Data Analytics and the Future of Compliance

April 16, 2020by Matt Kelly

Subscribe to the Smarsh Blog Digest

Subscribe to receive a weekly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

A lifetime ago — the end of February, to be exact — I spoke to a group of law students in New York about careers in compliance, and the competencies they’ll need if they want to thrive in that profession.

My message to them was that skill in data analytics would be crucial to running compliance and risk management programs in the future. That message is still true today.

I just didn’t appreciate how COVID-19 would make that message so true, so quickly.

Risks Beyond Regulatory Compliance

Today compliance officers and their teams are scattered around the world, working at home or in remote offices. CCOs need to rely on systems, reports, and analysis more than ever before because lord only knows when you’ll be able to make a trip to resolve difficult issues in person.

Moreover, companies’ risks have changed, sometimes dramatically. Their business processes have changed, sometimes dramatically. Our slow evolution to a data analytics world has become more like a mad scramble, as even our basic assumptions about risk, policy and procedure have been tested like never before.

That is, COVID-19 is driving up the importance of reaching the best decisions possible about risk, even beyond the importance of achieving regulatory compliance. Because what will a slavish devotion to regulatory compliance bring you, if those policies and procedures are predicated on risks now supplanted by COVID-19?

I’m not saying regulatory compliance is unimportant; it’s as important today as it ever was. But COVID-19 is bringing new risks to the modern enterprise. Your ability to analyze those risks in a disciplined, data-driven way could spell the difference between corporate survival or failure.

So achieving strong data analytics capability is suddenly crucial.

How COVID-19 is Challenging Corporate Compliance

A compliance officer at a wealth management firm told me the other day that since COVID-19 swept the world and spun the markets into turmoil, financial advisers have been hounding him for permission to lend more money to clients, so they can invest in the market. (Under the theory that the clients can buy assets at fire-sale prices now, and make a killing on the market rebound later.)

In just about all cases, those financial advisers are obeying the firm’s policies and procedures for documentation: the client’s assets, liabilities, net worth, income, years until retirement and so forth.

So the compliance obligations are being met — but that’s not enough comfort to the CCO, who still needs to understand whether extending a loan to the client is truly wise. Sure, the client might be high net worth; but if that client operates a tourist site, or hotel, or restaurant, would you be eager to loan that person more money today?

That’s how COVID-19 is challenging corporate compliance today. Compliance with policy and procedure only guides your enterprise to follow certain behaviors. But when the assumptions behind those behaviors change, your risk analysis needs to be better, sharper and attuned to whatever new reality is being forced upon you.

Data Analytics and the Future of Compliance & Risk Management

As much as COVID-19 dominates our thinking today, we should also remember two points: data analytics was important before the pandemic, and it will remain important after our global ordeal finally goes away.

Corporate enterprises will still be large, complex, interconnected organizations that span the globe. They’ll still be wrapped in compliance obligations and surrounded by risk. Compliance functions will still be asked (ugh) to do more with less, and to do it more quickly.

On one hand, that’s good news: compliance officers will be able advise senior executives about the company’s risks, and that makes a strong compliance program more important to the strategic position of the enterprise. So as always, I’m still bullish that corporate compliance can be a long, lucrative career.

On the other hand, that also implies a strong commitment to technology as the foundation of your compliance and risk management strategy. To analyze data, you’ll need a single repository of data, with thoughtful and clear taxonomies that tag data correctly. You’ll need versatile reporting, to surface the right answers for whatever questions executives ask. You’ll need to embed automated data collection into policies and procedures across business operations, to reduce the chance of manual error.

In other words, compliance functions will need to do a lot, putting technology at the heart of their operations. That was true when I spoke to those law students in February. It’s true now. It will be true tomorrow.

That’s how we weather difficult times more effectively, such as the one we’re all enduring now.

Share this post!

Matt Kelly
Archiving and Compliance Blog

Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.

More Resources

hand with mobile apps featured img 600x320
Examination Tools Part 2: How Privilege Protections Can Be Waived
Read more
gavel keyboard judgement tablet blue featured img
Enforcement Implications: COVID-19 and Working from Home
Read more
lightbulb idea leader innovate featured img
To Zoom or Not to Zoom? Addressing a Crucial Cybersecurity Question
Read more

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.