delivered (and some are missing).

My concept was, in 1985-1986 as since 2012 back in Italy: if I have to be here, let's make it worth something.

And no, I had no intention back then to stay in the Army as I had no intention, unless there was either a business or personal reason, to stay in Italy from 2012 on.

Making it work, implied, from 2012 until 2021, to attend countless (until 2019 in person) events on digital transformation, new business models, new evolutions in society and technology (including a conference on IoT organized by IEEE in Milan- from 1997 until 2018 was first an associate, then a member, in Italy, UK, Belgium).

So, I was able to follow the local debate on the social, business, technological evolution and impacts- but, being both a citizen born in Turin, and somebody whose business (and political) training started and continued abroad since the 1980s, it was an unusual experience.

Whenever I attended a conference, workshop, webinar (and, since March 2020, only the latter), I ended up comparing what I was seeing and hearing with what I had read, heard, observed abroad.

The key difference is the structural perception of rules and regulations: in Italy, as I saw since the 1980s, also because my role was often to teach, develop, help implement rules, or even just help enforce or audit methods etc within organizations, we had to "import" rules that derived from a completely difference perception of both reality and the relationships between society and "rules".

Under the apparent compliance (well, partial compliance, considering the number of "calls to action" from Brussels and Strasbourg to Rome, over decades), in Italy sometimes pre-existing approaches and rules coexist, and set the actual pace of action.

As I wrote in the past, unless we decide proactively to move forward, and adapt before we adopt, we will keep ending up as it was in the early 1990s with ISO9000, on quality.

Or: many companies "had to" have the certification- but it was considered an "add-on", almost a "compliance step" added after the "business as usual" was done.

In business terms, an additional overhead.

When a customer decided to certify for ISO9000, as my role was on cultural change, to complete the design and delivery of a methodology and associated changes in "how people work and think" (that was the mission I had been assigned in December 1992), including a training curriculum (that was the challenge and request, that I had accepted), my proposal, accepted, was to integrate ISO9000 within the methodology manuals- i.e. to make quality a structural, pre-emptive element.

I will not discuss the details- but I saw that was then recycled elsewhere by others in Italy- they just replaced the customer logo with their own, when selling to a different customer.

Yes, in preparation of that role, I had read and studied many books on quality, Japanese methods, Deming, etc- and, as it is my tradition... do not ask me to give you a synopsis of any book I read: I read as if I knew nothing about the subject, in "listening mode", then connect with what I know, if needed re-read, then maybe jot down a review and summary, but then... it is just part of my "connecting the dots"- I can always check details or minutiae within the book, what matters is that it is "embedded" with all the rest.

Useful, as sometimes implies that connecting the dots is instinctive, and when I was working abroad occasionally I was told that it was unusual how I quoted or was informed on various subjects that were nowhere in my formal training or CV: you just need a "catalyst" to make those element surface.

Then, if you have doubts, you get back to the source. Personally, whenever I write these articles, I have the habit of looking at sources for whatever data point or reference I would talk about, and share the source as a link or reference.

It is also useful to defy a major weakness of human memory, which is "relational", not "factual" (unless you want to be as "Mr Memory" within Alfred Hitchcock's "39 Steps"- remember perfectly details of something you understand nothing about, as it is not connected with "what you are").

Generally, when I (re)designed rules, regulations, processes, organizational structures for a customer, even presentations (as somebody saw also as recently as mid-2000s in Rome on public sector projects), my name is irrelevant- it is the customer that matters.

It was a choice that started long, long before: in my first structured political activities, started when I was 17 in Turin, within a European integration advocacy, the purpose was to help others to "embed" our messages in their messages, to expand acceptance and audience beyond our limited "focused audience".

Otherwise, instead of an advocacy, we would have ended up being yet another group "preaching to the choir"- Zealots.

Also in cultural and organizational change, the integration of the agreed change within the target organization is more important than being acknowledged as the source.

The price? To accept to be a "ghostwriter", and furthermore accept that the recipient was then going to "embed", i.e. maybe adapt a bit the message.

