|The shift toward data-driven corporate compliance programs has a new accelerant: the U.S. government. Companies are scrambling to figure out how to meet the latest expectations. In June, the U.S. Justice Department instructed its prosecutors to ask companies that come under investigation whether their compliance teams (1) have adequate access to relevant data, and (2) whether such data is being used to monitor for risks, and to test policies and procedures.|
This push incentivizes compliance and risk staff to gain access to financial and operational data, and to adopt new technology solutions so as to better screen for risks before they erupt into crises.
Businesses have long used data to drive decision-making in other areas of the enterprise, but adoption of analytics tools in the risk and compliance space has been slow in part due to budget constraints, a lack of one-size-fits-all 3rd-party solutions, and a mindset of acceptance regarding current capabilities, despite persistent and costly risk management failures.
Consider: last year, a Microsoft subsidiary in Hungary agreed to pay $25 million after probes by the U.S. Justice Department and Securities and Exchange Commission found that it had used discounts on software licenses to fund bribes for foreign officials. During the investigations, the company began building a cutting-edge compliance analytics system that allows them to flag risky deals.
Not every company has the resources, technological know-how, or the desire to build an in-house system with the same scope, but all organizations must take a closer look at their compliance programs and data to meet expectations. In every industry, and perhaps most importantly the financial sector, firms should work collectively to agreed metrics that serve to forecast the likelihood of risk management failures, allowing for horizontal industry review.