automating your compliance program your · 2014. 9. 3. · 1 automating your compliance program...
TRANSCRIPT
![Page 1: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/1.jpg)
1
Automating Your Compliance Program Automating
YourComplianceprogram
Ted BanksCompliance & Competition Consultants LLC
Scharf Banks Marmor LLC
The Key Concepts• Capture knowledge electronically
& reuse it automatically
• Figure out what you do during your compliance activities, and
use automation tools to do it better.
• Make it your goal to have every employee want to partake of compliance because it is so wonderful.
![Page 2: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/2.jpg)
2
“Three Rules to Build Your Digital Experience Strategy”*
1. Design dopamine digital experiences.– “I can’t wait.”
– “This is fun.”
– “I got it done.”
2. Be everywhere.
3. Stay fresh.
*J. Rymer & M. Gualtieri, KM World (Sept. 2012)
Acknowledgement
• Inspiration: ABA Tech Show 60 Sites in 60 Minutes, which became 60 Apps in 60 Minutes
• Today: A few “big” systems, a few small applications, and a bunch of ideas, some of which you may find useful.
![Page 3: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/3.jpg)
3
The CCO Job
• Protect the company
• Do it by– Doing your job more efficiently (back office)
– Reaching employees more effectively (front office)
Priorities?
• #1 Help employees do their job better
• #2 Make your job better
• My philosophy: employees come first
![Page 4: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/4.jpg)
4
Getting Help (or Inspiration)
• Vendors– Beware the BS
• Your IT Department
• Benchmarking with other companies
• Analogies from other systems
The Vendors1. They use adjectives instead of facts: “The Acme System is a robust compliance system designed to deliver the results you need. It has been specifically designed to be the most comprehensive and function tool available. It streamlines your job and will improve profitability. Call for a demonstration.”
![Page 5: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/5.jpg)
5
The Vendors2. They are afraid of competition: We don’t want our competitors to copy our great ideas.
The Vendors
3. They don’t really know how to get the word out.
![Page 6: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/6.jpg)
6
The Reality
• Good ideas can come from anywhere
• I am not endorsing the vendors I mention in this presentation,
but present them as examples of what can be done
• The toughest job: conceptualizing what you want
Paradigm 1: Filling Out a Form
• Forms are a powerful tool
• To work:– Requires that you know what
questions to ask
– Requires that it is used at the right time
– Requires that can be practically used by those who should do so
![Page 7: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/7.jpg)
7
Learning from Data
Centralizing Data
• Avoid repetitive due diligence questionnaires
• Example: Trace International TRAC system for 3rd party verification
http://tracnumber.com
![Page 8: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/8.jpg)
8
Paradigm 2: Painless Access
• Make compliance a seamless part of business processes
• Make access to information painless
• Make the compliance experience special
What Technology?
Real Biz Shorts -- www.corpedia.com
![Page 9: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/9.jpg)
9
The Business Process
• Do you know what processes happen in your company that can incorporate a compliance step? (Siemens example later)
Making access to compliance information painless
• Instantaneous
• Automatic
• Fits the way the employee communicates –does not require new behavior
• Do you use an iPad?
www.intertek.com
![Page 10: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/10.jpg)
10
Ease of Access to Information
Do you use a smart phone (or even a not-so-smart phone)?
Use it for compliance!
![Page 11: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/11.jpg)
11
Send a text message• The To-do List
– Type: todo <message>
– Example: todo draft social media policy
• Voting/Poll– Type: vote
<number>
– Example: vote 3
1-646-606-2806
WoltersKluwer ComplyTrack 6 Alpha www.mediregs.com/complytrack-suite
Make the Compliance Experience Special
• Can you use a geographic analogy to convey other compliance topics?
http://company.zynga.com/privacy/privacyville
![Page 12: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/12.jpg)
12
www.trueoffice.com
True Office Mobile Compliance Games
What do you know about jobs?
• The Amazon model:– Based on what you buy, we know what you
probably want
• The compliance model:– Based on what you do, we know
your compliance risks
– Therefore, we target ourcompliance program
![Page 13: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/13.jpg)
13
Linking Jobs to Risks
www.lrn.com
• No agreement on what compliance means
• So beware of companies that advertise “compliance” software, e.g., using compliance to mean document management or workflow
![Page 14: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/14.jpg)
14
Regulatory Compliance
• Health care, financial services
• For compliance officer, or subject matter expert
• Make technical information more accessible
• Make sure that processes are followed
Regulated Industry Example: Health Care
www.mediregs.com
![Page 15: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/15.jpg)
15
Look at each step of the compliance process: What can you automate?