The collaborative side of standards-setting

Now, consider the introduction above, and maybe re-read the sections from the first article that I shared, and you will see something different.

Some of my readers probably know better than I do the collaborative process that results in a new standard, as I worked in the past with some actually involved in defining standards.

Now, we will need something more of that (again from the first article within the list shared above):
Well, "going smart" (smartworking, smartcities, smartvehicles) implies a collaborative effort, a blurring of distinctions between citizens or employees and states or companies.

You could pepper every corner and every street with sensors, but we humans are quite adaptable- if you want you office, town, cars to be really "smart", you need the willing cooperation of those involved.

As I often wrote in the past, in the XXI century we have to restructure our mindset, not just add more technology, technocrats, and regulations.

Define frameworks so that there are boundaries of acceptability to ensure a society that is sustainable in the long-term, but drop the XIX century approach to over-regulation in every minimal details, nowadays still so common in some countries.

Also, you need to define ways to consider "adaptive patterns" that will emerge through interactions, unplanned.

A control-freak society (a common inclination in Italy) cannot work in a movable society, where citizens have the four freedoms afforded that are the backbone of the EU "social contract":
_Free movement of goods
_Free movement of capital
_Freedom to establish and provide services
_Free movement of persons

Actually, I would add some more.

Anyway, to keep this article short, I would just say that over-regulating might have worked when our society was built around villages, as only rejects or merchants or few socially acceptable occupations or "statuses" were leaving the confines of their village.

I keep writing XIX century, as this is the regulatory framework in Italy, but, frankly, often the attitude seems more pre-Renaissance, when we still had peasants literally "attached" to the land or village.

Yes, we need a different, innovative framework of reference that should guide the definition and implementation of both organizations and transactions (and the associated operational rules) within our future data-centric society.

And, incidentally, Houston we have a problem: way too many members of the "thinking side" of academia and society on these themes, those acting as reference talking heads for politicians are frankly ill equipped for the role that they took.

Too many of these "intellectual guiding lights", for example, discount the social-political choice embedded in deciding a set of ethical guidelines on the use and development of technology.

One of my hobbies is to keep reading about history and previous debates on science, technology, society, and some of the arguments presented sound a little bit too close to the digital equivalent of Mengele's approach to medical research.

During WWII, but also in WWI, despite propaganda, both sides used terror as a tool to an end- so much that, when in WWII were designed new "tools" to target fire bombing on civilians to enhance the destructive power in towns, Robert McNamara said that General Le May had remarked that, if they had lost the war, would be all tried as war criminals.

And the demise of the Soviet Union, and crumbling of the "static boundaries" of Cold War showed how also in the middle of Europe a country like Jugoslavia could turn into a cauldron of mutual atrocities.

Technology and associated choices are never "neutral", and the XX century showed how, when we converted technology and science into tools for destructive purposes, our supposed "rules of fair play" were the first to end up in the trashbin.

Accordingly, what I wrote back then in one of those articles still holds true:
Unfortunately our companies and citizens in Italy are way too often toying with XXI century technology but using XI century mindsets.

And our state and local bureaucracies, too.

As I wrote above, this article is a "bridge".

The "intermezzo" in the title is a reminder of those 1960s movies where there was actually a music break (and, often, also a music preamble).

Well, this article is quite certainly a weird form of "music"- but this is the right time.

As discussed within the articles listed above, and hinted here and there within article so far, we need a paradigm shift.

Digital transformation and rules-making

What entails digital transformation, also if we had not had a global pandemic with macro-economic impacts, and potential long-term health impacts on a not-so-small part of the population worldwide?

A significant change in the timing and quantity of information that has to be involved within a "continuous global regulatory homeostatis".

In simpler terms, we need a regulatory system that is continuously adjusting to current and forecast needs.

I will use examples from my past book readings and then 1980s works on data in business decision-making.

Long before I started working, I was interested in the way our brain works, notably how interacts with and is influenced by the environment; along with that, I looked at what history had shown, and what cultural anthropology, observing human societies, had found (later added also animal "societies").

