What are you doing to keep your documents secure and your data protected? Today we have Tomas Suros, Chief Solutions Architect, Practice Automation, at AbacusNext. They’ve developed an innovative, all-in-one system for the legal and compliance field that makes work more efficient and more secure. Today we’re learning more about the system and what it can do.

Tomas’s background: when law meets tech

Tomas attended law school at the time the internet boom was in full swing, with his classes applying their concepts to the internet, back when it still had no jurisdictional boundaries. Right after graduation, he worked for Pandora, a streaming radio entity and his first experience with the technology of law, and eventually, his interests turned to leveraging technology for compliance and developing software tools for lawyers.

AbacusNext: What is it, and how does it work?

AbacusNext uses software tools to protect data and give companies efficient access to them through a private cloud environment. Having a private cloud environment allows them to build the controls into the architecture of the software itself — everything from encryption to how the data is held and who can access it — so that your compliance needs are met.

  • Each document is encrypted and, using the tools, you can manage who has access to which documents, and what they can do with them.
  • Each version of each document is saved in real time so there’s an audit trail of the different touch points to the documents.
  • Sharing and collaborating can also be done within the ecosystem, so people no longer need to send emails back and forth to each other with the document attached, which is risky and potentially not secure.

A comprehensive solution

The goal of AbacusNext is to create an integrated, comprehensive solution. Over the past five years, they’ve acquired different software tools, so things like managing leads and clients, capturing information, and performing checks can be done securely and quickly. Reminders, deadlines, and task notifications are all automated, and the whole life cycle of the services you provide for clients flows through one protected and secure system.

The advantage in Customer Relationship Management

With AbacusNext, you’re able to start your client relationship on a secure footing, with the assurance that you proactively have the systems in place to protect their information. The system also makes it much more automated and efficient for clients to reach out to you and share what their current needs are, allowing the firm to respond quickly and appropriately with helpful information. And once they’re a client, there’s no need to redundantly re-enter information they’d already given since everything is already within the ecosystem, making it a smooth experience for everyone all around.


Tomas Suros (LinkedIn)

Email: tsuros@abacusnext.com

AbacusNext (Website)

How to Gain a Competitive Advantage With CRM

As the web gets more and more complicated, how can we keep up? Keith Laska, a board member at Hanzo, joins us today. Hanzo uses artificial intelligence and modern technology to improve compliance effectiveness. With the web being as dynamic as it is, our compliance solutions have to be, too.

The story of Hanzo

At Hanzo, they use data science to make their customers’ lives easier, covering both proactive and reactive compliance. But there’s one major difference: they collect, store, and offer insights and analytics on content in a native format instead of the usual plain PDFs.

That may sound trivial, but it’s a complicated process. The aim is to preserve the web forever, and static PDFs remove almost all of the dynamic nature of the web. They needed a platform that could capture everything — metadata, JavaScript, videos that could play back — so future generations could have context and provide quality insights and analytics from the content.

And that’s how Hanzo was born.

What does Hanzo bring into the arena of compliance effectiveness?

When you’re dealing with large scale future trends like hyper-personalization, one of the challenges that marketers in compliance face is wanting to promote their product or service while being careful that they’re taking the right steps. Effectiveness is the only way to measure these critical decisions that compliance officers have to make on a daily basis. The analytics and add-ons that are on Hanzo allow you not just to collect that information, but also to measure how effective you are with that information, both proactively and reactively.

What are these add-ons to the platform?

The web composition and power balance is largely asymmetrical, and what Hanzo is doing is bringing symmetry back to that equation. The web is a dynamic, contextual, and confusing information store that cannot be controlled — but it can be understood, investigated, analyzed, and defensively harvested.

There are four components to the platform:

  • Hanzo Investigator which utilizes data science, artificial intelligence, and machine learning algorithms to scan the entire web
  • Hanzo Hold has the ability to apply retention policy to preserve custodial data on team collaboration tools like Slack, GSuite, and Office 365
  • Hanzo Capture is the web archive for regulatory compliance
  • Hanzo Dynamic Review provides a legally defensive export. It’s dynamic, which means you can analyze the collected content in its proper context.

What’s the difference between a reactive and proactive compliance program? How can this suite of tools help the compliance practitioner or the business owner be more proactive?

We have many tools that help us react to regulatory guidelines, like investigations or alerts. What we should be challenging ourselves with as innovative vendors in this space is: now that we have the ability to apply AI, data science, and machine learning, how can we redirect our efforts as aggressively as possible toward proactive compliance?

A lot of information to find smoking guns in terms of fraud, for example, are actually out on the web. The ability to analyze, pull back relevant data, and act on information that’s out there on collaborative and social media platforms is the next level kind of symmetry that brings the power back to the customers.

Ongoing Education Credits

If you’re a compliance professional looking for a convenient and effective way to fulfill your continuing education requirements, check out our 4 hour-long training packages that will keep you up to date with the latest developments in the compliance field.


