Rethinking records management for a hybrid world

With hybrid working models now the default operating model for over 80% of global enterprises, the issue of how to manage records, whether physical or digital, comes to the fore within regulatory compliance and operational strategy. The challenge goes beyond storage, to encompass issues of governance, accessibility and data sovereignty. In sectors like banking, pharmaceuticals or healthcare, where documents are often relied on as legal proof of transactions, the issues of auditability and regulatory compliance are paramount.

At the same time, the shift to digitalisation has exposed a paradox: that while collaboration and communication tools have migrated to the cloud fairly easily, records management remains much more complex. Enterprise recognition that digitisation alone does not guarantee compliance, security or data governance, but rather that access controls, audit trails for each set of data and integration between paper and digital repositories is necessary.

In this conversation with Dataquest, Antony Anand, Head of Digital – Asia at Crown Information Management, examines how enterprises are evolving their information management strategy to fit all the requirements of a hybrid working environment. He gives his thoughts on the issues of accessibility and compliance, integrating automation and AI into Data Governance framework, and the future of intelligent records and digital information management in highly regulated sectors.

In today’s compliance-heavy and hybrid work landscape, how are enterprises rethinking the way they manage both physical and digital records?

With hybrid workplaces rising, it is no longer a novelty. They have now evolved into a default operating model. This has led organisations to understand that flexibility supports employee expectations while also providing resilience. Regardless of whether it’s a natural disaster, a city-wide shutdown, or when teams simply need to collaborate from different locations.  

However, the challenges that come with this shift can be harder to navigate, especially when it comes to managing records. Records often prove a business transaction has taken place. And when it comes to regulated industries like pharmaceuticals, healthcare, and banking, compliance around these is often non-negotiable. This leads to organisations rethinking how their employees could access both physical and digital records in a secure and compliant manner.  

Collaboration tools can easily be moved to the cloud. However, enterprises have slowly realised that it isn’t the case with records management, which requires a deeper strategy. It's not so much about simply digitising documents, but more about providing role-based access securely, compliance, and auditability, no matter where employees are working. That also raises the issue of having to establish clear access procedures and attributing record sensitivity in a work-from-home setup.

The physical aspect is no easier; confidential records cannot simply be couriered or casually shared outside controlled environments. That is where alternatives such as scan-on-demand and secure digital document management become important. At Crown, we assist organisations navigate this balance by making information accessible and maintaining compliance and data sensitivity in the process. We want to ensure that records management works for a hybrid world without any compromises.

How does Crown Information Management ensure seamless integration of physical and digital records to support security, accessibility, and compliance at scale?

The compliance-driven world today implies that scale is not just about keeping volumes of records under control—it is equally about speed, consistency, and governance strength. For Crown, we realise that in regulated industries such as pharma, BFSI, and healthcare, physical documents still have a vital role to play.  Most of them are often legally enforceable, physically signed documents that must be kept in their original format for years, even as business processes shift toward faster, distributed, and more digital operations.

But that's where our integrated solution fills in the gap. We help organisations sift through which records are critical, compliance-sensitive, or frequently accessed and then selectively digitise those using structured programs. These versions are then stored in our secure management platform, EffiDocX. These are searchable through metadata, OCR, and within role-based controls.

Finally, our customer portal, Astra, brings it all together. The portal allows enterprises to access the digital and physical records through a unified search interface, regardless of whether it is in a Crown record centre or have been digitised. One can discover, request, and audit these records through a single sign-on and full integration with EffiDocX.

If a document hasn’t been digitised yet, the scan-on-demand feature on Astra will then kick in. With a single click, customers can order a document, and we digitise it and send it to them securely, wherever the user may be. With this hybrid strategy, we are ensuring accessibility is optimised for real-time demands and security and compliance are never compromised.

EffiDocX and Crown Astra represent a significant shift toward intelligent information platforms. Could you elaborate on how these tools are enhancing operational agility and governance for enterprises?

EffiDocX and Astra are the embodiments of a modern information governance strategy. While the former acts as a secure vault built for structured storage, compliance workflows, and permission controls, the latter adds agility to this mix. Auditors, decision-makers, and employees don’t have to question whether a document is digital or physical with Astra. All they have to do is search. With Generative AI, users can now search, summarise, and extract key insights from their digitised documents on EffiDocX. With this, information retrieval is now faster, smarter, and context-aware.

On the other hand, Astra's analytics engine pulls insights and learns from the usage patterns. For example, if a user is repeatedly accessing a particular physical box over a few weeks, proactively recommend digitisation as a compliance-friendly and efficiency-driven option. This eliminates the risk of physical handling altogether, accelerating any subsequent access.

