Analysis

Five tips to transform your compliance function using data analytics

  • Global
  • Applying Technology Solutions
  • Creating a Resilient Organisation

Five tips to transform your compliance function using data analytics


In June 2020, the US Department of Justice (DOJ) updated its FCPA guidance on managing corporate compliance programmes. The mandate was clear: Compliance programmes must use robust technology and data analytics to assess internal behaviours and the behaviours of any third parties with whom they do business. Regulatory scrutiny requires companies to manage myriad risks: bribery and corruption, ESG risk, and procurement and internal fraud. In the event of wrongdoing, companies can be held accountable for their employees’ or third parties’ actions.

With data and analytics sitting at the centre of the recent guidance, the DOJ makes clear that compliance officers are expected to leverage data analytics to demonstrate that a compliance programme is working effectively.

What does this mean for compliance teams?

While the DOJ provided a roadmap for the adoption of analytics, not a defined checklist, compliance officers have an opportunity to evaluate how the compliance function might look in the next few years. This is a great opportunity to start thinking of transformational growth by leveraging one of your most valuable resources: data.

What are the benefits of a data-driven compliance function? 

By harnessing available data, compliance becomes a proactive, nimble and cost-efficient function. Compliance and audit can transform the way they interact with the business, turning them into a partnership that works together to find solutions to pervasive compliance problems, including issues that go on for years without being spotted, business disruption due to investigations, and expensive, resource- intensive audits.

What questions could a proactive compliance programme answer?

  • Have payments been made to state-owned enterprises (SOEs) or government officials?
  • Have any facilitation payments been made?
  • Are all employee expenses legitimate?
  • Are employees and third parties colluding to circumvent controls?
  • Are there any ghost employees/vendors?
  • Are there any undisclosed conflicts of interest?
  • Are vendors committing fraud?
  • Where should I focus my costly audits?

How can compliance teams leverage data analytics?

The compliance function is typically process-driven, and while moving towards a data-driven future may seem daunting for some, convergence of the compliance realm and the analytics world is less foreign than you may think. Like other programmes, data analytics programmes succeed with good stakeholder engagement, clear vision and regular communication with staff.

Below are our top 5 tips to help transform compliance teams into a data-led compliance function. 

Tip 1: Start small 

The potential from data analytics can be hard to comprehend if you have not experienced the results firsthand. This can lead to slow adoption rates in businesses, difficulty engaging internal stakeholders and obtaining additional budget. To overcome these issues, we recommend that you start your transformation programme with a small Proof of Concept (POC) project. This will be beneficial, because the cost and the required data volume will be low and because turnaround time should take several weeks. Once this POC is completed, ensure that you have an interactive dashboard format output and clear, actionable intelligence and recommendations. 

Tip 2: Pick a known issue

Pick an area that has known issues and that typically is hard to resolve, and start there. Often, companies have business units or areas that have in the past had whistleblower complaints or simmering issues. These are the proverbial black sheep. 

The benefit of focusing on a known risk is that it is likely that there are issues within that area, and solving issues that have previously eluded us is a great way to engage with stakeholders and demonstrate the true potential of analytics. 

Tip 3: Engage with your stakeholders early

Compliance officers aiming to transform their business with analytics need to engage with key stakeholders early, including with peers and up the management chain. Analytics isn’t just advantageous for the compliance function; it can be leveraged by other departments, such as audit and risk. By engaging with these stakeholders early and bringing them along on the journey, getting buy-in will be significantly easier. Showing stakeholders the results of the POC will provide tangible evidence to the potential of analytics, and high-level ROIs can demonstrate the benefits of analytics. 

 Tip 4: Start with the data you have…don’t wait for perfection.  

The most common question we are asked when working with clients to implement a compliance analytics solution is “Is my data good enough?”. The answer typically is yes: It’s good enough to make a start. Starting with poor or incomplete data is better than not starting at all. Companies are often inclined to wait for lengthy “data programmes” to finish or even commence before they invest in data analytics. However, the reality is that a lot can be done with very little, to build a foundation for a mature programme. Some clients have in-house data functions that can support analytics needs, but most get a jump-start by outsourcing cumbersome and resource-intensive data collection. It might surprise you to learn that cleaning and linking data sets is a relatively easy task for experienced teams of data scientists. For nearly all systems, it only takes a few weeks to have a working data set that you can use to assess and monitor compliance risks.

Tip 5: It takes time! 

Moving from a necessary and static service to a dynamic and strategic function doesn’t happen overnight. It requires planning, stakeholder management and targeted resourcing. Although you should see benefits quickly, it can take 12 to 24 months to develop such programmes to maturity. Small wins early on that show the benefit to the business and the wider organisation can help smooth the way. 

The time has come to pivot towards a more data-centric and analytics-driven world, and while the concept may be daunting, the newly created “stick” from the DOJ is only going to grow as other regulators follow suit. However, compliance officers should see this as an opportunity. Proactive compliance is cost effective and rapidly becoming global best practice for this reason alone. The shift towards proactive management of risks can also transform compliance teams from being inhibitors to enablers, and elevates them to a place of strategic guidance rather than reactive prevention. 

Webinar

Five tips to transform your compliance function using data analytics

Find out more

How can our experts help you?