Big Data Saves the Day for Compliance
Big Data Saves the Day for Compliance
Andrew Copland-Cale, Siemens Compliance – Head of Risk Management & Mitigation and Alex Proels, Siemens Compliance Officer Americas
It’s Friday morning, and you have a busy day ahead fulfilling your duties as the Compliance Officer of a large multi-national corporation. Your ‘to do’ list includes a project risk assessment before lunch, and a meeting with your sales team to discuss their request for two new third-party intermediaries after lunch. You also need to complete the annual internal control system certification confirming that the sponsorships the company has paid were properly vetted and approved.
It’s going to be tight, but you are on track to making it out of work on-time so that you can cheer for your kids’ games this evening. You have the tools and resources necessary to get everything done efficiently. Today is going to be a great day!
The project risk assessment meeting starts off well. Your company is bidding as a prime contractor on a major infrastructure project in a developing country. However, you learn during the meeting that the customer has recommended hiring a local businessman who is well connected to support topics like end-customer financing, permitting, and on-site project management. Warning sirens go off in your head…you need more information on the customer and this new businessman.
The other two new intermediaries your sales team wants to engage are more straightforward, but you still need to evaluate the details and assess the risks before giving compliance approval.
Your day just got very busy!
Your first task is to complete thorough due diligences to evaluate the legal, reputational, and integrity related risks of the intermediaries.
You have access to an array of research and due diligence tools including third party data analytics, internet searches, compliance blogs, news, social media, internal information, legal databases, and many other sources. The challenge is not in finding enough information, but in collecting the information, analyzing the facts, and preparing an informed recommendation in the limited amount of time available before your management needs to make a “go” or “no go” decision.
How do you get to the right data, sift through it, interpret it, and decide what is relevant? How do you know with whom you are really dealing and from where their money is coming? How do you know when your due diligence is complete enough to make the right decision to protect your management and the company? The collection and manual processing of the data is essential, but not where the real value is added. The real value is added in the analysis and decision making based on the available information. Using digitalization, we can shift the overall time spent on data gathering and basic analysis to value-add activities of the decision-making process.
The good news is that many resources already structure huge amounts of data in a useable way. Advanced internet search tools which apply smart algorithms and proximity counters to key word searches are a compliance officer’s best friend. They greatly reduce the volume of data to be reviewed by weeding out irrelevant hits and false matches, returning only the most relevant results in an easy to use format. These searches are a great first level check: who are you dealing with, how well established are they, and have they been in the news recently?
To dig deeper and further, you will likely need to rely on data analytics from both internal and external sources. Third-party tools are especially useful because they span entire industries and often focus on specific risks, such as beneficial ownership of a company. This type of information used to take days or even weeks to compile and was challenging to do thoroughly. Now it can be retrieved from online databases in a matter of minutes.
You also have internal tools at your disposal including in-house data mining solutions which allow you to search your financial system, sales database, internal audit and investigations library, and other documents for relevant information. Your team has also developed tools searching and linking various news and social media feeds into a dashboard where you can quickly find related “hits”. You still have much more work to do to finalize your due diligences, but for today you were able to get a top-level risk assessment completed so that your management could move ahead with their bidding decision.
With everything going on, you almost forgot your last task of the day – the annual internal control system certification related to sponsorship payments. Sponsoring payments going through the approval process are easy, but what about if there are any payments that were not declared as “sponsoring”. Random spot checks were the former rule. Last year, this certification would have required significant preparation from your team because your financial system and standard spreadsheet software are not well suited for analyzing such large amounts of data. You also had to sift through sponsoring lists e-mailed in from the branch offices and perform quality spot checks. There was just no good way to roll up all that data and random checks were limited in numbers. However, at the beginning of this year, an automated control system was implemented which can be used to scan every transaction worldwide to detect potential “rogue” sponsoring. The information is automatically consolidated, analyzed, and reported in a dashboard which shows you that this and the other compliance controls have a “green light.” In a matter of minutes, you assess that the sponsorship process is working properly, and you confidently sign the total company confirmation. First a rule-set was used to determine and identify potential “rouge” sponsoring transactions. Now the system is learning based on feedback and now the machine is picking up patterns and developing its own decision criteria.
The digitalization of data allows our story to end well. You completed the high-level due diligences in a timely manner. Your management was able to make good decisions that keep your company safe. You assessed and confirmed in real time that your internal controls are working properly. And you made it to your kids’ games on time.
Does the story really end here? Hopefully not. You have a tremendous effort ahead of you, because the quantity and complexity of data will continue to grow at an exponential rate. Experts believe our data universe will double in size every two years and increase fifty-fold from 2010 to 2020. You will need new tools and processes that can keep pace with the growth. You will need even more intuitive dashboards to enable your company’s leaders to make faster and better decisions. You will need artificial intelligence and increasingly autonomous continuous monitoring to reduce manual workload and improve data interpretation and output application.
The greatest benefit for compliance will occur when digitalization can be applied not only to improving efficiency through automation of repetitive tasks, but also to intelligently enhancing risk identification and mitigation though broad process coverage and advanced analytics. This will produce a system which allows compliance experts to focus on complex decisions and leave the rest for machines.
Andrew Copland-Cale, Legal & Compliance and Head of Risk Management & Mitigation, Siemens AG
Andrew Copland-Cale has worked for Siemens AG since 1997 and performed multiple roles, including accounting, planning & controlling, procurement, product management, project management, consulting, region management and corporate development. Over the past 10 years he has spent three years in a corporate audit function in the area of forensic accounting and four years in compliance investigations. Three years ago he took on his current role within legal & compliance, as head of risk management and mitigation.
Alexander Proels, US Compliance Officer, Regional Compliance Head Americas, Siemens Corporation
Appointed to his current position in October 2014, Alexander Proels leads the Compliance organization of Siemens for the Americas region. Alexander manages the Compliance System to protect the company and its employees by ensuring that all aspects of Compliance policies, communications, training, education and case handling are properly operationalized. With 23 years of experience at Siemens, Alexander has held many key leadership roles with progressive responsibility in Accounting & Finance including a delegation to Germany as a manufacturing controller, an acquisition accounting manager, a Business unit FBA and, most recently, head of finance for Siemens Industry, Inc. Alexander earned a Master of Business Administration degree from Georgia State University with a specialty in Corporate Finance. Alexander earned his undergraduate degree from The University of Georgia with a specialty in Commercial Banking.