When I worked on Decision Support Systems in the late 1980s, "imported" what I had learned in the 1970s and early 1980s on the above (and also what I had learned in political activities, revising documents delivered by Brussels and Strasbourg).

The concept of decision support models that I designed was to use data that were a consequence of the "normal" activities, not data designed on purpose for the models, to avoid any intentional or unintentional distortion.

A "model" to support decision making but built on operational data, also if apparently just "documents" and existing approaches to decisions, is something more, and includes a "normative" element.

Moreover, includes a "selective" element: despite what many say, collecting all the data about all the events would not improve human decision making, as we are ill equipped to process that amount of information at the speed it is produced.

So, you have to prioritize.

And, despite the penchant in Italy for regulations and policies that document and structure every minute details of future reality by looking at what we already observed in the past (no, I am not joking), our normative and legislative efforts routinely fail to achieve that target.

Also if then you ignore the "implementation" element, which in Italy implies having to deal with roadblocks and shortcuts associated with tribal boundaries and tribal interests, the only practical way to really regulate the future in minute details so far has been to "redefine reality", up to the point of having a life reality, and a legal reality- as in the Japanese concept shared above.

Then, adjust- e.g. by adding (as we do in Italy) routinely laws "fixing" previous laws.

What you end up with? Gordian knots.

As you probably know if you read my previous articles (or the data privacy and GDPR articles collection), I think that the approach used for GDPR could be more useful: you cannot regulate "a priori" details that you do not know- you have to provide a framework that allows then to extend by analogy.

What is needed, of course, is mutual consensus on the definition of this framework.

Which, incidentally, brings about another issue: when you move from "regulating on minutiae" (and ignoring what is outside- I kind of positive, benign neglect- a "political" choice), and move onto "extension by analogy", you are making political choices.

The illusion of data-centric political neutrality

As I wrote above, technology is not neutral- and our current technology has an added dimension that, for all the "digital transformation band-wagon effect" that is taking over our élites and politicians (the latter not necessarily belong to the first), is way too often ignored.

A data-centric society is a complex society: complexity in interactions, complexity in the number of actors and their continuous re-balancing, and complexity in evolution.

Why "complex"? Because, in order to work, you need to have in place not just data-production and data-collection points scattered everywhere

It has to be as close to the events generating data as possible.

And it has to be part of a nervous system of interconnections that is able to connect what needs to be connected to contextualize specific data points.

And, of course, much more.

Since the 1980s, the integration in regulations and laws of this expanding layer of complexity showed how the pre-existing approaches and timeframes of rule-making were not tuned to how our society is able to implement and "live" those rules.

Already in the 1990s, the opening of the Internet to business uses outside the USA showed some issues on the integration of a technology that did not know national jurisdictions and boundaries.

Add to that element lowering the direct costs of technology (e.g. cheap smartphones, tablets, computers), of the means that make that technology usable (e.g. cheap data and communication bundles, free or cheap apps), its spread (almost everybody has a form of Internet access device, also if not using it exchange data), and you have an idea of the context.

Sometimes, rules created to "accelerate" digital transformation simply created a bottleneck.

Already between the late 1990s and early 2000s, some rules and regulations that derived from the late 1990s OECD "push" for e-government, produced such a set of unintended consequences.

Imagine: frameworks whose purpose was to expand the use of Internet by local authorities, but written by a collection of "vertical" experts in a specific domain.

Experts that, in order to produce somethign coherent, had to "merge" their expertise, and, from the documents, "negotiate" something that covered all the bases.

As they saying goes, a horse designed by a committee? A camel. In this case, a new lingo containing the usual mumbo-jumbo of acronyms, keywords, etc.

You can see a movie that I quote once in a while, whenever I was to give a "visual" perception of what happens when, instead of having an initial shared purpose "upstream", you simply generated one "downstream", by blending conflicting sets of requirements into an apparent "unity": The Pentagon Wars.

Multi-disciplinary committees may actually produce useful results- but only if they are guided by a purpose and include an understanding of the target audience.

A committee that is a mere blend of experts is inclined to reach a consensus that at least does not dis-satisfies everybody... on the committee itself.