Keith Laska (LinkedIn)


FCA Compliance Report Courses

In this special five-part podcast series, sponsored by Gan Integrity, we have considered the evolution of compliance, from disconnected to connected. We have explored why compliance is disconnected and what can be done to connect it, how to build a connected compliance program and technology can help in this endeavor. The series has been a fascinating exploration of where compliance is in 2019 and where it is headed down the road. In this fifth and final episode, I visit Valerie Charles, the Chief Strategy Officer at GAN Integrity on what is the human side of connected compliance.

It is clear that the driving force for change in compliance is technology. The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have both talked about the need to incorporate technology into a best practices compliance program. Yet there still and will always be the need for human element in compliance. In many ways it is because a CCO or compliance practitioner is in a leadership position in an organization. I asked Charles, what qualities she thought made a top-notch CCO and she emphasized, “you have to be a strategic partner to the business and you have to be able to determine when your compliance team should be making judgment calls versus when you should be relying on kind of objective data.”

Obviously, this requires striking a balance, getting the uniformity so that you have predictability in the way that the organization is going to respond to issues. Charles stated, “as problems arise, this uniformity becomes important.” Yet the CCO must still factor in the human judgment. While you may have “this crazy technology that is fantastic, there’s no substitute for human judgment.” Where technology can come into play is around administrative or more rote tasks of the compliance professional. This means wedding the human judgement with the right set of data as inputs.

Charles sees the next step as “real-time transparency” where you are not simply setting up policies and procedures but overseeing them real-time, literally across the globe so that you are following compliance as it happens. This means the corporate compliance function has access and transparency, so that you are looking at objective data and have a close enough relationship with your eyes and ears and compliance team members on the ground where the business operates. This allows you to respond to things that are going on to change procedure, policy and react and even engage in discipline when necessary.

All of this is what the DOJ has articulated as operationalizing compliance. It first garnered attention in the February 2017 release of the Evaluation of Corporate Compliance Programs. Since that time, compliance practitioners have steadily worked to move their compliance programs forward onto the front lines of their business units. Connected compliance is one way to do so but it clearly requires a human element to not only interpret but to impart the appropriate or required compliance solution. Charles said, “I think operationalizing compliance means that you cannot have an annual or even quarterly update on what’s going on in the program. It must be operationalized in such a way that you are sharing information not only with the regional business units of floating up to the corporate compliance folks, but also sharing information back and forth with the other business units, procurement, finance and reacting in real time.”

Connected compliance also works towards elevating the compliance function within the organization. Charles said, “for compliance to be effective, you have an understanding of the business and even frankly a more fundamental way than the legal department. You need to know how money flows through the business to be able to figure out where controls need to be. You must know and understand onboarding and the full lifecycle of relationships with your employees, with your outside third parties and your business partners.” She concluded that if your compliance function does not have involvement and buy-in from at a minimum HR procurement, finance and audit, “you don’t really have a working program.”

We ended with exploring how can compliance professionals and compliance officers advocate for a more connected compliance program within their organization? Charles said it begins with recognizing you many need a solution without any glaring problem in front of you. If you have multiple reporting systems, that alone will create inefficiencies. What can you do to reduce this number? Consider implementing a standard platform that gives you the ability to have data feeds that would present a real-time graph or chart within a dashboard. All of these will help you to have both a more robust compliance solution and bring greater value to your organization.

The human side of compliance will never go away even as there is an enhanced technological solution. These factors help make compliance one of the most exciting and rewarding professions around. It is why I claimed the mantle of the Compliance Evangelist and why I am so passionate about the compliance profession.

As we conclude this special podcast series on connected compliance, you can see the need for an enhanced technological solution around compliance, coupled with an ever-growing human side to compliance. These factors help make compliance one of the most exciting, rewarding professions around. It is why I claimed the mantle of the Compliance Evangelist and why I am so passionate about the compliance profession.

For more information on how connected compliance, visit our sponsor Gan Integrity Solutions, Inc. at www.ganintegrity.com.

In this special five-part podcast series, hosted by Gan Integrity, we consider the evolution of compliance, from disconnected to connected. Over the next five episodes we will explore why compliance is disconnected and what can be done to connect it, how to build a connected compliance program and technology can help in this endeavor and finally what is the human side of compliance in the context of connected compliance. The series is a fascinating exploration of where compliance is in 2019 and where it is headed down the road. In this third episode, I visit Peter Chang, the Head of Customer Success at GAN Integrity to consider how to construct a connected compliance program.

Chang noted that while many organizations have a good idea of whether their compliance processes are connected or not; an independent third party such as GAN can provide some different perspectives. The first is insight into what other customers in the compliance space are doing and what GAN sees out in the larger compliance arena. This means that while most compliance practitioners understand that some portion of their system is automated or even connected, GAN can elevate their current situation by showing some of the best practices that others are doing or identify issues the customer may not be observing. This can provide what Chang characterized as “some low hanging fruit” for quick and easy compliance wins. Finally, Chang and his team can provide advice in terms of what an organization can do to make sure that their systems are connected and that they understand the immediate benefits derived from doing so.

