Today I continue my exploration of the line of sight theory under which a Chief Compliance Officer (CCO) or compliance practitioner would have visibility across the lifecycle of a sales transaction so they could move from Detect to Prevent to Prescription in a best practices Foreign Corrupt Practices Act (FCPA) compliance program. I am basing this innovation on a chat I had with Scott Lane, Chief Executive of the Red Flag Group, where he described the line of sight a compliance practitioner needed; together with the concepts laid out in an article in the Harvard Business Review (HBR), by Michael E. Porter and James E. Heppelmann, in an article entitled “How Smart, Connected Products Are Transforming Companies”, I have adapted for the compliance function. Yesterday, in Part I, I considered some of the theoretical underpinnings of their article. Today I want to put some of their ideas, along with those of Lane, into form for the CCO or compliance practitioner.
Lane has been one of the leaders in talking about the use of data analytics in any compliance program. One of his first articulations has stuck with me. It was along the lines of “It’s your data, why aren’t you using it?” As the authors note, “As the ability to unlock the full value of data becomes a key source of competitive advantage, the management, governance, analysis, and security of that data is developing into a major new business function.” While a compliance function may have individual pieces of information available, it usually does not have a way to “unearth powerful insights by identifying patterns in thousands of readings from many” data points over time. For example, information from disparate individual business representatives across the spectrum of the sales cycle is usually available, if at all, on a retrospective basis. Capturing such insights is the domain of big data analytics, which blend mathematics, computer science, and compliance analysis techniques.
But even more so, using your own data can provide you with a competitive advantage. Just as companies that have been in the e-commerce business understand the power of data analytics in generating customer value; the compliance function can embrace the same ethos to deliver a cost-effective compliance solution, when it is needed in the sales cycle or when a high risk is generated. Obviously this requires an integration of business tools but the value of the tools themselves is enhanced by their integration into the compliance function.
It all turns on the basic premise that “every organizational structure must combine two basic elements: differentiation and integration. Dissimilar tasks, such as sales and engineering, need to be “differentiated,” or organized into distinct units. At the same time, the activities of those separate units need to be “integrated” to coordinate and align them. Smart, connected products have a major impact on both differentiation and integration in” compliance.
In the life cycle of any business transaction there are several steps which produce data analytics for the CCO or compliance practitioner. When Business Development (BD) initially makes a call on a potential customer; when a RFP comes into an organization; when the response is formulated with pricing and proposed discounts; during any subsequent contract negotiations; post-contract obligations for travel and training; and continued business development contacts with a customer.
Each of these steps could provide data, which taken singularly might not raise any red flags or even be outside company specifications but taken as a whole, it might be a transaction which would lend itself to compliance oversight. Starting with the BD representative, what information is available regarding gifts, meals and entertainment? Certainly this is something that a company records as a basis to take an appropriate business deduction from the Internal Revenue Service (IRS). From the Foreign Corrupt Practices Act (FCPA) perspective, is the customer representative entertaining a foreign government official under the Act? If so, what is the aggregate spend on any one such customer representative over a 12-month period by one BD representative? What is the BD spend on one particular government official by several company BD representatives? Has there been any travel involved to tour company facilities? If so what was the aggregate spend and was it correlated with the other gifts, meal and entertainment spend?
Moving forward through the sales cycle into the RFP and response thereto process; what discounts may have been provided in the initial response? Was there appropriate senior manage review? Are any third parties being used in the process? What is there relationship to the sale? To the customer? What about their relationship, if any, to the BD representative involved? Are there any suppliers or other third parties that may have entered into a relationship with the company through the Supply Chain (SC) rather than as third party sales representatives?
Moving on to any contract negotiations which might take place, were any discounts offered outside the standard discount range? If so were these discounts properly vetted through the internal company process? Was this process documented and was there senior management sign off in place? Did the customer suggest the use of any third parties as suppliers to the prime contract? Were there any charitable donations requested by the customer? Were there any charitable donations made during any part of this process or within 12 months after a successful contract negotiation? Was the contract properly vetted by all required internal processes: by management, by legal, by compliance?
If the business function was successful in concluding the contract; did it specify any travel for the customer? How about ongoing training and if so where and for how long? Was there a specification of business class or above travel accommodations? Has any required compliance or FCPA training been delivered to any third parties involved in the contract? Was there any Corporate Social Responsibility (CSR) requirement going forward? Does compliance have visibility into this or does is go through a company charitable donation group or committee?
These are only some of the data points which a CCO or compliance practitioner should have visibility into going forward. By looking down a straight line at all of this information, the compliance function can identify measures to improve any high risk issues before they move to FCPA violations. Such information would also lead to more predictive abilities so when patterns arise that might signal that red flags are coming, the compliance function could mobilize more quickly and more efficiently going forward.
This line of sight into the sales cycle is the next step for compliance to move towards. When the structural innovations of Compliance 2.0 are paired with the data analytics and insights from Compliance 3.0; a very powerful tool will be created. But all starts with the line of sight; think about it and use it.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2015