If you are on the receiving end of the byproduct of such committees, and you still have "in house" experts covering each original "vertical" element, your organization has an advantage.

You and your team can play Cremlinologist, decrypt what you receive, and recognize, beyond the "blend", the contributing factors.

Something that, often, is useful while trying to implement.

Unfortunately, more often than not, the "audience" lacks the ability to discern the "vertical expertise" and "harmonization" elements, and receives something that, to be implemented, requires something that is missing- unless you just try to "adopt" without "adapting".

Net result?

Often, something designed to "make it simpler", and "harmonize behavior", that discounts or simply ignores the level of capabilities needed to "adapt" to the context, produces instead something else.

Apparently, "harmonizes behavior", but in reality generates additional overheads.

Adding more data implies selecting "which" data, from "which" sources, to "which" end.

So, again, a set of political choices.

Involving target audiences into rules definition about data-centric society developments is, again, a political choice- as it is deciding instead to simply issue "edicts".

Are we there?

I think we still need some tuning- not in regulations, but in roles.

Redefining which competence is needed where

It is not something that happened just decades ago, e.g. after WWII- right now, for example, in Italy a new "job description" has been announced, for public venues: the "COVID manager".

Could make sense as a shared resource, with the risk that could turn either into a kind of "political orthodoxy commissar" (if provided by public authorities), or a hybrid between a health expert and virologist plus cost accountants (to minimize compliance costs)- but, notably in smaller operations, could be difficult to integrate into a "new normal".

Considering the small size of many companies and venues in Italy, it is again a case where, probably, could make sense for business associations to provide, as shared resources or an additional service to member companies, a role similar of that that I was doing in companies while helping to improve processes or implement methodologies, or other forms of "cultural and organizational change".

I shared similar ideas years ago, e.g. to help smaller companies to join supply chains, as often it is not the quality of their products or services that limits them, but the lack of organizational capabilities to follow through procedures designed by and for larger companies (customers and potential customers).

The issue, obviously, is defining who is going to benefit from what.

Otherwise, the risk is obtaining what we have already in Italy: plenty of "vertical experts" to be added for various reasons to any new business, but, in the end, answering to the business itself, and seeing that role as just a formal cost of staying in business, not a structural element.

Going smart implies integrating data, but also having organizational structures and business processes that can consume those data, and can structurally adapt when a set of "thresholds" is reached.

Adding data that continuously interact with an organization, and influence its behavior, implies shifting from the 1950s-1960s model toward something more flexible.

It is quite interesting that, if you study military history, despite keeping rules and traditions that go back centuries (or millennia), all across the XIX and XX century the time of tactical first, and strategical then, adaptation accelerated: again, technology was not neutral- and had both cultural and organizational impacts.

Already a couple of decades ago there were discussions about the impact of having "always on" video and audio connections with top brass sitting beyond the lines, and playing as in a videogame...

... was having a positive or a negative impact on operations.

Going smart therefore implies having a systemic mindset- the old attitude "not my concern", still typical in many bureaucracies is not just obsolete, it is the opposite of what is needed to benefit from interacting within a data-centric society.

If your organization still works by "vertical domains", probably going "data-centric" is not the best choice.

As it was in the 1990s when companies fell in love with the "data warehousing" or "knowledge management" concepts, and ended up with "dumpsters" that worked in reality as a "black hole": attracted matter (and budget), but did not necessarily leave supposed "data-induced enlightment" happen.

Meaning: those contributing data, in the former, or knowledge, in the latter, could contribute, but whatever they contributed was twisted and restructured.

In such a way that, if they wanted to either retrieve or improve, enhance, evolve what they had contributed, it was easier to simply provide something new, as only the "data/knowledge priesthood" could map reality to their systems.

It is not just a matter of technology, it is a matter of coherence across the lifecycle of data and its uses.

There is no point in having an expert on something whose expertise is never used, except e.g. in a crisis, assuming that those skills are a "learn, store, retrieve".

Whatever competence, it needs to be used or at least maintained (better through activities than just mere reinforcement through training), if has to be available when needed.

