An Excerpt from The Complete Compliance and Ethics Manual – 2019

1
1009

An excerpt from “Artificial Intelligence in Corporate Compliance”
By Adrian Sierra
AI in Corporate Compliance

Most of the information regarding artificial intelligence (AI) is focused on identifying how it will help across multiple industries. Less is available that touches specifically on how AI will help corporate compliance. Below is an excerpt from SCCE’s 2019 newly-transformed, flagship product, The Complete Compliance and Ethics Manual; on how a compliance program may look to leverage AI in data collection, analysis, and monitoring:

Policies, Procedures, and Code of Conduct

Policies and procedures that frequently change due to laws or internal improvements are a challenge to maintain and update. However, if AI is incorporated in some of those procedures, such as ensuring all purchase orders have an authorized signature on the invoice, it would be easier to update additional factors to review, as the invoice is already scanned in with the purchase order. Additionally, past occurrences that did not fall in line with new changes may be easier to identify and analyze. This type of application is a business control that is a necessary part of a complete compliance program: making sure that a policy is actually executed in practice (see “Auditing and Monitoring” below).

Human resources departments are typically involved in addressing various legal or policy issues, such as sexual harassment, pay equity, benefits administration or abuse, and the consequences of an employee leaving an organization. Most of the time, this is typically brought to HR’s attention after the fact. AI technology can be used to monitor company communications to proactively identify inappropriate interactions, the sharing of confidential information to non-company personnel, web activity, and the risks of employees looking to leave the organization. This would initially increase the amount of data received but would identify potential violations faster and uncover those that would otherwise go undetected.

Oversight and Accountability

AI cannot be accountable for the compliance function, but the human beings responsible for compliance can identify specific metrics or tasks for which they are responsible, and then use AI to monitor and help demonstrate the effectiveness of the compliance program. Depending on the risk and priority of the organization, a compliance dashboard can be maintained by the compliance professional. Once defined by the organization, AI can proactively gather and process information for the compliance professional to ensure that the company is in line with its compliance program.

Education, Communication, and Awareness

Assessing education and training results can be a challenging task. Understanding that an individual has completed the training—and being able to analyze which questions were answered incorrectly—can be very valuable. Taking this historical data in conjunction with other employment or communication data can provide insight into possible higher risks of policy and procedure violations or indicate where further training is needed. Also, as AI grows within the education industry, it will be able to leverage a more comprehensive educational program where AI is the teacher. This can increase productivity and reduce costs, rather than just relying on employees taking online self-study courses.

——–

Find more information about AI in Compliance and more articles on how to improve your compliance and ethics program.

SCCE’s 2019 edition of The Complete Compliance and Ethics Manual is now interactive, versatile, and mobile-friendly.  When you purchase the 2019 edition, you’ll receive the print version and digital access.

1 COMMENT

  1. Not sure AI is appropriately used in this context. For instance using technology to ensure that the right authorization is on the right purchase order is a simple matter of customization of ERP systems which reflect the signature guidelines. (In my opinion).
    The opportunities for AI in Compliance are more in the ability to query available internal and external data sources, logically connect, curate and analyze. Then start with e.g. simple visualizations. For example which payment flows are generated where and go to which high risk country. That’s basic stuff, now add analytics from sales orders, business partner master data, intermediaries and end customers…you will be able to assign meaningful risk categories, with proper algos maybe even contemplate auto approval approaches.
    Lastly, this is a multi-disciplinary task. If you think just by gathering gigabytes of data, letting data scientists comb through and visualize results will result in nice but mostly useless graphs for Compliance.
    Bring Legal, Compliance, Business Process Owners and IT to the table and work out meaningful logical connectors first, find out where you find the data in which format. Then let the IT wizards work out the interfaces, solve inconsistencies, curation of data.

Comments are closed.