Categories
Innovation in Compliance

Smart Automation for Risk Management: Part 4, Pre-Approval and 3rd Parties


Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series, we are visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We have reviewed Lextegrity Product Suite, taken a deep dive into continuous risk monitoring, considered pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 4, I visit with Bonitatibus on pre-approvals and third-party due diligence.
We began with a discussion of the pre-approval process and third-party due diligence monitoring tools that Lextegrity has developed. Bonitatibus initially noted that often times the business folks see the compliance function as the department of holding things up. This led the Lextegrity team to look at questions such as “how do you build a system that is easy to use, intuitive gets users in and out of the system and gets them the answers they need as quickly as possible?”
The Lextegrity platform starts from the perspective of bringing all of your business pre-approvals together in one platform. This means business users must only go to one place to interact with the compliance function and any employee only needs to learn one compliance system. This can replace the myriad of company purchases of a third-party solution, a gifts, travel and entertainment (GTE) solution, disclosure system even to perhaps a separate conflict of interests solution. Even with a GRC vendor, who might have different modules that cover all of those processes, but even they do not necessarily talk to one another.
The Lextegrity difference is that it can build workflows unique to your business. Bonitatibus noted the solution has workflows in 14 languages, soon to be 20. It can provide customers with template content, across multiple questionnaires. There is a library of content which based on an internal review of enforcement actions and other public source documents, all of which are configurable. She went on to say, “we implemented multiple workflows in over a dozen languages in a hundred countries and less than 90 days, in a new tech driven compliance program. That’s what makes our software really powerful.”
We then turned to the question of how companies are in many cases not using the pre-approval workflows efficiently. One of the pillars of Lextegrity is to be more data driven across all of our products, including in the pre-approval workflow. “The Lextegrity solution embeds analytics and thresholds directly into the preapproval process, which provides approvers with data to inform their decisions. This means you are not simply looking at the information which is provided by the submitter or the requester. It expands out to things like aggregate spend and aggregate frequency. For example, how many gifts has this government official already received? How much has this particular healthcare professional received in the context of a meal or a consulting fee?”
The important component of any such analysis is to not look at this data “in a vacuum, but rather   in context of other similarly situated requests.” Bonitatibus further explained “from a recipient perspective, compare one doctor to other doctors who are also receiving meals or consulting fees. Is this an outlier in comparison to those types of data points? Then the same analysis from a submitter perspective.” Here you might look at has a particular submitter input requests that are outside the norm of people that are in similar positions? As Bonitatibus mused, “in my former life, as an in-house compliance professional, this would have been a game changer from my perspective and have given myself and my colleagues a lot more comfort in decision-making.”
We then turned to third-party due diligence and the Lextegrity solution. Bonitatibus admitted this was her biggest frustration as an in-house compliance professional as she was responsible for her company’s third-party due diligence program. There was no “holistic third-party risk management tool around third parties.” She channeled that frustration to help create a solution to better manage this most significant of compliance risks. The information needed for a robust holistic management of third-parties includes where your third-party population resides, both by market and region. But it also includes third parties from vendors to sales agents so that you need to be able to look at “a universe of third parties.”
What the Lextegrity solution provides is a way to “pull from a vendor master or customer master lists” so that company business administrators can master the system data and ensure that it is as clean as possible. Another key differentiator for Lextegrity is that the solution allows for tracking activity at an engagement level of existing platforms out there which focus strictly on the initial engagement, a higher level of engagement such as a Master Services Agreement with a third party. If scope creep starts, with more business users or functions using that same third party to engage them for some other type of business purpose, you can be aware of it. Finally, and perhaps most significantly, the Lextegrity risk scoring component provides true end to end risk management of your third-party base care.”
Join us tomorrow where explore integrations and the user experience with Bonitatibus.
For more on Lextegrity, check out their website here.