Today I continue my exploration of risk in compliance by the irritation of white noise in risk-based monitoring. As I have the previous days, I honor a television star who died last week and today it is Mary Tyler Moore. She was a rare television star whose career literally spanned decades, first as Laura Petrie, the wife of Dick Van Dyke on The Dick Van Dyke Show and later as Mary Richards, the feminist icon on the Mary Tyler Moore show. It was this second show where her tremendous talents bloomed as laid out in her New York Times (NYT) obituary which said, “At least a decade before the twin figures of the harried working woman and the neurotic, unwed 30-something became media preoccupations, Ms. Moore’s portrayal — for which she won four of her seven Emmy Awards — expressed both the exuberance and the melancholy of the single career woman who could plot her own course without reference to cultural archetypes.”

I continue this week’s series based upon interviews with Ben Locwin, Director of Global R&D at BioGen and an operational strategist in pharma and healthcare, to explore risk forecast, risk assessment and risk monitoring for the compliance profession. We have previously considered forecasting, assessments and began a consideration of risked-based monitoring; today I will continue the circuit by discussing the issue of white noise in risk-based monitoring.

I define white noise in general defined as information which is not meaningful. The compliance practitioner often struggles if they can get the underlying data but they do not know what is meaningful. Just as often, the compliance professional will not know how to interpret it. Matt Kelly, writing in Radical Compliance, provided the following example, “you don’t want a metric about whistleblower allegations that only tells you how many complaints you have; you want a metric that categorizes them by nature of complaint, or division of the company that’s complaining. Likewise, a metric that monitors new vendors with incomplete due diligence should also track which business units are on-boarding these laggard third parties.”

Locwin called this the “signal to noise ratio” and said it is “the mean of the data or the standard deviation, that’s basically just telling you, often used in radio frequency, how much of what’s coming through the airwaves is the actual content you care about versus what’s the static, the background noise, and everything else. Every time we measure anything – it could be these 50 trial locations and what’s good or bad, it could be how many good meals did we serve at Chipotle versus contaminating meals that inoculated a consumer – what we always have when we’re measuring all this stuff is a lot of the [white] noise, which is measurement error.”

Locwin cited to an article he wrote, entitled Better risk-based thinking will help produce better risk-based monitoring, for this problem of white noise and data interpretation on the prognostication of future problems. In the article he pointed to information and data in the criminal justice system where a new technology is available “called the Beware system. The system is in use in Fresno, California and other police departments. It’s an electronic database which takes into account GPS coordinates, spatial distributions of localized criminal activity, as well as past track record of individuals involved in 9-1-1 calls. The system “searches, sorts and scores billions of commercial records in a matter of seconds-alerting responders to potentially deadly and dangerous situations while en route to or at the location of a call.” Based on the software’s calculation of the factors, it assigns a ‘threat rating’ and a red, yellow, or green indicator for the officer.”

“All of these data are critically important when appraising a police response situation. When using it as a guide, it’s important to understand the underlying risk assessment principles calculated by the Beware system: Not every address or location has an equivalent level of risk, and the system allows responding officers the opportunity to be prepared. Criminal recidivism refers to an individual’s preponderance to recommit crime after he or she has been involved in criminal acts in the past. So to say that past performance is an indicator of future behavior is an understatement.” For the compliance officer the issue is that “you need to know what to fix first; and this usually goes wrong in the form of companies being unable to differentiate the signal from the noise. To not do it properly leads to a lot of organizations that I’ve seen expending a tremendous amount of resource and capital on trying to fix what actually isn’t the problem.”

I would also note that Cathy O’Neil explored similar issues in the criminal justice system in her recent book Weapons of Math Destruction noting the discriminatory nature of the outcomes. Yet her critique emphasizes Locwin’s need to think about the context of the risk (data) you receive.

Locwin admonishes the compliance professional, that when it comes to data from risk-based monitoring, to separate the wheat from the chaff. Focus on what your company’s highest risk is, focus on what really matters to you. This means if you are using third party agent to sell your products and services, you should focus your data analysis and risk management on this area. Conversely, if you largely use your employee base as your sales channel that would be your highest compliance risk.

Tomorrow we will continue this exploration of the continuum of risk in compliance by considering how three of concepts; forecasting, risk assessment and risk-based monitoring tie to together in a best practices compliance program. 

Ben Locwin is a healthcare expert who is frequently featured in the popular media. He gives speeches internationally and specifically has written about the forecasting, assessment and monitoring of risk in the life sciences industry. He has also taught risk management and modeling at universities and to top Fortune 500 companies in automotive, aerospace, food & beverage, pharma, and other industries. He can be reached at


  This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017