The issue with competencies such as the new "COVID manager" is the old "quis custodiet ipsos custodes", and the sustainability of keeping those competences in prime shape for smaller structures.

But for many other competencies associated with becoming "data-centric", the issue is one I discussed in term of organizational scalability in a book that I released in early 2021 (you can read the free edition by going at that link), i.e. doing something more than having a small, focused team that churns out whatever to justify its own (budgetary) existence, and instead having impact on business.

Which, in my experience since the 1980s, implies that the knowledge must be spread across the organization: you can keep "focal points" of expertise, but at least awareness (and, possibly, some operational capabilities) have to be accessible and understandable to those who could identify potential uses (and produce business impacts).

At the same time, looking beyond the mere awareness or knowledge of technology (or business methods- including "how to manage staff during a pandemic event"), you need to find ways to develop a "systemic mindset"- again, across the organization.

Reminds me of what I was told by an American colleague who had been manager in the USA of a branch of a Japanese company.

At the "mother company", even the man operating the elevator had knowledge of the key data about the company- not out of personal initiative, or a personal inclination toward "systemic thinking", but because that was the "normal" way to do it.

In Italy, as I wrote before, the small size of companies implies that in most companies there is no proactivity to create a "systemic mindset" across the staff- it is something at best restricted to selected few, at worse only to those who are being prepared for pivotal roles (not necessarily top management).

We Italians routinely praise the high level of "knowledge content" of our products- from components within automotive, to processes and products or materials in food processing, fashion, etc.

Which is all true- but, if you lack the systemic perspective and, say, assume that just IT should know about data-centric systemic impacts, your are continuining in the 2020s to prepare products and services as if you were in the late 1990s.

>b>The illusion of being competent

If you read the "Going smart (with data)" series, you read about how I criticize our obsession with "competency":
we are humans, so our time to acquire knowledge and experience is limited- anybody assuming to have all the knowledge is either delusional, or just a fraud.

There is always a risk that you can observe each and everyday on any talk show on any TV in any country in any Western democracy: we get somebody competent in A, package with a charismatic leadership aura, and, pronto, here you have somebody who can talk about anything anytime to anybody "with competence"- and all this never bothering to acquire any competence beside the one that originally (supposedly) had.

Well... pretended to have, in my view. Being, say, the most qualified heart surgeon, does that make you the most qualified surgeon general? Or will you, anyway, have to rely on the advice of other specialists, say, those with a specialist knowledge in epidemiology or biochemistry, or the administrative and policy side of health?

And this leads to another danger for democracy in a post-modern era.

Let's just say that our societies are too complex to be really managed by a single individual.

I think that nobody would question that- then, why do we obsess with "electing competents/incompetents"?

Even a small village, nowadays, has to comply with and oversee compliance with so many laws and regulations (notably in Italy), that there is limited chance that can do so "with competence".

Even the most competent individual will either stick to what (s)he knows (a case of "if your only tool is a hammer, every problem looks like a nail"), or do "how was done in the past".

In reality, to access all the benefits that a complex society generates through standardization and pooling of resources, even the smallest village would not need somebody "competent", but somebody "competent in finding those competent, and in being kept informed of new developments".
(from Going smart (with data): the Italian case - introduction)

There are many pictures showing that we are now within the inception phase (or even a more advanced one) of the Fourth Industrial revolution.

I decided to share this one:

(source: The Geography of Transport Systems / The spatial organization of transportation and mobility)

Being "competent" meant something else, when knowledge was passed from father to son- but in our times that started to be dubious at least since the mass production phase started.

Well, I wonder what will happen within the fifth and sixth industrial revolutions, when maybe we will move from automation, to collaboration with our self-aware machines, to machines inventing their own work- and maybe creating other machines that only they themselves can create, improve, fix, and operate.

Looking forward for robotic psychologists. As some conspiracy theorists who watched too often "Terminator" movies, maybe the sixth industrial revolution could turn into the sixth extinction.

If you want to manage society or even just a business within a data-centric society, you have to consider, as I keep writing, a different Weltanschauung- going systemic is not a walk in the park.

Moreover, it is not a solo flight.

