Data Analytics and the Future of Compliance
A lifetime ago — the end of February, to be exact — I spoke to a group of law students in New York about careers in compliance, and the competencies they’ll need if they want to thrive in that profession.
My message to them was that skill in data analytics would be crucial to running compliance and risk management programs in the future. That message is still true today.
I just didn’t appreciate how COVID-19 would make that message so true, so quickly.
Risks Beyond Regulatory Compliance
Today compliance officers and their teams are scattered around the world, working at home or in remote offices. CCOs need to rely on systems, reports, and analysis more than ever before because lord only knows when you’ll be able to make a trip to resolve difficult issues in person.
Moreover, companies’ risks have changed, sometimes dramatically. Their business processes have changed, sometimes dramatically. Our slow evolution to a data analytics world has become more like a mad scramble, as even our basic assumptions about risk, policy and procedure have been tested like never before.
That is, COVID-19 is driving up the importance of reaching the best decisions possible about risk, even beyond the importance of achieving regulatory compliance. Because what will a slavish devotion to regulatory compliance bring you, if those policies and procedures are predicated on risks now supplanted by COVID-19?
I’m not saying regulatory compliance is unimportant; it’s as important today as it ever was. But COVID-19 is bringing new risks to the modern enterprise. Your ability to analyze those risks in a disciplined, data-driven way could spell the difference between corporate survival or failure.
So achieving strong data analytics capability is suddenly crucial.
How COVID-19 is Challenging Corporate Compliance
A compliance officer at a wealth management firm told me the other day that since COVID-19 swept the world and spun the markets into turmoil, financial advisers have been hounding him for permission to lend more money to clients, so they can invest in the market. (Under the theory that the clients can buy assets at fire-sale prices now, and make a killing on the market rebound later.)
In just about all cases, those financial advisers are obeying the firm’s policies and procedures for documentation: the client’s assets, liabilities, net worth, income, years until retirement and so forth.
So the compliance obligations are being met — but that’s not enough comfort to the CCO, who still needs to understand whether extending a loan to the client is truly wise. Sure, the client might be high net worth; but if that client operates a tourist site, or hotel, or restaurant, would you be eager to loan that person more money today?
That’s how COVID-19 is challenging corporate compliance today. Compliance with policy and procedure only guides your enterprise to follow certain behaviors. But when the assumptions behind those behaviors change, your risk analysis needs to be better, sharper and attuned to whatever new reality is being forced upon you.
Data Analytics and the Future of Compliance & Risk Management
As much as COVID-19 dominates our thinking today, we should also remember two points: data analytics was important before the pandemic, and it will remain important after our global ordeal finally goes away.
Corporate enterprises will still be large, complex, interconnected organizations that span the globe. They’ll still be wrapped in compliance obligations and surrounded by risk. Compliance functions will still be asked (ugh) to do more with less, and to do it more quickly.
On one hand, that’s good news: compliance officers will be able advise senior executives about the company’s risks, and that makes a strong compliance program more important to the strategic position of the enterprise. So as always, I’m still bullish that corporate compliance can be a long, lucrative career.
On the other hand, that also implies a strong commitment to technology as the foundation of your compliance and risk management strategy. To analyze data, you’ll need a single repository of data, with thoughtful and clear taxonomies that tag data correctly. You’ll need versatile reporting, to surface the right answers for whatever questions executives ask. You’ll need to embed automated data collection into policies and procedures across business operations, to reduce the chance of manual error.
In other words, compliance functions will need to do a lot, putting technology at the heart of their operations. That was true when I spoke to those law students in February. It’s true now. It will be true tomorrow.
That’s how we weather difficult times more effectively, such as the one we’re all enduring now.
A cloud-native, context-aware, extensible archive for global enterprises with complex security, data privacy and regulatory requirements. Learn More
Share this post!
Archiving and Compliance Blog
Our Blog explores the news, trends and best practices in electronic recordkeeping. It’s about managing and getting value from your electronic communications data. It’s about satisfying legal and regulatory obligations. It’s all about turning compliance liability into business insight.