Today I continue my exploration of risk in compliance by starting a consideration of risk-based monitoring. As I have the previous two days, I honor a television star who died last week and today it is Mike Connors. While Robert Connors (no relations) was the coolest television star for my money in the late 60s, Mike Connors was a close second. He played the TV detective Joe Mannix in the series Mannix. According to his obituary in the New York Times (NYT), the series “had its premiere in 1967, Mr. Connors played the darkly handsome Joe Mannix, a Korean War veteran of Armenian descent who sleuthed his way around Los Angeles with flashy cars and a penchant for citing Armenian proverbs. Unlike many a smooth TV private eye, Mannix took his lumps. The Washington Post, tabulating the wear and tear the character withstood over eight seasons, found that he had endured 17 gunshot wounds and 55 beatings that left him unconscious.”
Two things stood out for me about Connors and the show Mannix. The first was personal to Connors as he, like my father, was a Korean War vet and even in the 60s, they were a largely ignored group. There were more WWII vets and the omnipresent Vietnam War so the Korean Vets never got the honor and respect I felt they deserved. The second was about the show, where his secretary Peggy, played by Gail Fisher, was one of the first TV shows to present an African American as a leading character. That alone made a big impression in the South.
I continue this week’s series based upon interviews with Ben Locwin, Director of Global R&D at BioGen and an operational strategist in pharma and healthcare, to explore risk forecast, risk assessment and risk monitoring for the compliance profession. We have previously considered forecasting and assessments and today I will continue the circuit by discussing risk-based monitoring.
Locwin said, “Risk-based monitoring is really about continuous, ongoing monitoring for those things which provide the most potential future risk to you. In other words, instead of a static risk registry that may come in part with forecasting, where you would say, “We’re trying to anticipate these risks.” By using risk-based monitoring to review issues on an ongoing basis, and the models that are behind the risk-based modeling, risk-based monitoring models, they’re continuously refined based on incoming data.”
The problem for many companies is they are siloed in not only their data but also in the systems. Locwin explained that because of the disparity of data systems, “They may not be tracking rigorous, quantified information all the time.” He cited to an example from the pharmaceutical world where a company could well have 50 worldwide sites where a drug product is being tested. Some patients receive a placebo and some patients receive the medication being tested. As data comes in you begin to note patterns in certain patients and groups, which might actually point towards a variety of testing errors by physicians administering the test.
Through the use of risk-based monitoring, you can begin to see things in “almost real-time, time-based trends of real data that you can then jump on and try to make adjustments before things get really wacky.” The implications to the compliance practitioner? Having access to information around sales, the sales process and corporate largess in things from Corporate Social Responsibility (CSR) work to gifts, travel and entertainment to conferences for customers and end users. Through the use of such risked-based monitoring a compliance professional would have the opportunity see trends developing which could allow an intervention for a prescriptive solution which could prevent an issue from becoming a Foreign Corrupt Practices Act (FCPA) violation.
Yet Locwin cautioned that compliance professionals should guard against bias. In an article by Locwin, entitled “Be Careful When Appraising Industry Trends”, he stated, “Social media has rapidly accelerated the agility with which the public can change allegiance and direction. It used to be that when information dissemination was slower and more compartmentalized within regions and market segments, that the market resistance to fluctuation was more robust. Now well-placed advertising, social commentary, or public response to corporate missteps can swirl into a maelstrom of market changes within hours that is agnostic to region or market segment.”
In today’s world, the speed at which reputational damage reigns out can overwhelm a corporation’s ability to respond. Here one might consider Wells Fargo and how fast the situation spun out of control for them after its $185MM fine was announced. It is through the use of risk-based monitoring, which allows for this almost real-time input, that a response to a forecasted, assessed or even unassessed risk can be developed. In the compliance world, such tools could be brought to bear when considering not only the expense side of such areas as gifts, travel and entertainment but also sales side data. This could be internal company data on its own salesforce and also information developed from or concerning your third-party sales team.
In Locwin’s primary world of pharmaceutical testing and product development, the need for such real-time information can be more critical. Yet through the development of these techniques as compliance tools, the compliance profession can add value to an organization through the use of risk-based monitoring. With the plethora of data on where and how corruption is likely to occur, coupled with meaningful sales and expense data, the compliance professional should be able to move from detect to prevent to prescriptive compliance solutions to prevent legal violations.
Finally, the beauty of all these techniques articulated by Locwin is that they are tools that can make companies more efficient and, at the end of the day, more profitable. They also move compliance into the fabric and DNA of an organization or in the words of Hui Chen, the Department of Justice (DOJ) Compliance Counsel, operationalize compliance. It will not be long before the DOJ mandates such techniques for any company under FCPA investigation. You need to develop your response now.
Tomorrow we will continue this exploration of the continuum of risk in compliance by considering issues which can cloud your risk-based monitoring, i.e. white noise.
Ben Locwin is a healthcare expert who is frequently featured in the popular media. He gives speeches internationally and specifically has written about the forecasting, assessment and monitoring of risk in the life sciences industry. He has also taught risk management and modeling at universities and to top Fortune 500 companies in automotive, aerospace, food & beverage, pharma, and other industries. He can be reached at ben.locwin@HealthcareScienceAdvisors.com.
Risk based monitoring goes with forecasting and a risk assessment to aid in the management of risk.Click to tweet
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2017