by James Fanto
Technology raises many interesting issues for the growing field of compliance and could even transform the nature of this control position. The main question to be asked in this post is whether that transformation would make compliance more, or less, effective in accomplishing its mission of ensuring that an organization and its agents comply with laws, regulations and professional and ethical standards. The argument would go something like this. As in so many other activities, information technology and data analytics provide tools to compliance officers, particularly, although not exclusively, in their tasks of surveillance and monitoring. In regulated domains, in fact, regulators use this technology for their own supervision of firms and expect compliance officers to do the same. This use could result in a model of compliance officers sitting in front of a digital dashboard that enables them to monitor the firm’s activities for compliance. The question is whether this new model will enhance the efficiency of compliance officers or whether it will distance them from the activities themselves and from the firm’s employees. A subsidiary concern is whether, after considerable growth in compliance positions in so many domains, firms will use this technology-based model as an opportunity to “rationalize” compliance, which will reverse these employment gains.
Permit me to flesh out this argument. First, it is evident that compliance officers are using information technology and data analytics in their jobs, particularly in businesses, like finance, that have themselves been transformed by this technology. Take, as an example, compliance in the brokerage industry, which I follow. Broker-dealers use technology, among other things, to process orders and to complete trades at lightning fast speeds, and even to implement complex trading strategies. Firms have a legal obligation to ensure that this order processing and trading are properly supervised so that they are done in compliance with applicable laws and regulations. Today compliance officers cannot effectively assist in this supervision unless they have their own automated systems to track the orders and trading to flag problematic transactions. Indeed, securities regulators like the Securities and Exchange Commission and self-regulatory organizations like the Financial Industry Regulatory Authority, which use data analytics to monitor firms and markets, fully expect compliance officers to employ technological tools, whether developed in-house or, as is increasingly common, purchased from third-party vendors. This is an understandable demand, for regulators have always expected compliance programs to keep up with the transformation of the business of firms. So as businesses (particularly financial ones) enlarge their technology footprint, so also should their compliance programs.
Under the second step in the argument, the use of technology and of tools of data analysis produces a new, different model of the compliance officer. In this model, the compliance officer can be envisioned as sitting before a single- or multi-screen “dashboard,” to which data from a firm’s various activities feed. The model primarily highlights compliance officers’ task of surveillance, where they ensure that employees are following compliance procedures and thus conducting their activities in accordance with the law and the firm’s code of conduct. The dashboard could even allow a compliance officer to perform other compliance work as well, such as training employees through online programs, sending out compliance alerts and complying with information requests from regulators. Indeed, third-party vendors of compliance technology (ever present at compliance conferences) advertise and demonstrate how their dashboards allow compliance officers to do an increasing number of compliance tasks.
The third and final step looks to the implications of this model. It could certainly be argued that information technology and data analytics are just allowing compliance officers of today to save time and to be more productive, just as, in earlier periods, the telephone, the copier, the fax machine and early data processing did the same for their predecessors. So, for example, instead of having to wade manually through daily trade “blotters” to look for suspicious transactions, technology-enabled compliance officers receive in real-time notification of “exceptions” and can efficiently use their time to investigate the problems. As in so many cases with technology, this is a story of liberating compliance officers from tiresome labor so that they can focus on the highly valued work of looking into questionable transactions, educating employees about compliance policies and procedures and, most importantly, advising and counseling them on difficult decisions and business strategies.
However, this model could lead to other outcomes. Occupied and enamored with the dashboards, compliance officers could end up believing that the data feeds into them are the sole source of reliable firm information. As more information and compliance tasks are intertwined with the dashboards, compliance officers could become increasingly tethered to and dependent upon them. Moreover, firms themselves could promote this “high tech” compliance approach, but for a cost reason. Although we have lived through a growth in compliance (and in compliance positions) since the financial crisis, reports are that cost pressures are beginning to weigh on this control function and that, as a result, firms are demanding that compliance officers become more efficient and do more with fewer resources. Using data analytics through the dashboard may lead firms to believe that they can have more productive, but fewer, compliance officers. And these compliance officers would no longer, or less frequently, “walk the halls,” which means being visible in the day-to-day activities of a firm and doing face-to-face their important advisory and counseling role. The ultimate outcome of this model, therefore, could be to have compliance officers in the main office (or in a remote location where the cost of living is low) monitoring firm activities and communicating with employees from afar.
I have discussed these alternative outcomes of “dashboard compliance” with compliance officers and compliance advisers. Many of them have assured me that the scenario portrayed in the previous paragraph is unlikely to be the result of the use of new technology and data analytics by compliance officers. They think that the earlier scenario is coming to pass, which is that of the dashboard as just another “liberating” tool in the toolbox of compliance officers. Moreover, they tell me that my negative outcome exaggerates the cost pressures facing compliance and that employment in that field remains robust. My question to the readers of this blog is: What do you think? Which of the above outcomes makes sense to you or reflects your experience? Or is there some other story about the use of technology by compliance officers that I am leaving out?
James Fanto is the Gerald Baylin Professor of Law at Brooklyn Law School.
Disclaimer
The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement or of New York University School of Law. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.