• Risk Assessment
• Compliance standards and procedures
• Organizational infrastructure
• Due care in delegation• Communicate compliance
standards
• Monitor and audit
• Appropriate discipline
• Periodically update the program (triggers from reports)
• Generating heat map with audience response system
• Managing policies
• Track training of board, executives, compliance program for RIFs
• Background checks
• Conversion of PowerPoint to training; link of training to job descriptions; automated certification process
• Screens; automated email monitoring; expense monitoring
• Investigation process
• Triggers from reports
Training: WeComply Reporting Dashboard
www.wecomply.com
![Page 16: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/16.jpg)
16
Back Office System
• Challenge: just too much to do and keep track of all of it
• Response: a comprehensive compliance system
Slide 32
PWC UK Enterprise Compliance Portal [email protected]
![Page 17: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/17.jpg)
17
Slide 33
Assessment – Template selection
Slide 34
Assessment - Self assessment summary
![Page 18: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/18.jpg)
18
Slide 35
Assessment - Self assessment details / data entry
Assessment - Remediation plan details
![Page 19: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/19.jpg)
19
Slide 37
Self certification - Dashboard
Slide 38
Self certification - Confirmation / sign off
![Page 20: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/20.jpg)
20
Slide 39
Reports - Global assessment heatmap
Slide 40
Reports - Compliance dashboard report
![Page 21: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/21.jpg)
21
Reports - Response breakdown report
Slide 42
Reports - Assessment against remediation progress
![Page 22: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/22.jpg)
22
Slide 43
Reports - Level of risk details
Document library
![Page 23: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/23.jpg)
23
Risk Assessment• Resolver Ballot + Protiviti: using audience
response systems
www.protiviti.com
Policy Management
• Could be something like SharePoint
• Central source for policies– On line copies linked to master
• Version control– Authority to alter
• Distribution to impacted employees
• Reminder to update
![Page 24: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/24.jpg)
24
Policy & Procedure ManagementCreation, Review, Approve,
Organize
Certification and Self Assessments
Mapping to Risksand Controls
Alerts and Notifications
Awareness and Training
Tracking and Visibility
Policies related to -Gifts- Regulatory Compliance-Commission Payment-Expense Re-imbursement-Payment-Travel and Entertainment-Employee Background
Enforcing the policy and guidelines and ensuring compliance on employees and Third Parties
www.MetricStream.com
Training
• The garbage in-garbage out problem
• LMS,LCMS important for compliance
• What do I need to know to do my job?
• We fail– Overinclusive or underinclusive
– Static, boring
– irrelevant
![Page 25: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/25.jpg)
25
Convert PowerPoint to eLearning: Articulate
www.articulate.com
Full Escape from PowerPoint
• The Khan Academy Blackboard Approach
• If you know your stuff, you should be able to teach it this way
www.khanacademy.org
![Page 26: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/26.jpg)
26
Track Training of 3rd Parties:Eduneering Compliance Wire
www.uleduneering.com
Prevent
Training Program Effectiveness
Policy Certification
Detect
Performance of Controls
KPI/KRI Breach
Risk Assessments Audit Results
Respond
On-time Remediation mechanism
Resource and Time Management
Effectiveness of Compliance Program
Example fromMetric Stream
![Page 27: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/27.jpg)
27
Administering Compliance Rules
• Train to use tool before certain actions, such as giving or receiving gifts
• Can combine automated process with manual review
Protection notice / Copyright noticeFor internal use only / © Siemens AG 2012
Policies and electronic tools help identify risk andbalance competing interests
Payment of - Meal- Gift- Local Travel
Acceptance of- Meal / Gift- Entertainment- Travel- Accomodation
Payment of - Entertainment- Non-local travel- Lodging
Government Officials: Mandatory
Private Sector: Voluntary
Voluntary
Government Officials& "critical" participants*:
Mandatory
Other participants:Voluntary
Provision Scorecard
AcceptanceScorecard
SpoDoM Tool
*Related Parties of Government Officials, healthcare providers, members of the purchasing department, invitees actively involved in the acceptance of a bid or the awarding of a tender
![Page 28: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/28.jpg)
28
Protection notice / Copyright noticeFor internal use only / © Siemens AG 2012
Scorecards are used when gifts and/or meals are provided to Government Officials
Protection notice / Copyright noticeFor internal use only / © Siemens AG 2012Page 56
Pre-approval of sponsorships, donations, corporatememberships, other contributions and hospitalitypackages must be obtained via SpoDoM tool
Siemens supports many organizations around the world through sponsorship, hospitalitypackages, donations and other contributions.