Astra also enables time-bound, secure, read-only access to third parties like auditors or regulators. This is automatically revoked or withdrawn with a single click as soon as the purpose is served, which means no sensitive information can be accessed beyond its intended use. It also shows organisations a comparison with their peers through aggregated industry insights. It could either calculate how mature their records management is, or how many retrievals have been completely digitised. Not only does this instill confidence in organisations, but it also takes away all the guesswork.

Crown platforms do more than just manage information; they enforce operational agility with built-in governance. This, in turn, enables faster actions, safer collaborations, and smarter decisions.

 With CKYC automation processing over 40 million records, what key technologies or processes power such scale and accuracy, especially in a sector like BFSI?

More than a document activity, CKYC is a regulated business process that must be implemented promptly after every new customer onboards in BFSI. Crown’s CKYC automation engine is built to handle this at scale using digital, hybrid, and paper-based onboarding channels.

Keeping CERSAI’s stringent standards in mind, we have combined a human-in-the-loop (HITL) layer with machine learning models for document validation, redaction (e.g., Aadhaar masking), photo dimension checks, and data transformation. Our platform ensures accurate, compliant submissions within turnaround times by referring to both digital and physical sources. With this, our clients can meet audit expectations and reduce NPA risks with confidence. Crown has processed over 40 million CKYC records with high accuracy, reliability, and speed due to this blend of automation and human oversight.

As demand for SaaS and IP protection grows, how are your Software Escrow Services helping clients ensure business continuity and data security?

Business operations are spread across digital, physical, and hybrid layers in today’s “Phygital” era. This has also led to software becoming the new strategic “M” alongside machine, material, money, and man. Software has become indispensable, not just as part of core operations but also as the backbone of customer journeys and enterprise resilience. But this brings on another challenge: what happens if the service provider fails to support the product?

Crown's escrow services can take care of that. In line with the RBI's 2024 Master Direction mandating software escrow for regular entities, our compliant, secure, and structured platform protects deployment assets, documentation, and source code. If there happens to be a vendor failure, our clients can access the assets required to maintain uninterrupted business continuity through our services.

Crown brings 60 years of legacy in safeguarding priceless art, high-value records, or personal belongings. Taking that forward, our software escrow offering gives clients the confidence that their digital backbone is protected by blending transparency, technology, and trust.

What are some of the common regulatory or data governance challenges faced by global clients, and how does Crown help them navigate country-specific mandates?

Global businesses often seem to operate in a harmonised way at first glance. Due to the rise of IT across industries, they all have unified platforms, standardised processes, and increasingly similar compliance frameworks. Moreover, we are moving toward global standardisation in digital governance regardless of whether it’s data privacy policies, e-invoicing, or contract lifecycle.

Country-specific data regulations, like data residency mandates and cross-border transfer restrictions, or personal data protection laws, can be challenging for organisations operating across multiple geographies.

With every digital solution Crown delivers, we take a country-aware approach. We always ensure compliance is built in from the start, regardless of designing support models that operate across time zones without breaching data boundaries, or implementing in-country data hosting through our partnerships with providers like AWS.

By embedding audit trails, encryption standards, and role-based access controls into our platforms like EffiDocX and Astra, our clients maintain operational efficiency while meeting stringent governance requirements. We guarantee local laws are upheld and data sovereignty is respected while delivering services efficiently from India with full compliance safeguards.

Crown continuously adapts services and stays current with evolving mandates, enabling clients to scale across borders without compromising on data governance or regulatory compliance.

Looking ahead, how do you see AI and automation shaping the future of records and information management—and how is Crown preparing for that future?

Turning information into intelligence will soon be the future of information and records management. With automation and AI, document management has now become an active participant in business workflows. As per Crown, this evolution will take place across three core areas: document processing, document creation, and information discovery. Reimagined as a full-scope, AI-native ECM platform, EffiDocX integrates agentic workflows and Generative AI into everyday business processes.

While we currently use AI agents for generating documents like onboarding forms, contracts, and offer letters, this will soon change. Within EffiDocX, AI agents will be able to autonomously create documents based on prompt-based instructions, policies, and business context. This will help improve consistency and reduce manual effort.

Things will change on the processing side as well. Tasks that follow a linear workflow, automation like approval, validation, and invoice intake, will eventually be handled by intelligent agents. They will ensure compliance and full audit trails by routing, cross-checking, reading, and recommending actions without user intervention.

Users often relied on keywords or metadata while searching for information. However, that is gradually transforming too. With EffiDocX, users can enable conversational, contextual search. For instance, a manager could ask something as simple as: “I’m considering promoting someone. Can you find records to support this?” The system will then scan unstructured and structured data, pull relevant performance summaries to present decision-ready insights.

We’re now entering the agentic records management era, where, instead of just sitting in repositories, documents now act, assist, and respond as well. Building on this, we continue to stay grounded in compliance, data sovereignty, encryption, and secure governance. Crown isn’t just preparing for the future; we’re engineering it into every layer of our platform.