The Next 12 Months Will Be All About Data and How We Use It
Ethics and compliance don’t necessarily feel like technology-driven disciplines, but in recent years, that is very much what they have become. From due diligence validation, to artificial intelligence and machine learning, to program automation and more, the technology in this space has become an increasingly important aspect of the state of the art. But as we look to where 2022 may yet take us, the importance of data analytics cannot be overstated in its power to transform compliance programs, drive efficiency, and build better companies.
If doubt remained among ethics and compliance leaders about the role data analytics must play in their evolving programs at the start of the year, the past 12 months have left little room for uncertainty.
As anyone with interest in the topic will know, data analytics and automation provides a significant opportunity for compliance, audit and investigation teams to modernize the mechanisms they use to identify compliance risks, such as fraud and corruption. By utilizing the data that is already being collected, it’s possible to anticipate areas of risk and identify, in granular detail, insights relating to potential wrongdoing.
Aside from the obvious benefits organizations can realize from investment in a data-driven program, a steady wave of pronouncements from governmental, regulatory and enforcement bodies during the past year have highlighted the growing external imperative for companies to get on board with data analytics.
With that in mind, here are six trends ethics and compliance leaders can expect to see within the data analytics space in the year ahead.
Trend 1: Data Analytics Moves Towards the Mainstream
The DOJ’s updated guidance, in June 2020, set the tone for organizations to get serious about measuring the effectiveness of their programs in practice with real-world data.
Then, towards the end of last year, the DOJ and SEC both signaled a shift towards a more aggressive enforcement stance that takes account of an organization’s compliance track-record, culture, and investment in its program.
In closing out 2021, the White House then unveiled its anti- corruption strategy, buried within which was a commitment to “enhance…data collection, and analysis”.
This growing regulatory and governmental focus on data, and the role it must play in combating corruption, is one reason why we can expect to see growing interest in data analytics at the Board and C-suites levels.
Trend 2: Increased Emphasis on Due Diligence Validation
Conducting due diligence and enhanced due diligence on third parties and vendors is an essential and well-established component of an effective compliance program.
But what happens after a third party has passed their initial screen and enhanced due diligence checks? Are third-party engagements being continually assessed to ensure payments, discounts and rebates do not raise new red flags and that new engagements or changing scopes of work reflect the criteria upon which the original approval was given?
The existence of an initial onboarding process is no longer a satisfactory defense in cases where third-party relationships have resulted in illicit behavior. The DOJ’s expectation that organizations will use their data to identify the risks present within their third-party ecosystem on an ongoing basis means that more organizations will increasingly find it necessary to develop continuous monitoring strategies driven by data analytics technology. Such monitoring should focus on the wide range of risks in the organization’s third party ecosystem, which might include vendor payments as well as distributor rebates, commissions, and free goods.
Trend 3: Demystification of Artificial Intelligence and Machine Learning to Predict Risk
With data analytics in compliance still a relatively new area, the depth and breadth of expertise within the industry remains limited. Yet as interest in the discipline has grown, artificial intelligence (AI) and machine learning have taken up an outsized share of the discussion – especially among audiences still getting to grips with the topic’s fundamentals.
In fact, the building blocks of using machine learning and AI for risk management usually involve the engineering of “features” indicative of risk, using logic or baseline analytical methods. These features convert real-life rules into data points that are useful – individually or in an aggregated score – to risk professionals. It is their job to expertly evaluate, process and draw conclusions based upon the data.
While there is value in targeted use of machine learning, the excitement around transformative algorithms that will solve risk is little more than hype, in the short-term at least. However, risk groups utilizing data and analytics infused with a variety of risk perspectives will continue to generate tremendous value to their organizations.
Trend 4: Use of Data Analytics in Investigations
Modern investigations require the collection and evaluation of data, often in huge quantities, from various and disparate sources. Without an easy and consistent way to collate, structure and interpret that data, its potential to inform and shape an investigation is hindered.
In the year ahead, we expect investigation teams to increasingly adopt data analytics tools to support their work. In doing so they will be able to access relevant data more quickly, scope their investigation rapidly, and continuously monitor a subject during and after an investigation.
From an outcomes perspective, investigations supported by data analytics result in a more effective risk management approach and speed the pace of internal investigations – a win-win for the investigation team, the business leadership and the organization overall. Perhaps more importantly in light of recent regulatory pronouncements focused on the entirety of an organization’s history of wrongdoing, it will also help organizations identify and resolve matters before they become widespread.
Trend 5: Data-Driven E&C Resourcing
As we move towards a more data-driven future, those insights provided by data analytics will help ethics and compliance teams – as well as audit, investigations, etc. – better utilize their time to focus on high-value activity. For example, we have already seen how internal teams can use data analytics to isolate anomalous company transactions, detect patterns of fraud, and inform audit processes.
These analytics can then allow compliance teams to more easily pinpoint countries, business units or even teams that require additional training or proactive reviews and areas of policy or controls that may need enhancement or clarification.
With an expanding collection of compliance risks landing with increasingly overstretched internal teams, technology and automation will be required to bridge the gap. Longer term, data analytics will unlock greater efficiencies in how risk teams function and may lead to restructuring of those teams. For example, monitoring and auditing teams might merge or work more closely together to minimize overlap.
In addition, traditional internal audit practices of in-country audits using sample transaction testing might eventually be replaced by remote continuous monitoring in the first instance with in-country audit focused more on controls testing, third- party audits and more high-value audit work.
Up until recently, data analytics in compliance has been the preserve of a few very large companies who often put such programs into place while under a government investigation – and with large budgets at their disposal.
Now, the use of data analytics is moving into the mainstream. It is increasingly democratized and accessible to companies of any size, meaning adoption is bound to accelerate in 2022. These advances will allow compliance, audit and investigations teams to target their efforts while escalating issues on a more real- time basis before they become systemic, making them far more efficient in their work.
Risk management around third parties in particular will become more effective too, with ongoing transactional monitoring becoming the norm for more companies, while the use of AI and machine learning will finally be something that starts to move from theory to practice.
The coming year looks to be transformational for many compliance programs as they embrace and adopt the possibilities of data analytics. We remain excited to see where the journey takes us all.
About the Author
Parth Chanda is the CEO and Founder of Lextegrity. Over the past nearly 20 years, Parth has established himself as a leader in the field of anti-corruption and financial crimes compliance. Beginning his career with a fellowship in 2002 in the World Bank’s internal investigations group, Parth has been at the vanguard of enterprise efforts to combat bribery and fraud.
Prior to Lextegrity, Parth served as the lead counsel for Pfizer’s global anti-corruption program office for five years. In that role, he navigated its FCPA deferred prosecution agreement while overseeing a multi-year transformation of its anti-corruption program, from redesign of procedures and third-party due diligence processes, to financial systems integration, risk assessment and fraud analytics.
Prior to Pfizer, Parth was hired to oversee the enhancement of Avon’s global anti-corruption compliance program after its voluntary disclosure of FCPA matters to U.S. authorities.
Parth began his career at the law firm of Shearman & Sterling, where he served on two FCPA monitorship teams, led multi-country FCPA investigations, and was Contributing Editor of its FCPA Digest.
Parth has a JD from Harvard Law School, an MPA from the Kennedy School of Government and a BA from Northwestern University.