Smart Automation for Risk Management: Part 3, a Holistic Approach to Risk Monitoring With Data Analytics

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series we will be visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We are reviewing the Lextegrity Product Suite, taking a deep dive into continuous risk monitoring, considering pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 3, I conclude my two-part visit Miller about risk monitoring with data analytics.

We began with the Department of Justice’s (DOJ) 2020 Update to the Evaluation of Corporate Compliance Programs, (2020 Update), which mandated for the first time that compliance practitioners and the corporate compliance function have access to a company’s data lakes. Miller believes the DOJ 2020 Update has really been an eye opener for a lot of risk professionals and companies out there that they “need to do better.” Compliance professionals should have access to their own data as risk professionals, they need to have a plan and an actual program to monitor their company’s data. This works directly on the first two prongs of any compliance program; to prevent and detect actions which could be fraudulent, corrupt such as bribery, or other actions which could put your company in danger. This is even more true in 2021 as the DOJ is ramping up their enforcement efforts. Lextegrity provides a continuous monitoring solution that provides compliance and audit teams with a comprehensive way to keep a pulse on transactional spend and revenue risk.

Miller emphasized the key is that your continuous monitoring solution should be flexible and curable to your specific company. The Lextegrity platform provides analyses that are broken out in a variety of areas to look for specific types of risk in that general risk-based area. It allows you to identify transactions that could be associated with some wrongdoing like bribery, corruption or fraud. However, what many compliance professionals struggle with is separating the wheat from the chaff. In other words, they are bogged down in the details of a transaction such as gifts, travel and entertainment (GTE) spend, lack of approvals on discounts or third-party issues and do not have the ability to step back and look at a bigger picture.

This is where the Lextegrity platform is so powerful. It allows a deep dive into each step in the cycle, such as QuoteToCash and ProcureToPay, so that each part of the transaction can be seen. How can you both see the dots and connect the dots in a more macro view of risk? Miller said Lextegrity is thinking about that bigger picture of risk is because many customers are looking to connect the dots. What the Lextegrity solution provides is “to bring in that transactional data in as robust of a fashion as possible.” I asked him for an example. Miller said, “I’ll give you an example with vendor spend. When we look at that vendor spend data coming from SAP or Oracle, we’re not just bringing in the payment, we’re actually bringing in the payment that was made across eight different invoices. And then from each one of those invoices, we’re digging into the actual invoice detail that came along with that, the invoice line-item detail, the purchase order information, as well as the purchase requisition details at every one of those steps of the business process.” While each view could provide a small amount of detail that could be relevant from a risk perspective, it may not go into this identification of risk in that transaction as a whole. However, when you add “information coming from the financial side of the house, this provides accounts which can impact an organization from an expense perspective as there “lot of good clues there.”  But then you can supplement that data with other information, such as information from the Human Resources (HR) master file. This allows you to look at who approved the Purchase Order (PO) who requested the purchase requisition and then who approved the ultimate payment or invoice, and how does your network look in regard to the overall transaction. This allows a much more holistic approach to the overall data.

We concluded by considering what connecting all these dots might look like. Miller said that by  “connecting the dots of risk you start to see other things happen, you catch an exception in this area and now you say, well, so-and-so was a major part of that. Let’s see what else they’ve touched in this area or looking at the cross impact between employee spend and vendor spend, and then be on that in the compliance space”. You can also cross-reference hotline reports, due diligence metrics, audit reports, training completion data and indeed “all this other program information that compliance has a hand into that can feed into this transactional data.” It can truly provide to you the broadest look at your compliance risk.

Join us tomorrow where we explore pre-approvals and third-party due diligence with Kara Bonitatibus.

For more on Lextegrity, check out their website here.

Leave a Reply

Your email address will not be published. Required fields are marked *