Memberships in associations and contributions to certain groups and activities arean essential part of our Corporate Social Responsibility program, our leadership in industry initiatives and our programs to strengthen the Siemens brand.
The Sponsoring, Donation and Membership (SpoDoM) Tool helps to- focus these strategic efforts- enhance controls over associated costs- ensure compliance with applicable legal requirements
No contribution may be promised, offered or made to secure inappropriate competitive advantages All contributions must be clear, plausible and visible No contribution may be made to recipients whose goals are incompatible with
Siemens‘ corporate principles or which would damage Siemens reputation No contribution may be paid to private accounts.
![Page 29: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/29.jpg)
29
Protection notice / Copyright noticeFor internal use only / © Siemens AG 2012
Pre-approval of entertainment, non-local travel, & lodging provided to certain 3rd parties must be obtained via SpoDoM tool
Entertainment, Non-Local Travel, or Lodging
Is the Invitee: Government Relative of government Health care provider Member of the purchasing department Actively involved in a purchasing decision or
the acceptance of a bid
Responsibility for decision on invitations not fulfilling any of these criteria – even expensive ones – is fully taken by the business.
SpoDoMApprovalRequired
NoSpoDoMApproval
No Yes
Exceptions (e.g. approval not necessary for…)
Company-organized events if the purpose of which is to provide scientific
or technical information or to serve as a forum for the discussion of cultural or economic topics the information is useful for the invitee there is a link to Company business food is limited to snacks and drinks no gifts or only small gifts (“giveaways”) of
nominal value are provided
Employee guests at company-organized events hosted exclusively for employees (e.g. company picnics or holiday parties).
Hospitality required by contract if contractual clauses are reviewed by legal.
Page 57
How do people communicate?• Talking is easier than keyboarding
• People love those Apple ads for SIRI because they love the idea of the freedom to communicate with a computer by speaking to it.
• Capture the inclination of peopleand make it work for you.
• SIRI and Google Voice Search actually work very well.
![Page 30: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/30.jpg)
30
Compliance Advice on the Smartphone
• Question 1
Compliance Advice on the Smartphone
• Question 2
![Page 31: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/31.jpg)
31
Concept: Voice Search
• You have a defined database– Code of Conduct
– Compliance Policies
– Business procedures
– Q&As and other communications
• If an employee has a compliance question, let them ask.
• Use voice input to provide data for other programs (e.g., ComplyTrack)
Concept: QR Codes for Compliance Info
For more info on any subject, take a picture of the related QR code
![Page 32: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/32.jpg)
32
Artificial Intelligence Example: Neota Logic
• Capture legal rules and apply to a process
• The compliance challenge:1. Need to transfer customer or employee data
from one country to another.
2. Legal review of compliance requirements (notifications, forms, encryption, etc.) was costing as much as $30,000 per request.
• Can the process be automated?
http://www.neotalogic.com/
Neota Logic
• Step 1: Get the rules.
– Law firm compiled rules for 50+ countries
– Result: giant stack of memos
• Step 2: Operationalize the knowledge
– Create an expert system that takes the knowledge and asks questions about the nature and circumstances of the proposed transfer and then returns a list of the required compliance steps.
– Integrate with the company's existing internal workflow system
![Page 33: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/33.jpg)
33
![Page 34: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/34.jpg)
34
![Page 35: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/35.jpg)
35
![Page 36: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/36.jpg)
36
What can I do?
• Look for compliance gaps and ask yourself: How can I make better?
• Be familiar with commercial products
• Look for tools used by other companies
• Every time you hear about any automation advance, think: Can I use this in compliance?
But I’m not a techie . . .• Remember every moment you
said to yourself “I wish I could do . . .” - - and ask if it could be done.
• Make friends with IT Dept in company.
• Develop resources at local colleges to get young programmers who need jobs.
• Keep asking!
![Page 37: Automating Your Compliance Program Your · 2014. 9. 3. · 1 Automating Your Compliance Program Automating Your Compliance program Ted Banks Compliance & Competition Consultants LLC](https://reader035.vdocuments.mx/reader035/viewer/2022062605/5fd8c7f1f631af59543bd3fb/html5/thumbnails/37.jpg)
37
…but it can help you do your job better.
Remember . . .
Thank you.