I always enjoyed the assumption underlying economic models – assuming people are rational actors, then . . . Sometime people do not act rationally, and sometimes people react out of fear or make unrealistic assumptions.
The compliance profession faces many challenges including unrealistic or unfounded assumptions. In many cases, compliance professionals have to reassure their constituencies about the specific implications of a compliance function, initiative or strategy.
Compliance has some significant hurdles to overcome as the profession grows and its influence increases in the corporate governance landscape.
The future of compliance will depend on technology. That is not a controversial statement..
Three areas in particular are ripe for technological advances.
First, and most significant, is the need for companies to embrace automation for managing third-party risk. Companies have been inundated by vendors with white papers, webinars and information needed to demonstrate the real and tangible benefits of automated third-party solutions. Despite these evident benefits, surveys continue to show that less than 50 percent of responding companies have implemented an automated solution for third-party risk management.
Second, chief compliance officers need to embrace data analytics as a valuable tool to measure and monitor the performance of their compliance programs. CCOs have to recognize that their own credibility and utility to an organization has to be demonstrated through tangible metrics. Feel good statements about corporate culture and overall compliance performance cannot substitute for accurate measurement and reporting of such data.
CCOs are not data professionals but they need to learn how to design data collection and analysis programs. CCOs should start small in this area by developing projects that demonstrate the benefits of data collection and analysis. For example, culture surveys are an important first step in understanding a company’s mood. A targeted survey in a high risk area would be a good starting point. From this baseline, a CCO could then develop other measures to influence culture and performance, such as reporting of violations, focused communications, interviews and focus groups, and other measures designed to improve the company’s culture in a specific operation or area.
Based on these efforts, the CCO can then follow-up to examine data such as employee turnover, reporting levels, follow-up survey results, and other possible indicators of improved culture. In other words, a CCO should design a test initiative and measure for results to identify and measure a company’s culture, strategies to improve the culture and measurements of results.
All of this sounds like a lot of work but such an initiative can have big results – it can help the CCO to target resources, collect and analyze data, and gain insights into strategies that work. Building on this model, there are many other areas where such focused initiatives can work as well – third-party risk management, training, and gifts and hospitality expenditures.
Finally, when it comes to technology, CCOs have to monitor and examine blockchain technology developments. The promise of blockchain is significant and applicable to all aspects of compliance. Blockchain technology is not yet widely accepted and cost-effective but is rapidly developing into a real solution for numerous compliance functions, including supply chain management, third party due diligence, and financial operations.
These are only a few of the more significant technological solutions available for compliance. More solutions are on the horizon and CCOs have to embrace such solutions or the profession will be left behind.
This article was originally published in Corruption, Crime & Compliance. It is reposted here with permission.