Lesson number one that I learned when working systemically the first few times?

You have to listen before you talk. And no IQ can help you in skipping "minutiae" that are actually structural and not perceived from outside.

I saw that first in sales and politics while still in high school, then when in the Army and having, for my "batteria specialisti", to help prepare what was needed to bring them to training exercise locations.

So, if in politics I had to help organize an event that included renting a bus (or two or three), help reserve a square to be authorized to have an event there, no amount of "understanding" could replace...

... well, knowing that each bus could carry X people and require a stop after Y kilometers to refuel, how many square meters had each square, and which one to select according to how many people you expected, and which perception you wanted to give.

The same applied for similar logistical details for a training exercise requiring a trip by ferry, and what implied if you suddenly had less than 50% of the usual staff to rotate daily services on for a week, etc.

Minutiae, it seems- but, frankly, helped to build an instinct when, in business, I had then to organize training schedules, training sessions, consider what was needed, organize my own travel schedule to optimize the number of projects I was able to follow in pre-mobile phone times and I had to go around the country, but there was no limitation on the plane or train cost- only time was critical.

If you want to be able to connect the dots systemically, even unknown dots, you have to constantly expand your connection of dots- directly and indirectly.

Now, read the latest few paragraphs: are all about data- and constraints.

I used routinely to talk about "degrees of freedom" and "finding the weakest point" (which, usually, are just two sides of "constraints"- the former external, the latter internal, also if sometimes is the other way around: depends on your role and "balance of power").

Of systems and components: constraints

In a "systemic" approach, each component carries its own set of constraints and capabilities, and you have to combine those elements across to see what you can get.

And maybe, moving from "components" to "system", you do not get what you expect.

I know that many repeat "achieve more than the sum of the components"- but, in some cases, you have also to consider that strengths within a component can exacerbate weaknesses in another one.

Just consider what happened in WWII (sorry for another war-related example, but it is where, in the XX century, we learned what "fast logistics" implies).

At the beginning of this article quoted, as tongue-in-cheek, "A Bridge Too Far"- but there are many other cases.

To use another example: we all saw epic scenes of the Normandy landings.

What movies did not show was the issue of provisioning those soldiers: if WWI was the first "industrial war", WWII, with its speed and technology, was the first "mass-production and logistics war".

Actually, we had to learn a lot: it is not so easy to shuttle around tens of thousands of different "components" (from spare parts, to the more humble but much needed socks.

Moreover, if it has all to happen when progression was too fast, and clothing, food, fuel, ammunition were (temporarily) scarce.

Now, with data, usually the discussion is about the four dimensions, the four "Vs" of data, but I prefer this list:
Volume, Velocity, Variety, Veracity, Value.

I liked the addition by the authors of the fifth one (which I concur with, as I wrote few years ago in a book on data that you can read online for free): if you do not consider the value that data can provide as a differentiator in what, anyway, is going to be a selective affair, you are applying the wrong set of biases in you "choice" of which data to consider.

As for the other four Vs: I prefer that order I used above- volume and velocity are usually critical decision points on defining the solutions able to use whatever data you choose, but then you have also to consider both the variety (e.g. if data can be better "business contextualized" by other data), and, last but not least, and often forgot- veracity.

Actually, this was also well before "big data": I remember in the 1990s a typical choice in retail on the level of granularity, i.e. detail, in data to be considered in reporting, and also going across all the five dimensions.

When I was delivering a training course covering the "project planning" element in the early 1990s, I said that we should go past the usual 5W+H (Why, what, who, when, where, how)- as the "how much" is equally relevant, and therefore talked about 5W+2H, and explained that delivery implies looking at speed, velocity, acceleration, direction in the use of budgets, not just a static point (such as "we did 80% of what as planned in 80% of the time).

Just because you ask your branches or your managers to provide on a weekly basis data, that does not imply that all of them will be able to, and that none of them will fail to resist to the temptation of being "creative" to avoid annoying calls to complete the data.

Value is often proven after the fact- and I am talking about something that was already true and practical in the 1980s, when in Decision Support Systems started adding "exogeneous" data (created outside the organization).

