The Bottleneck Nobody Talks About
Here is a pattern I have seen repeatedly across the companies I advise: the board wants to own data governance. They set up committees, create approval workflows, and build centralised policies that look impressive on paper. Then six months later, teams are still waiting for permission to run basic experiments.
I ran 2Stallions across four countries with over 40 people. If every data decision had to travel up to a board or a central committee and back down again, we would have moved at half the speed. In a business where client campaigns shift week to week, that kind of delay is not just inconvenient — it is genuinely damaging.
Centralised data governance feels responsible. In practice, it is often the single biggest obstacle to becoming a data-driven organisation.
Why Boards Default to Centralisation
It is understandable. Data carries risk — privacy regulations, security exposure, reputational damage if something leaks. When boards look at that risk profile, their instinct is to pull decision-making authority upward, closer to themselves.
The problem is that boards meet quarterly. Sometimes monthly. They are the furthest people from the day-to-day reality of how data is actually collected, processed, and used. Asking them to govern data decisions is like asking your CFO to approve every ad creative before it goes live. The intent is control. The result is paralysis.
I have watched this play out at startups and mid-size companies alike. A marketing team wants to integrate a new analytics tool. An ops team needs to restructure how customer data flows between systems. These are not bet-the-company moves. But they sit in a queue because the governance framework routes everything to the same overloaded committee.
The Two-Pizza Principle Applied to Data
Amazon’s Two-Pizza Team concept — if a team needs more than two pizzas to feed, it is too big — is usually applied to product development. But it is equally powerful for data governance.
The people closest to the customer should be making the data decisions that affect how they serve that customer. A regional sales team in Jakarta understands the data they need to close deals in Southeast Asia far better than a governance board sitting in a London headquarters.
This does not mean chaos. It means structured decentralisation. You push authority down but you set clear boundaries for how that authority works.
Here is the mental model I use when advising companies on this.
The One-Way Door Test
Not all data decisions carry the same weight. The mistake most governance frameworks make is treating them all identically.
Think of decisions as falling into two categories:
One-way doors are irreversible or extremely costly to reverse. Choosing your core data platform. Signing a contract that locks you into a specific vendor for three years. Deciding what customer data to delete permanently. These deserve board-level scrutiny and careful deliberation.
Two-way doors are reversible. Testing a new dashboard tool. Adjusting how you segment customer data for a campaign. Adding a tracking parameter to your website. If it does not work, you roll it back. No lasting damage.
The overwhelming majority of data decisions in any company are two-way doors. Yet most governance frameworks process them as if they are all one-way, which is where the bottleneck forms.
When I ran my own teams, the rule was simple. If a decision is reversible and the downside is limited, the team makes the call and documents what they did. If a decision is irreversible or has significant financial or legal exposure, it escalates. That single filter eliminated probably 80 percent of unnecessary approvals.
Governance by Enabling, Not Controlling
The shift in mindset is fundamental. Your governance framework should exist to make teams faster, not to slow them down.
What does that look like in practice?
Provide tools, not approval queues. Instead of requiring teams to submit requests for data access, give them self-service platforms with built-in guardrails. If the data has privacy constraints, bake those constraints into the platform itself so teams can move freely within safe boundaries.
Set standards, not permissions. Define how data should be labelled, stored, and documented. Then trust teams to follow those standards. Audit after the fact rather than gatekeeping before.
Invest in literacy. Most data governance problems are not malicious. They come from people not understanding what they should and should not do with data. Training your teams costs far less than building an approval bureaucracy, and it scales better.
I have seen this approach work particularly well in companies operating across multiple markets. When you have teams in Singapore, India, Australia, and the Philippines — each dealing with different regulatory environments and customer expectations — centralised governance becomes not just slow but genuinely impractical. The team on the ground needs the authority to act within a clear framework, not to wait for a committee that lacks their context.
What Boards Should Actually Track
If boards should not be making individual data decisions, what should they be doing? Their role shifts from gatekeeper to oversight. That means tracking the right metrics to ensure the decentralised system is healthy.
Data quality scores. Are teams maintaining clean, accurate, well-documented data? This tells you whether your standards are working without you needing to approve every action.
Adoption rates. Are teams actually using the data tools and platforms available to them? Low adoption is a signal that something is broken — either the tools, the training, or the culture.
Time-to-insight. How long does it take a team to go from asking a question to having an answer? If this number is growing, your governance framework is likely creating friction rather than reducing it.
Incident frequency. How often do data-related issues occur — breaches, quality failures, compliance problems? This is your lagging indicator of whether decentralised decision-making is working responsibly.
These metrics give boards genuine visibility into data health without requiring them to be involved in every decision. You want a board that can see the forest. Not one that is trying to inspect every tree.
Start With One Team
If your organisation currently runs centralised data governance and this resonates, do not try to overhaul everything at once.
Pick one team. Ideally one that is already mature in how they handle data. Give them explicit authority to make their own two-way-door data decisions within a clear set of standards. Track the metrics above for a quarter. Compare their speed and output to teams still operating under the old model.
In my experience, the results speak for themselves. Teams that own their data decisions move faster, experiment more, and build a genuine culture of data literacy — because the stakes of learning are real, not theoretical.
The board’s job is not to make data decisions. It is to build an organisation where good data decisions happen naturally, at speed, by the people who have the most context.
That is the difference between governance that controls and governance that enables. And in a competitive market, that difference compounds fast.
