In today’s digital word, compliance and investigation teams often feel like they’re drowning in data, especially within organizations growing at a fast pace or expanding into new markets. Although this exponential increase of data may present a variety of regulatory and other risks, the appropriate use of analytics, if managed effectively, can enhance decision-making and save both time and cost throughout the compliance, investigation and litigation cycles.
“Prevention Is Better Than Cure”
Leveraging the vast pool of available data through appropriate analytic techniques enables compliance teams to build robust monitoring capabilities and tailor their policies and procedures specifically to their organization to proactively mitigate risk.
Compliance professionals are already updating their compliance programs to reflect the evolving business model and changes in the risk and regulatory landscapes. When gaps or new risks are identified, innovative compliance teams can determine the most appropriate data that can be effectively measured and used to monitor these priority areas.
Today, organizations have a multi-dimensional mass of data to choose from, including internal and external, structured and unstructured data sets. Using the appropriate tools and techniques, compliance teams can mine this data to anticipate and detect fraud or other misconduct to deliver greater insight and assurance in their risk mitigation strategies.
Where Can You Start?
Sophisticated techniques such as predictive analytics and artificial intelligence can help identify non-compliant activity within or outside an organization. However, implementing these techniques and their associated tools effectively takes time. The starting point should always be to establish the ask (e.g., what risks need to be measured?), quickly followed by identifying the data that will help measure the risks. With data residing in a multitude of locations, systems and formats, a gradual, structured approach is required. Applying simple analytic techniques like rules-based testing help establish the usability of the data and are often the building blocks to effectively apply more complex techniques, such as risk-scoring, data visualization and text mining. Over time, you start to develop more automation and higher detection rates with fewer false positives.
Bringing Insights Into Focus
When tackling large volumes of data, data visualization using interactive dashboards makes it far easier to identify anomalies, outliers and trends in compliance monitoring and investigations. These dashboards can show a snapshot of high-level trends and allow users to click through to the details of the findings. Furthermore, you can create different versions tailored to different audiences, ranging from high-level dashboards that allow senior stakeholders to measure performance against strategy, to more granular dashboards that enable compliance officers or middle management to monitor and investigate red flags.
Moving to More Complex Analytics
As more and more complex data sets come together, it’s important to understand the most appropriate analytic techniques to apply, keeping in mind the task in hand. For example, when testing for anti-money laundering or counter terrorist financing, compliance and investigation teams often need to understand the nature of relationships between entities and/or individuals, as well as their transactional activity. Customer information and transactional data from within the organization — combined with information from business directories and social media — enable organizations to apply techniques such as network analysis to identify relationships that are not always obvious or reported. Simple rules-based testing wouldn’t be able to provide this additional insight.
Forward Planning
Optimizing data analytics is a long-term, iterative process, but it doesn’t have to be a daunting task. The key to success is to plan ahead and build the necessary elements continually, not on an ad-hoc basis. As with most compliance projects, outcomes and findings will be fed back into building and refining more robust monitoring systems.
When working through data and projects in a reactive way, finding and preparing data can take up most of the time, often leaving less opportunity for the actual assessment or investigative work. Strong information governance results in properly maintained data where the time needed to access and prepare the data decreases significantly. In turn, processes to interrogate the data become more automated, providing accelerated speed to relevant data and hence giving compliance and investigation professionals more time to focus on core risk issues instead of grappling with data issues.
This can be especially helpful when organizations need to respond to broad discovery requests that demand significant resources and investment to fulfil. Furthermore, growing data privacy regulations, such as the GDPR and the Health Insurance Portability and Accountability Act (HIPAA), place even more responsibility on organizations to diligently track data throughout its life cycle, and proper governance for the data will save time and cost, as well as minimize risk.
Demonstrating Value to the Wider Business
Not surprisingly, the data used by compliance and investigation teams is very often sourced from the same systems that other risk, operational and business units use. A collective approach regarding data and its use hugely benefits the organization as a whole. In practice, this means that data can be assessed through different lenses to benefit other areas of the business. For instance, having a better understanding of transaction flows can ensure transparency, whilst also providing insight for finance teams to identify potential cost reductions. Getting buy-in from senior management or other functions by demonstrating operational or commercial benefits is particularly useful when compliance and investigation teams have resource constraints to establishing a dedicated analytics function.
Leveraging External Experience and Expertise
Kroll is uniquely positioned to help organizations identify, manage and mitigate risk. We are experienced advisors with expertise across data governance and privacy, technology assessment and review, efficient analytics and complex investigations. Through the use of innovation, analytics and technology-enabled consulting, we provide clients with meaningful data insights that impactfully mitigate risk and reduce time and cost associated with investigations.
For more information, contact our Data Insights and Forensics team.