Categories
Blog

E-com Surveillance: A Proactive Approach

In today’s rapidly expanding digital realm, keeping up with regulatory requirements in E-com surveillance is more than just a necessity—it’s a game-changer. As the world grapples with the challenges brought by the COVID-19 pandemic, efforts in ensuring compliance have dramatically shifted, impacting both personal and professional spaces. This, friends, has become a defining factor in not just maintaining, but enhancing compliance and risk management. Let’s delve into how we can proactively monitor communications, adapt to evolving channels, and leverage technology for our advantage while ensuring data security in cloud-based platforms. Here are some key steps:

  • Establishing a Robust Compliance Program
  • Proactively Monitoring Communications in E-Com Surveillance
  • Adapting to Evolving Communication Channels
  • Deploying AI in Compliance Monitoring

1. Establishing a Robust Compliance Program

With the increasing reliance on e-commerce due to the ongoing global health crisis, keeping up with regulatory compliance has become more of a challenge than ever before. Enhanced surveillance within the e-commerce spectrum has emerged as a critical aspect of any robust compliance program. Companies must diligently monitor all communication transactions to identify any potential misconduct early on. With technology continuously evolving, companies are faced with more diverse sources of data and communication channels than before.

To counteract this, advancements in technology have enabled compliance professionals to monitor these various sources more efficiently and focus on high-risk areas.   With the proliferation of novel communication platforms, regulatory requirements have become more stringent, but also more complex to adhere to. AI has been instrumental in empowering compliance officers, allowing them to better concentrate their efforts. With its ability to filter and prioritize alerts based on risk levels, AI functionality is highly effective in optimizing the e-com surveillance process. Compliance functions must keep pace with the constant changes in the communication landscape, meaning that they need to be adaptable in capturing and recording all essential communications.   Organizations must understand the cruciality of establishing a strong compliance program that aligns with their communication platforms and e-commerce operations. By leveraging high-tech solutions, like AI and machine learning, companies can better monitor and manage risks from a proactive stance, while simultaneously obeying regulatory requirements.

 2. Proactively Monitoring Communications 

In the ever-expanding universe of e-commerce, staying ahead of illicit activities such as fraud, theft, and other misconduct is vital. Key to this is the implementation of effective e-commerce surveillance in every organization, large or small. This involves the proactive monitoring and analyzing of all company communications, from emails to chat messages, for any signs of inappropriate behavior. With the ongoing proliferation of communication channels — each one another avenue for potential exploitation — it’s a gargantuan task that might seem overwhelming. However, thanks to the wonder of technology, we now have the means to keep pace with this turbulent environment. Modern advancements have made it possible to capture a vast array of data sources, despite the varying nature and extent of these channels.

 3. Adapting to Evolving Communication Channels

The digital era has seen an explosion in communication channels. From emails, social media, chat platforms to video conferencing, employees now have myriad ways to communicate, both internally and externally. Consequently, e-com surveillance to monitor such communication pipelines and pin down potential misconduct becomes increasingly complex, yet more essential. Adapting to these evolving channels plays a key role in ensuring significant compliance and risk management.   There are unique challenges that emerge with this diversity of communication channels. First instance, coded language by employees and capturing diverse data sources are some of the hurdles organizations face.

However, technology solutions are evolving as fast as the communication landscape. Key amongst these solutions is the use of AI and machine learning models, which cut through the noise to help compliance officers focus on high-risk areas. Regulators such as the SEC in the US and the FCA in the UK expect companies capture, monitor, and record all communication channels. This means your business must keep up with people’s communication methods and ensure every dialogue is recorded.  Why is this adaptation important? In a nutshell, the vastness and ever-evolving nature of digital communication channels pose a risk. The risk lies in the prospect of misconduct going unnoticed, regulatory guidelines being flouted, and ultimately, organizations facing severe consequences.

Moreover, every new communication platform is an additional data source. Managing this increasing data effectively is crucial for any organization in the current digital age. Adapting to evolving communication channels is not just about managing current risks; it is also about equipping organizations with the necessary technological tools to capture, monitor, and manage potential risks that could emerge with future communication spheres. The progression ensures that there is no lag in surveillance and that organizations are always a step ahead in their risk management.

  1. Deploying AI

Artificial intelligence (AI) and machine learning are critical technological advancements enabling companies to monitor the manifold data sources efficiently. These technologies and perhaps others down the road, are a game-changers, empowering compliance officers to focus on high-risk areas and alerts, moving compliance process from a detect mode to prevent mode. By deploying these advanced methods may lead to more comprehensive data capture and monitoring, thereby promoting a seamless, integrated, and effective e-com surveillance mechanism. This is why the implementation of such a step is a necessity more than an option as we move forward in this data-driven age.

