- How does the updated DOJ guidance impact compliance strategies?
- How can compliance programs shift towards data-driven and technology-focused strategies for both new and mature programs?
- What innovative solutions are transforming ethics and compliance practices today?
These and other questions were addressed in a recent webinar moderated by Thomas Fox, Founder of the Compliance Podcast Network. The session featured insights from compliance due diligence experts Sylwia Wolos, Chief Strategy Officer at Ground Truth Intelligence, Vincent Walden, CEO of KonaAI. The discussion centred around data-driven approaches to enhance compliance efficiency and deliver business value.
Here are the key takeaways.
1. Regulatory Landscape: DOJ Guidance and Global Trends
Staying aligned with the latest regulatory updates, particularly the 2024 Evaluation of Corporate Compliance Programs (ECCP) issued by the US Department of Justice (DOJ), is crucial. The ECCP now expects companies to employ data analytics for continuous monitoring and vendor risk evaluation.
Key Points:
- Companies must assess third-party risk continuously, not just during onboarding.
- Regulators expect documented processes demonstrating timely and risk-based reviews.
- The DOJ emphasises that the Compliance function must be managed on par with other business units, requiring timely and enterprise-level access to data.
2. The Shift to Data-Driven Compliance
The move towards data-centric compliance programs is no longer optional but essential. Effective compliance now relies on integrating data analytics to identify and manage risks throughout a third-party relationship lifecycle.
Highlights:
- Data analytics tools help identify high-risk vendors, flagging anomalies such as unusual payment patterns and potential conflicts of interest. This enables a move from a reactive to a preventive approach, saving businesses headaches and money.
- Compliance programs should leverage data from all sides of the business, including ERP systems to monitor third-party payments post-contract, and stay up-to-date on all vendor-relevant information.
- In initial as well as ongoing due diligence, understanding the gaps in data remains critical to allocate budgets appropriately within a risk-based approach.
3. Innovative Solutions and Best Practices
Enhancing compliance efficiency requires a blend of strategic approaches and modern technology. To achieve this, several practices can help compliance processes remain robust and adaptable to evolving risks:
- Risk-Based Due Diligence: Not every vendor requires the same level of scrutiny. A documented, risk-based approach helps allocate resources effectively.
- Continuous Monitoring: Modern technology provides predictive models to identify vendors who slipped through due diligence but pose significant risks.
- Technology Integration: Ensuring compliance teams use technology proportionate to other business functions avoids imbalances that could raise regulatory red flags. With combined solutions such as GTI and KonaAI, compliance teams can have centralised access to relevant information within one system.
Conclusion
As the compliance landscape continues to evolve, data-driven strategies are critical for managing third-party risks and ensuring efficiency and defensibility of the compliance program. The insights shared during the webinar emphasise the need for continuous monitoring, integration of data analytics, and a risk-based approach to due diligence. By leveraging these strategies, compliance professionals can not only meet regulatory expectations but also create tangible business value.
To learn more, chat to our experts.