A landmark survey of more than 1500 compliance leaders around the world has revealed major risks associated with digitalization, with 41% of those surveyed admitting their organization has already experienced enforcement investigations by regulators because of technology that was poorly on-boarded and/or implemented.
According to this new research, The Currency of Connection: Mobilizing Technology for Compliance Integration, investigations are most likely to arise in relation to data privacy and cybersecurity, as well as tax, transfer pricing, fraud and antitrust.
Yet at the same time, the research reveals that compliance teams, who are often a key line of defense against such investigations, are largely shut out of decision-making around new tech, including a third of businesses surveyed who believe their organization is employing new technology without any regard for potential compliance and regulatory risk at all.
These stark findings come at a time when COVID-19 has significantly accelerated the digital transformation of businesses around the world, which is in turn attracting much greater scrutiny from regulators. In fact, almost two-thirds (64%) of compliance leaders predict that scrutiny of tech-enabled business models and data privacy issues will now be top of their regulators' "to-do lists."
London-based Luis Gomez, competition partner, Baker McKenzie, said examining market tipping was one such area of focus: "Regulators are grappling with the implications of technology in relation to antitrust and market power. Many contend that, where previously the practice of 'tipping markets' was relatively simpler to identify and address, today these forces are often undetectable until it is too late. Data is currency and organizations can, some allege, tip markets in their favor by virtue of access to uniquely valuable data. This presents a problematic and controversial new frontier in relation to competition and antitrust enforcement that is likely to play out over the next decade."
To drive their own efficiencies, manage cost pressures (56% of compliance leaders have seen their budgets cut due to COVID-19) and to keep up with the digitalization of their wider organizations, compliance teams themselves are therefore also increasingly turning to tech. While this has largely to date been focused on relieving the administrative burden, most compliance teams are on the cusp of more ambitions investments.
According to Joanna Ludlam, global co-chair, Global Compliance & Investigations, Baker McKenzie: "Within the next two years, the overwhelming majority of compliance leaders plan to further adopt machine learning, AI and predictive analytics within the function, and we are already seeing some advanced use of digital tools among tech-enabled compliance teams — including bots for finding and delivering information as part of compliance training and data-backed systems designed to identify concerning patterns of behavior."
However, maximizing the value of compliance technology is still challenging for many. Only 56% of compliance leaders report that compliance technology is effectively achieving its primary purpose, while 63% agree there is value yet to be realized from their digital tools.
Regulators are also in some cases continuing to play catch up, with, 53% of the 1500 compliance leaders surveyed reporting that a lack of consistent guidance on compliance technology from regulators globally is a barrier to further tech adoption.
Survey respondents in HK/China were the most likely to be seeing accelerated digitalization due to COVID-19, with 72% of HK/China respondents reporting this trend, compared with 52% in the US, although the US does appear to already be further up the tech curve, particularly with its use of AI and machine learning.
Rapidly accelerating digitalization is also creating further risk; HK/China compliance leaders are also most likely to report that their organization is employing technology without considering compliance risk (54%), and 59% say their company has already experienced a related compliance investigation.
There is some good news from Brazil, where compliance teams lead the world in various compliance-related metrics, including being most confident that business and compliance leadership are aligned in response to COVID-19. Brazilian compliance leaders, along with those in several African and Middle Eastern countries, also report being more readily consulted around strategic decision-making than their counterparts in the US and UK.
The Third-Party Challenge
One area where is there is increasing concern and scrutiny is related to third-party compliance risk, and in particular where a company has a minority interest, a JV, or regarding supplier relationships.
Technology is therefore being rolled out to support compliance teams as they implement best practice and manage risk among investment partners. According to our research, 45% of compliance leaders plan to deploy technology to monitor the actions and behaviors of these third parties.
Tristan Grimmer, compliance and investigations and international trade partner, said: "We are seeing a rise in the use of risk assessment tools to conduct pre-partnership due diligence as well as oversight on an ongoing basis — streamlining the process of capturing and maintaining information that enables the identification and assessment of compliance risks. This trend is likely to accelerate as new technology comes to market."
Artificial intelligence (AI) is particularly useful in managing third-party risk. It can mine, collate and analyze public source information relating to investment partners to make connections that otherwise may not be made and highlight risks that may otherwise remain hidden. Used in this way, AI can provide greater insight and transparency on investment and procurement decision-making, thereby making it easier to assess potential hotspots.