Chang said that an analysis usually begins with the size of the organization. As with everything around a best practices compliance program, there is no one size fits all. This means for every company, type and size, there are varying degrees of connected systems. Unfortunately, the larger the company, the more complex the situation usually is going into the process. Chang stated, “For a company of under 10,000 employees, there’s usually not a ton of different systems in place. This means making the connection between the systems is not going to be a huge undertaking.” However that situation quickly changes if the company is moving up towards 100,000+ employees. In those situations, “there’s typically multiple systems and companies may have different iterations of systems obtained through acquisitions. This means there maybe multiple HR systems, multiple ERP systems and can make connecting them for the compliance program a lot more complex. So depending on the size and type of customer that we interact with, we would probably parlay a different type of solution for them.”

It is incumbent on organizations to think through what they are trying to achieve. A basic question to connected compliance is what are the metrics your organization would like to measure? Chang provided the following example: “does the company want to track the lifecycle of a particular vendor or employee? Would it be throughout the lifecycle management of this vendor or person? Would it be through the different programs they had with the company? Finally, what are the things that are detrimental to the reporting aspect that you are looking for?”

This really unearths the true goal, which is to demonstrate that properly focused compliance can increase business efficiency and enhance overall profitability. This is not simply a compliance focused solution, but rather an efficiency focused solution by bringing greater conducted analysis and then developing a set of bespoke metrics tailored to the company. This allows more than simply the Chief Compliance Officer (CCO) to determine what is working and what is not so that you have a roadmap to improve going forward.

This brings up another problem for both compliance functions and other corporate disciplines, because there can be so many disparate systems, that there is no “single source of truth” or facts within an organization. A company can have multiple master data inputs, vendor and ERP systems. Chang said in such a situation, “we really rethink our approach about why the customer has these systems. From there can you identify, where the single source of truth can be found. From there you have to move to a focus on consolidating those systems. This is the first step of having a well-connected compliance process.”

Chang concluded by noting this process is something which resonates greatly with GAN’s customer base. Yet, at the end of the day, the system itself is only going to be as good as the data input and the people using it and reporting on it. This requires a strong level of consideration about what it really means to be connected. As Chang said, your organization must “think about what is most important to them. This is the first step to being able to configure a company to a manner that makes sense for the company.” The key is that the vision must be aligned.

Join us tomorrow when explore connected technology works.

For more information on how connected compliance, visit our sponsor Gan Integrity Solutions, Inc. at www.ganintegrity.com.

As the fraud risk landscape changes, how do you adapt? Today, we have Vince Walden and Matt Galvin. Vince is a Partner with Ernst & Young’s Forensic and Integrity Services Practice, and Matt is the Global Vice President of Ethics & Compliance at Anheuser-Busch InBev. We’re talking about an article Vince has co-authored in Fraud Magazine entitled: Accelerating Anti-Fraud Innovation, as well as innovations that Matt has put forward in his compliance program.

What are some of the key reasons for the success of an innovation project in the anti-fraud arena?

It’s about measuring compliance effectiveness and finding ways to keep compliance fun, interactive, and top of mind for employees. Putting systems in place so you can see measurable improvements in the quality of transactional data moving through a system is what’s driving a lot of the innovation in compliance. People are beginning to really understand the technologies available to them.

What are some of the key reasons for the failure of an innovation project in either the fraud or compliance arena?

Spiffy technology alone doesn’t innovate. When a business isn’t involved and it’s not a collaborative exercise, it’s harder to get a lot of adoption. Many think of it as an IT project as opposed to a business domain project, and expect the IT people to come up with the business questions and interpret the results. The compliance function itself is a risk function, and risk functions don’t necessarily lead themselves to innovation. It’s hard to marry the mindset of trial and error and root cause analysis to innovate in a space where you’re always thinking about the risk.

How can natural language learning help with improving the quality of data?

Nobody is going to input perfect data, because data entry, by definition, is boring. Natural language processing will have the ability to take and aggregate data that is unstructured, instead of humans having to force structure onto the data. Technology catching up with the imperfections of humanity will accelerate the pace of change.

What is the innovation funnel?

Ideate. The brainstorming phase where anything and everything can be put on the table.

Evaluate. A formal committee narrows down and focuses the opportunities.

Accelerate. A few projects are chosen and pilots and feasibility studies are put in place.

Incubate. 2-3-week sprints are developed to quickly determine if the idea works.

Iterate. Ideas are made ready to become new products and move to production systems.

The collaborative nature of innovation

If you were to take a look at compliance, what is it: systems and processes? Or can we look at it as encouraging better outcomes and business decisions? It’s the best way to drive better outcomes and decisions than to give people stronger information and make that information transparent to multiple stakeholders. That way, everyone is driving compliance.

Ongoing Education

Want to stay up to date with the latest compliance news in an easy-to-consume format? Go to our courses page and choose from several 4 hour-long training packages.


Vince Walden (LinkedIn)

Matt Galvin (LinkedIn)

Accelerating Anti-Fraud Innovation (Fraud Magazine)

You can’t monitor what you can’t measure (Fraud Magazine)

Designing a compliance program at AB InBev (Harvard Business Review)

Why compliance programs fail — and how to fix them (Harvard Business Review)