An Interview with Patrick Quinlan of Convercent
Interview by Ethisphere
Ethisphere recently spoke with Patrick Quinlan, CEO of Denver-based Convercent, to talk about technology, governance, and the entrepreneurial side of the GRC industry.
Can you talk about how the idea, and ultimately the company, of Convercent came about? What inspired you to get involved in a compliance technology company?
PQ: The compliance industry is, in many ways, still evolving and companies are still trying to get their arms around the huge amount of changes in the regulatory landscape over the past 20 years. My partners [at Nebbiolo Ventures] and I saw a need for a fully integrated, turnkey solution to automate the execution and reporting around compliance. Business Controls, a hotline provider that had accumulated 300 loyal customers over 15 successful years, provided the foundation for Convercent. We leveraged the customer base and industry acumen of Business Controls, but launched an entirely new solution to the market in January 2013.
Compliance, governance and ethics are categories that are quickly maturing, really becoming a unique industry. What trends were you seeing that inspired Convercent to come about? What changes or trends have you seen over the past two years in the GRC space?
PQ: Well, I think I’ll start by saying “maturing” is a relative term as there’s still a bit of work to be done. Even today, we constantly hear from companies of all shapes and sizes that are still managing their compliance program data in excel sheets and where functions of the compliance program are operating independently of one another—creating a huge disparity of data. This makes monitoring, assessing and benchmarking a program inefficient at best. We really want to empower our customers to take a holistic, closed loop approach to compliance, ensuring they’re addressing their key risk areas from the policy drafting through the program assessment.
In terms of trends, though we’re certainly seeing more understanding of and interest in compliance issues outside of the compliance office, there’s still the challenge of trying to do more with limited resources, staff and budget. That’s really where Convercent came from: The idea that there should be a solution that centralized and automated end-to-end compliance program management, monitoring and assessment.
What are some of the challenges you are seeing compliance officers/general counsel face today? What are some of the challenges or particular areas of risk that you foresee compliance officers/GCs dealing with in 2 – 3 years?
PQ: I see two distinct challenges for compliance officers today. First, they’re wrestling with how to operationalize compliance. That is, how do you weave compliance into job instructions so that it becomes habitual—instead of being codified in an instruction manual?
Next, I think there’s a desire to become leaner and meaner in the compliance function. To what extent can resources and data be automated and centralized to maximize the efficiency and spend of the compliance office? And how can emerging technology provide critical insight into trends and issues across key risk areas in a faster and easier way than compiling data manually?
Functionally, I think we can continue to expect close attention being paid to third party management, anticorruption, whistleblowing (and nonretaliation) and corporate governance. There’s enough momentum, noise and recent case law to put and keep these at the top of compliance officers’ minds for the foreseeable future.
What is the role of technology today in creating an effective, robust global compliance program? What are some of the best practices in technologies or systems that compliance officers should be aware of as they enhance their own programs?
PQ: The important thing to remember at the end of the day for any technology is that it should both simplify and enable the work you’re doing. If you find that your job isn’t easier or that the work you’re doing isn’t enhanced by the technology you’re using, then what’s the point? The same applies here: Compliance technology should not only facilitate a more effective compliance program, but should do so while making the compliance office more efficient and responsive.
What are some of the most interesting tools that you’ve seen, or what are some of the most interesting tools Convercent offers, that will help compliance officers/GCs in their day to day?
PQ: I think compliance dashboards—the idea of ataglance reporting—is something that we sometimes take for granted in our software but that we’ve really seen resonate with chief compliance officers who have a million things to do in a day but want and need the high level data about their program’s performance available on demand. On the other side of the coin, we’ve had many customers that absolutely lose their minds (in a good way) over being able to simply hit “refresh” on their more granular reports to have the data instantly updated from their instance of Convercent and reflected in their spreadsheets and presentations to their executives and boards.
A number of the most successful GRC service firms are run by founder/CEOs it’s a fairly entrepreneurial industry. Would you agree with this? What is it about the industry that attracts this entrepreneur type? What kind of innovation are you seeing, and what kind of innovation do you expect to see in GRC offerings from these companies?
PQ: From an entrepreneurial perspective, the GRC space is an interesting one because this stuff isn’t going to go away—the regulatory environment requires that companies continue to view compliance as a business and brand issue. From a technological standpoint, frankly, innovation and advancement was pretty stagnant for some time. I think the market will naturally gravitate towards solutions that can deliver a robust, reliable, comprehensive and intuitive experience and I fully expect to see an increased demand for solutions that can meet these requirements in the future.
Talk a bit about where Convercent is headed over the next couple years.
PQ: Something to bear in mind is that, like the compliance officer role itself, compliance solutions are still maturing. At Convercent we fully own and embrace the fact that we don’t know everything all the time. But that’s where customer relationships come in: We count on our customers to tell us what they need to be more effective in their jobs. By keeping those lines of communication wide open, and being a trusted resource and advocate for our customers, we take so many of the cues for our next steps from them.
At the highest level, we’ll continue to build on the capability to integrate, monitor and report on the key functions of a program and continue to enforce the concept of a holistic approach to managing and addressing key risks.
Functionally, I think we’ll have to stay in step with the rigorous demands of the landscape and help our customers adapt to the curveballs. So things like third party compliance, the evolving regulations on whistleblowers, concerns about data privacy and others are ones we’re likely to account for in future product iterations.
What are you most hopeful about?
PQ: I don’t think compliance technology and inefficiencies are unsolvable issues—not by a long shot. There’s a ton of room to scale and increase the efficiency of managing a compliance program, and we’re excited to help advance that dialogue.
What keeps you up at night?
PQ: Managing the intersection of three critical stakeholders: 1) Our team at Convercent and making sure we are driven by our values and culture, not shortterm gains or pure financial goals; 2) Our incredible investors who have funded our dream of bringing worldclass technology to compliance teams around the globe; and 3) Our customers and clients who are the reason that our culture and investors exist. How do ensure that we always meet and exceed their expectations? It’s aligning these key three groups and steering them all toward a common goal of empowering compliance program efficiency and effectiveness with a worldclass compliance software solution that keeps me up.
Finally, we have to ask one of our favorite questions: What was the worst job you ever had and why?
PQ: Selling home security door to door. It was horrible, worse then anything you can imagine. The product cost $30 per month—a dollar a day. Our script was to ask how many kids the homeowner had and then divide by a dollar by that number to help make the sale. Imagine this:
Me: “Sir, how many wonderful kids do you have?”
“Three—two boys and one girl.”
Me: “So for just 30 cents per child per day you can protect them against…”
Again, horrible.
Author Biography
Patrick Quinlan is the CEO of Convercent. Most recently Patrick served as CEO of Rivet Software, which in two years he took from $240,000 to $12 million in quarterly revenue–an increase that earned the company #60 overall placement on the 2011 Inc. 500 List, and #6 among software companies. A founding partner of Nebbiolo Ventures alongside Barclay Friesen and Philip Winterburn, he has also been the CEO of ServiceSelect and Delta Translation which was successfully sold to LFI in 1999.