Melissa Koch is the CEO of InFront Compliance, an online assessment and reporting tool for highly regulated industries. She is a business, technology and data lawyer by trade, with over 20 years experience. As such, she has been at the forefront of the changing landscape of compliance. She chats with Tom Fox about how her company helps its clients navigate the intersection of law, technology and compliance.
The Intersection of Law, Technology and Compliance
“It’s always at the intersection that I think the most interesting things happen,” Melissa tells Tom. When you view compliance as an ecosystem – the intersection of law, technology and compliance as a unified field – you are able to see how they all work together to create an environment of collaboration and communication. Collaborative vendor risk management in particular, she explains, views compliance as an ecosystem with many stakeholders. It’s a way to facilitate lines of transparency between these stakeholders to enable reliability and consistency and to help define your company’s overall compliance posture. “And the foundation is really about communication and making sure you know who’s involved, what they’re doing, and having those sightlines and having that visibility to make much more informed decisions… on how to manage the compliance landscape.”
Embracing Data In Real-Time Vendor Management
Tom asks how data fits into the collaborative ecosystem. Melissa responds that InFront Compliance embraces data because you can’t get the transparency to make better decisions without it. InFront creates and curates libraries of assessments for organizations in highly regulated industries such as financial services. Ensuring that their businesses stay compliant in a fast-changing regulatory landscape, is one way InFront serves their clients. They also foster a “continuous culture of compliance” so their clients can see where they have gaps and close them before they become a problem.
A business is resilient if it’s able to bounce back quickly after an event that impacts its operations. Melissa remarks that resilience, policy development and change management all work together to make sure that your organization can effectively navigate any sudden and/or unforeseen changes. One way your company can build resilience is to adopt a dynamic and practical approach to policy development, Melissa says. “For those organizations that are adaptable and fluid in their ability to navigate change, are policies that live and breathe with the organization. So they are created specifically for that organization and how that organization does business. But they also have built into the policy regular review periods… It makes sure that everything is accurate and reflective of how that organization does business and when it’s not, then it changes… Those policies are there to help support the organization when there’s been a stress event for the organization.”