Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Compliance & data security – the way we work
1. Compliance & data security
– the way we work
My objective of writing this presentation is to bring attention to a very pertinent issue
of, especially in financial services industry, Compliance & Data Security.
Organizations today are more prone to non-compliance than they were in the past.
Many a times, technology in business brings convenience but it also brings an amount
of vulnerability. The jobs for CROs, CIOs & teams have become so important in these
days & time having a very strong bearing on the organizational survival. Interestingly, its
technology again that is now helping organizations to keep the vulnerability in check.
2. Predicting employee behaviors
As shown in the movie Minority Report in 2002, Tom Cruise plays a
pre-crime officer who hunts for murder suspects before they can
act, “We’re taking technology that was built for counter-terrorism
and using it against human language, because that’s where
intentions are shown,” said Estes, whose company counts
Goldman Sachs Group Inc. and Credit Suisse Group AG as clients
and investors. (Refer complete article by Hugh Son- http://www.bloomberg.com/news/articles/2015-04-
08/jpmorgan-algorithm-knows-you-re-a-rogue-employee-before-you-do)
JPM paid >$ 36Bnin legal bills since the financial crisis. reports says, they have hired 2500
compliance professionals and have invested millions of $$ to improve operations &
compliance.
Organizations are building systems to collect data points from across communication
channels to create a complete profile of each employee and having predictive analytics
suggesting probability & occurrence of any fraud.
3. Costs Vs benefits of compliance
The cost any organization pays or will pay to build an effective
system will overlay the benefits from it. Some large
organizations have paid billions of $ in penalties and had loss of
goodwill, these are bigger losses than the money spent on
creating these prevention/surveillance units.
To a related question Keith Darcy, independent senior advisor to
Deloitte & Touche LLP’s Governance, Regulatory & Risk
Strategies enterprise compliance practice, says:
“The downturn had an immediate and devastating effect on many companies’ revenue
and expenses in every sector and region. Risk managers were certainly not immune to
this. Today, while many companies are reporting record corporate earnings, few have
any top line revenue growth. Clearly expense management continues to rule the day.
Such austerity measures, coming at a time when risks are increasing exponentially, is a
dangerous recipe. In response, some companies have collapsed ethics and compliance
departments into a single function focused primarily on compliance. Other companies
have elected to rely more heavily on part-time resources for global risk management.
Some have outsourced certain compliance functions or relied more heavily on
professional service providers. Measures like these can certainly enhance program
effectiveness and reduce costs; however, whatever path is chosen it is essential that
boards and top management provide adequate resources and appropriate authority to
the ethics, compliance and reputation risk managers. Companies that give an
inappropriate amount of attention to these risks do so at their own peril.”
For complete article follow the link: http://deloitte.wsj.com/riskandcompliance/2014/12/04/managing-global-ethics-and-compliance-as-an-asset-not-an-expense/)
4. Impact of & on organizational culture
The impact that an organization can have of its compliance
procedures is also on the organizational culture that defines the
way they operate. Organization running on suspicion will fail but an
organization that makes it a way of how they operate, even when it
is to the extent of surveillance, can succeed.
Ethics and compliance programs, as traditionally designed, are often not enough.
“Organizations responsible for some of the most egregious acts of malfeasance have had
quite impressive, formalized ethics and compliance guidelines,” says Nicole Sandford,
partner and national practice leader at Deloitte & Touche LLP’s Enterprise Compliance
Services. “Many regulators now realize that without a culture of integrity, organizations
are likely to view their ethics and compliance programs as a set of check-the-box
activities or—even worse—as a roadblock to achieving their business objectives,” Ms.
Sandford adds. “Many regulators now realize that without a culture of integrity,
organizations are likely to view their ethics and compliance programs as a set of check-
the-box activities or—even worse—as a roadblock to achieving their business
objectives,” Ms. Sandford adds. (for complete article follow the link http://deloitte.wsj.com/riskandcompliance/2015/01/20/corporate-
culture-the-center-of-strong-ethics-and-compliance/)
Conclusion: Compliance & data security – should always be the way we work