In the second article in that list at the top shared also a bit of something I am actually working on since 2015.

Building up on my prior experience working with financial controllers and in other business number crunching generally called "management reporting" (which, in my case, included also business models and forecasting, simulation, etc):
"As you probably know, I support integrated reporting, i.e. going past the mere adoption of Corporate Social Responsibility or Sustainability reporting- I think that, considering all the activities and products within their lifecycle, if we are to go "sustainable", we need to integrate into our number crunching also sustainability, as a structural element.

Otherwise, you could claim that your product or service is "the greenest on Earth"- just by ignoring what happens upstream in your supply chain (or downstream at the end of the product lifecycle).

Now, if companies, due to market demands, are to show how they rate on some criteria that are, per se, qualitative, how you convert the qualitative into quantitative matters.


Anyway, for this short series I will try to keep each one of the future articles as short as possible, shifting deeper discussions (and sharing associated data and ideas inspired by the data) to future publications.

To keep a long story short: yes, data are needed to "go smart": it is a matter of informed choices.

Making choices just on intuition might be fine if you are alone and what you do has impact on nobody else.

In a complex society, you should think also about impacts.

And the wider your potential impacts (e.g. because you are making choices not just for yourself, but for thousands or millions), the more your choices should involve all the "competencies" that might make your choice an informed choice.

Or a good approximation thereof.

There will always be an element of uncertainty- but there is a not-so-subtle difference between using incomplete information to make your choices (i.e. taking risks) and using no information, or letting your biases guide your choices.

The latter was well represented by Barbara Tuchman in her "The March of Folly", "the pursuit by governments of policies contrary to their own interests" (if you are unwilling or unable to read the whole book, you can find a summary on wikipedia, along with links to book reviews)."

Well, in that series, I was supposed to include also an article about the financial sector, but eventually decided to create a whole series on that.

I will not repeat what I shared within the articles listed at the top.

But could be useful to read at least the short story, set in 2022, that was closing the last article listed at the top.

Just few months later, many of the points that I discussed about the future are being converted into plans and forecasts.

By now, you probably understood that all the over 8,000 word so far had just one purpose: to contextualize the closing section, where I will summarize the main argument, without having you, the reader, to necessarily read all the other 310 articles currently available in this website.

It takes a (different regulatory) village

As you probably know, since October 2019 each Sunday I update a web app containing speeches, interviews, press conferences, blog posts, podcasts transcripts released by the European Central Bank- you can search (as in other parts of this website) by "tag cloud", i.e. the most frequent words (soon there will be other search options, whenever you see a "search").

I worked in banking between 1987 and 2007- I should say "also" in banking, as I was working in various industries at the same time.

My first project in banking was the release of a new general ledger: well, a good way to see across how a bank works- from the branches daily activities, to their overnight "synchronized swimming", to periodic reporting and operational activities in branches.

The same happened in my first project in automotive, in 1986, as it was a kind of COBOL-based "engine" to score suppliers and propose the automatic payment of their invoices: so, you had to consider a lot of elements, and get data across all the organization.

Both projects were my first exposure to what it means to look for "lifecycle of information" within a complex organization.

Then it was the logistics and transportation industries, then retail, then other industries as well.

What I observed, by working on similar yet different issues across few decades, was a gradual dissociation between the regulatory element, and business operations.

Regulations, in the 1980s as, in many cases, also in the 2010s, cover "vertical by industry" approaches.

In the 1980s-1990s, I saw also smaller companies turning into "multinationals".

Moreover, more of those companies "discovering" that they would be better off by using their own cashflow to improve their margins, or to sustain their own sales, maybe starting with their agents and distribution networks.

Sometimes, as reported in many books since the late 1980s, with a little bit too much "Sturm und Drang", with some excessive creative accounting cases such as those described in an old book, Smith's "Accounting for Growth", or a book on the insurance industry, describing some "flexibility" in the Lloyds market, Mantle's "For Whom The Bell Tolls", decades before Enron and Worldcom.