Why is this effective approach to e-com surveillance so crucial? Well, we live in an age of digital ecommerce and remote work after COVID-19, where communication channels have diversified and expanded beyond limits. To stay compliant with regulatory requirements, it is not enough just to keep an eye on traditional messaging. You must embrace these changes and adapt by efficiently monitoring all these channels. With the technology such as AI and machine learning, you can create defensible and explainable models that can precisely show why specific alerts were raised, and others weren’t. This approach is the key to adapting to this ever-evolving world and meeting regulatory expectations, thereby enhancing your compliance protocols in the long run.

The importance of maintaining compliance with regulatory requirements in e-commerce surveillance, especially during this ongoing pandemic, cannot be overstated. As compliance authorities, you have the power to make a significant impact on your organization’s risk management. Today, we’ve delved into the necessity of a strong compliance program, the significance of proactively monitoring communications, the need to adapt to new communication mediums, the benefits of utilizing AI in compliance monitoring, and the importance of securing data on cloud platforms. Each of these steps is instrumental in achieving the desired state of compliance. Let this motivate you to continue striving for excellence in all your compliance efforts. After all, your dedication to strengthening these practices is not just about meeting regulations – it’s about fostering trust and reliability in your organization.

Categories
Report from IMPACT 2023

Report from IMPACT 2023: Sally Yates, David Ogden and Andrew Weissmann – Former DOJ Heads Talk Compliance

ECI’s IMPACT 2023 was one of the leading compliance events in 2023. At this conference, Tom Fox, the Voice of Compliance, was able to visit with several of the speakers, exhibitors, participants and one group of ethically minded Girl Scout Troop. In this limited podcast series, Report from IMPACT 2023, Tom explores many of the most cutting-edge topics in ethics and compliance through short podcast episodes. Check out the full series of interviews. You will be enlightened, informed and come away with a fuller and more thorough understanding of the most cutting-edge topics in ethics and compliance. In this episode, Tom visits with former Deputy Attorney Generals Sally Yates and David Ogden and former head of the Fraud Section Andrew Weissmann on the evolution of DOJ thinking on compliance.

This podcast episode covers the importance of compliance with the Foreign Corrupt Practices Act (FCPA) and how the Department of Justice (DOJ) is working to ensure corporate America is held accountable. Through voluntary disclosure incentives and open dialogue with the Defense Bar, agencies, and prosecutors, the DOJ has implemented measures to ensure that companies are adhering to the FCPA. The expertise of Main Justice prosecutors is highly valued, and the Fraud Section of the DOJ can provide invaluable insight into corporate policy. By fostering an open dialogue between the DOJ and industry, both parties can benefit from effective implementation of policies and an understanding of the benefits of compliance.

 Highlights include 

·      Yates Memo

·      Compliance Programs

·      Sticks and Carrots

Categories
Daily Compliance News

Daily Compliance News for August 4, 2023 – The Follow Your Passion Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

·       Altice France suspends director. (Bloomberg)

·       The biggest attorney/client privilege case in years.  (FT)

·       SEC tells some Wall Street brokers to get their AML controls in order. (WSJ)

·       Following your passion.  (NYT)

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 4 – The Reference Check

Hiring the right people for your team is critical to the success of any organization. Unfortunately, it can also be a costly endeavor if the wrong hire is made. According to a survey of 2500 companies, one bad hire can cost an organization more than $25,000 in lost productivity, low morale, and other associated costs. In some cases, the cost can be even higher, with one energy service company estimating the cost of a bad hire at $400,000.

With these staggering costs in mind, it’s clear that companies need to invest in the hiring process to ensure they get the right people. Reference checks are an important part of this process, yet they are often overlooked. This was discussed in a recent episode of One Month More Effective Compliance Program. The episode featured Kevin Ryan, who believes that reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Reference checks are the only way to learn things about prospective employees that can’t be found on a resume. Unfortunately, companies often can’t or won’t give out much more information than confirming dates of employment. To get a more robust appraisal, one should dig up people who will speak candidly about the candidate. Search firms are particularly good at this, and companies should emulate this practice. Asking direct questions to acquaintances can provide direct responses 75% of the time.

The Department of Justice has recognized hiring as a best practice for compliance programs since 2004. According to Kevin Ryan, companies should take the time to get to know the candidate and ask questions that will reveal their values, beliefs, and motivations, as well as their ability to work with others, take direction, and think critically. He recommends that companies take three steps in the hiring process: resume review, in person interview, and reference checks. While the resume is good for establishing the basic qualifications for the job, it doesn’t provide much else.

