Organizations are struggling to manage risk and compliance. A Ropes & Gray survey found that 57% of senior-level executives rank this as one of the top two risk categories they feel least prepared to address. Since that survey, regulators around the world have ratcheted up their enforcement efforts — the SEC announced a more aggressive approach (and reported a 7% increase in enforcement actions from 2020 to 2021), the DOJ issued statements about its revitalized intentions to “be bold” against white-collar crime, the FTC is placing greater scrutiny on the relationship between market dominance and consumer data privacy harm and countless authorities around the globe have issued new regulations relating to digital assets, security, privacy, AI and more.
Taking a proactive approach to preventing, identifying and mitigating compliance risks has become a business imperative. At the same time, the growing volume and variety of corporate data sources are making the process of proactively monitoring compliance increasingly difficult and expensive. Additionally, bad actors continue to find new ways to subvert existing compliance monitoring programs. Employees who are engaging in fraudulent or otherwise illegal behavior are more likely to conduct those activities in unmonitored channels or via encrypted and ephemeral messaging applications to avoid detection.
Legal and compliance teams need modern approaches to solve these modern challenges. Dynamic workflows built around advanced analytic tools are providing promising results to this end and enabling efficient, contextual, robust compliance monitoring.
Specifically, analytic research and analytics-driven story development, solutions that have been traditionally used for fact-finding in disputes and investigations, can offer rich insight into the compliance and risk related activities and communications taking place across an organization.
At FTI Technology, our teams are applying our Story Development solution to compliance use cases by leveraging analytics over a cross-section of data to reveal patterns and connections that may indicate suspicious activity. For example, conversations taking place in email and collaboration applications can be analyzed alongside call logs, behavioral anomalies (such as communications sent at odd hours or surges of communications between certain individuals), sentiment within messages, transactions and other forms of structured and unstructured data to paint a broad picture of happenings across the organization.
In addition to providing compliance officers and in-house counsel with a clear view of the organization’s compliance posture, story-driven analysis can also help key stakeholders better understand the organization’s overall risk position. For example, easily digestible fact memos, narratives and chronologies can be extracted from large, complex datasets to help the C-suite and the board identify the biggest risks and develop strategy around how to respond — such as by taking specific mitigation steps or making additional investments in preparedness and proactive governance.
Analytics-led approaches can also deliver significant cost benefits compared to traditional methods. Today, organizations of all sizes spend an average of $10,000 per employee to maintain regulatory compliance. Regulatory enforcement and fines have also been steadily rising since at least 2021. For one global client, our analytic research and story development workflows have delivered hundreds of thousands of dollars in cost savings. After uncovering compliance violations within its Chinese operations, the client decided to take a proactive approach to finding problem areas and self-reporting them ahead of a regulatory inquiry. Previous compliance monitoring initiatives at the organization were manual, highly laborious and did not deliver the level of insight the organization needed to effectively monitor and enforce compliance. Our team developed a solution to provide analytic research for the organization’s Chinese operations and provide a comprehensive summary of risk areas on a quarterly basis. The effectiveness and cost savings of the solution prompted the client to expand it to the rest of the organization’s global operations.
Like many areas of digital risk, compliance monitoring is becoming increasingly challenging and costly given today’s data landscape. When analytics are used to tell a complete story about key risk areas and activities, organizations can reduce exposure, bolster their governance posture and better contain the costs associated with compliance.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.