On the regulatory side, being at the same time working in Italy and abroad, and an insider in both banking and industries using their services, I was also able to see how regulations evolved, but were still nowhere close regulating across the "lifecycle of information".

As an example, in risk management the concept of "banking risk reporting" already in the 2000s expanded to "systemic risk"- e.g. in Italy including also non-banking entities that worked with financial data.

I was actually working in the 1990s on banking risk extension to the operational, not just the back-office, level, and in mid-2000s on a project extending to a non-banking entity the monthly compliance with the requirement to feed data into the national risk databank.

At the same time, I was seeing the other side, e.g. in retail, in few countries.

Now, also if you ignore that open-air, energy-guzzling Far West casino called "Bitcoin", the 2010s saw a continuous expansion of non-financial actors that operated with a level of pervasiveness way beyond what used, in the past, to be the "banking arm" of capital equipment (e.g. GE) and automotive manufacturing companies, or even the 2000s extension of the consumer credit side of large and small retail chains.

Instead, we saw pure operators starting with back-to-back, and then gradually creating their own "market".

Regulators' job has always been about "catching up"- but, in industry-based regulatory times, you were at least expected those within the industry to have a shared vested interest in making it working, and also violations were (and are) the target of fines, albeit never business termination.

Actually, when a business termination e.g. on the banking side, was the side-effect, generally it was really self-inflicted.

In our times, it is not so easy to identify who should regulate what, as technology allows business models to continuously evolve, and data can actually act as catalistys for unforeseen activities and services.

Do you remember the issues related with the internal currency of Second Life, the Linden, e.g. in 2008?

Well, that was nothing.

In the 2020s, with all our "smart cities" and "smart equipment", any car can become de facto e.g. a virtual bank branch moving across neighborhoods- you just need to add a printer, or even a 3D printer, and a mere car can become also a shop, or a "terminal" of bureaucracy producing official documents.

No offices needed anymore, just credentials and "commoditization" of components used to produce products and services (as, in the end, both the humble Laser printer and 3D priters are).

Now, as with energy and electric cars that will hold "storage" of energy, the same can happen with "convertible credits" for any equipment.

Personally, since the early 1990s experimented with many different virtual wallets in various countries, and also more recently with other forms of in-company credits (I only avoided Bitcoin, Ethereum, etc- my interest is only on the potential of Ethereum for smart contracts).

Our regulatory framework is still by industry, and still followed "by industry" logics: so, you have ISO standards for vehicles, soon there will be at least a BSI and then ISO standard on AI governance, then we have in Euroland plenty of regulations, standards on transactions, shared systems, plus all the Basel rules on risk.

A regulatory maze- imagine being a small company, or a start-up, ending up on the receiving end of various regulatory frameworks: until we will have AI able to deal with compliance and bureaucracy, the most innovative start-up could end up having to choose between being killed by regulation, or become a cog in a larger wheel better able to cope with complex and overlapping compliance requirements.

While not too long ago also the ECB said there ther was no e-currency in sights, since the beginning of 2021 the ECB has been routinely releasing not just "if" documents, but also "why", "how", etc.

In a data-centric society, probably at least "anything that flows" (energy, currency, data) should be considered a potential source of systemic risk.

And regulatory approaches should evolve accordingly.

Within the series on financial I will adopt this approach: and will actually look at finance insurance banking in terms of processes, not industries, processes to be integrated in other industries, products, services.

As I wrote in the title of this section, we need to consider a different "regulatory village".

I selected that title on purpose: we do not need a new regulator, or a regulator of regulators.

The village paradigm can be extended- but I think that this introduction could be better expanded within the first article of the new series.

That will start with this same section title, and will touch not just organizations, but also technologies.

Incidentally, a service announce: from May, I started to shift my focus.

My articles and references to Italy will continue, but I will limit discussion of Italian affairs to three "workstreams":
_my news reviews (mainly early in the morning) on Facebook and Linkedin
_articles here about the NextGenerationEU and its Italian sibling PNRR, as soon as the plans will be confirmed in Brussels
_articles here about the administrative elections, that will start as soon as candidates will have been selected.


... stay tuned.