The DOJ and SEC have both made it clear that they expect companies to be more robust in their use of data analytics in compliance programs. This means using data to not only detect and prevent illegal conduct but also in the remediation prong of any best practices compliance program as well through continuous improvement. In 2019, former Deputy Assistant Attorney General Matthew Miner said in a speech that the DOJ will inquire whether compliance departments have access to internal data that could help them identify misconduct and whether compliance officers make adequate use of data analytics in their reviews of companies under investigation. Since at least 2016 in the FCPA enforcement action involving Key Energy Services, Inc., the SEC has been communicating to compliance professionals of the need for increased use of data and data analytics in any compliance program.
The bottom line is that it is not if but when you begin to incorporate corporate information into your compliance program to make your compliance program more efficient and your business process run more effectively. My suggestion is that you begin now to identify the data you have access to and the data to which you currently do not have access. Find a way to bridge that gap.
Three key takeaways:
- DOJ pronouncements mandate CCO availability to and use of data.
- Data can be an actionable solution across geographic and business lines.
- Use data as a business strategy.
For more information, check out The Compliance Handbook, 4th edition, here.