The hiring process is the first step in operationalizing a compliance program. Reference checks are an important part of this process, as they can help to ensure that the candidate is a good fit for the company. Investing in the hiring process is essential to ensure that the right people are brought on board and to avoid costly mistakes. The Department of Justice has recognized hiring as a best practice for compliance programs since 2004, and reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Three key takeaways:

  1. The hiring process is the first step in operationalizing your compliance program.
  2. The DOJ spoke to hiring as part of a best practices compliance program as far back as 2004.
  3. Reference checks are an underutilized part of the hiring process and a key internal HR control.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
Greetings and Felicitations

Greetings and Felicitations: The Future of Healthcare…Is Now: Part 5 – Down the Road

What is the future of healthcare and when will it arrive? To explore these and similar questions I visited with Dr. Ben Locwin and Scott Endicott in a five-episode podcast series. Over this series we have explored why the future of healthcare is now; gene and cell therapy, the use and misuse of statistics, Hippocrates and modern healthcare and where healthcare will be headed down the road. In this concluding Part 5, we look down the road at the future of healthcare.

The rapid advancement of technology has changed the way we live and work, and it’s also changing the way we receive healthcare. From smaller and smaller silicon wafer chips to quantum computers and micro dosing insulin pumps, technology is becoming more and more prevalent in healthcare.

At the same time, however, this technology poses several potential risks and ethical implications. Data privacy is a major concern, as there have been cases of lost or de-anonymized patient data from electronic health records getting out into the public sphere. AI and machine learning are also being used to collect and predict data, which could lead to further data privacy issues.

Ben and Scott recently discussed the potential risks and benefits of technology and the need for appropriate regulation and oversight to control the future of medical decision making. They also discussed the importance of patient advocacy and self-advocacy, as well as understanding and controlling how data is used.

Taking a counterfactual approach to contemplate the future of healthcare, it’s clear that technology advancements are here to stay. Software as a medical device is an open access point for hackers to get into highly critical medical devices. According to an IBM report, 550 organizations had a data breach between 2022 and 2023, and healthcare organizations had the highest average cost of data breaches at $11 million, up 8% from last year and 50% from a couple of years ago. With malware and ransomware looking to steal data due to the potential financial gain, the loss and risk to patient data from electronic medical and health records is a major concern.

Moore’s Law applies to both good and negative aspects of technology growth. Within 10-20 years, medications will be administered trans-dermally instead of through a bottle, and micronization of diagnostic capabilities will be available. Healthcare services, decisions, and other roles will be available through Amazon-like delivery. AI and ML are becoming more of a buzzword challenge, with many references being made to them in conversations. AI is currently being applied to chat and other spaces but is still five years away from being able to be transformational in medical applications. Genomics data is now accessible for criminal investigations, creating a downside risk. Technology is shrinking and getting faster, with microprocessors being built on five nanometer dies. Computers are beginning to take over for human decision making, with the widespread use of AI being seen in the future.

To ensure that these advancements are used responsibly, appropriate regulation and oversight is key. Ben believes that the human race has a tenacity to revert back if things become too extreme. Scott believes that patient advocacy and self-advocacy will be key to the change that needs to happen. Understanding and controlling how data is used is essential, as well as having more ethicists involved in the industry.

We hope that this blog post has provided you with some practical advice and data-driven insights to help you navigate the world of healthcare technology.

Key Highlights

·      Medical Technology Risks

·      AI in Healthcare

·      Moore’s Law and Medicine

·      Data Privacy and Telemedicine

Resources

Dr. Ben Locwin on LinkedIn

Scott Endicott on LinkedIn

Tom Fox on LinkedIn

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 10 – Ethical Remote Workers Edition

What happens when two top compliance commentators get together? They talk compliance of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

Tom and Kristy consider the possibility of an international anti-bribery court, challenges in enforcing judgments against countries without strong anti-corruption laws, and the United States’ unlikely participation. The European Commission issued an adequacy decision regarding data transfers between the US and EU, resolving a long-standing issue, but privacy advocate Max Schrems plans to challenge its validity. The importance of on-site due diligence, and the value of on-site audits and cybersecurity disclosure were also explored. The benefits of remote work, global anti-corruption efforts, AI safeguards, and the dangers of zero tolerance policies were covered as well. The conversation provided insights into various compliance-related topics.

Highlights Include

·      World ABC Court

·      No DOJ control on Cognizant investigation.

·      SEC adopts Cyber disclosure rules.

·      Fight against corruption in Ukraine.

·      Goldilocks Compliance.

·      Data Privacy Framework Program Launches New Website Enabling U.S. Companies to Participate in Cross-Border Data Transfers

·      Site Visits: Sometimes the Best Due Diligence is Done on Foot

·      New Data Reveals that Remote Workers are Likely More Ethical than their Office Counterparts.

·      White House Says Amazon, Google, Meta, Microsoft Agree to AI Safeguards

·      Man Steals Vehicle, Crashes it into Building during Search for WiFi Connection

 Resources 

  1. WSJ Risk and Compliance Journal
  2. FCPA Blog
  3. Radical Compliance
  4. Dept. Of Commerce Press Release
  5. WSJ
  6. Conflicts of Interest Blog
  7. GAB
  8. Fast Company
  9. Fox 35 Orlando

Connect with Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn