Innovation in compliance can come in many forms. One such form was described by Vincent M. Walden, Managing Director at Alvarez and Marsal Holdings, LLC (A&M), in his article entitled “Profit & Loss-of-One”(P&L-of-One). In it, Walden detailed how he and his then colleagues at Ernest & Young (EY) worked in conjunction with the General Electric (GE) compliance function to “improve compliance by using forensic data analytics to provide behavioral insights to their compliance program.” They did this through the innovative use of “digital twins” which Walden described as “digital replicas of physical assets that organizations can use for multiple purposes such as the maintenance of power generation equipment, jet engines and heavy machinery.” In a more expansive definition, the consulting firm Gartner, Inc. described “digital twins” as dynamic software models of physical things or systems. Gartner has gone on to suggest “that virtually every connected device eventually could have a digital twin running in simulation so that breakdowns or malfunctions could be predicted in advance — before they occur in the physical world.” The team’s innovation was to move that same digital twin concept into the services world of the compliance professional.
The team began a pilot program which took historical data on a wide range of identified corruption risks such as gifts, travel, entertainment (GTE), business ventures, foreign officials and sales to state-owned enterprises then combined this risk assessment with information on targeted GE employees. Each employee has a “unique entity with distinctive traits, discernible from their job profile and the data about them contained in GE’s systems. The analytics results will ultimately be used to send relevant, just-in-time communications to that GE employee before they encounter a specific compliance risk.” The next step was to develop risk models for each employee in the pilot. These risk models form a risk profile in an employee’s digital twin. The next step was to overlay “Information from customer relationship management (CRM) and sales tools — combined with data showing future activities for the employee, such as travel reservations — enable the P&L-of-One to predict a potential risk.”
All of this information formed the basis of the ‘P&L-of-One’ system to draw “from historic transaction data and applies a series of decision trees to interpret an employee’s risk level and their specific information or training needs in any given situation. GE compliance professionals can make better, more timely or automated decisions that push tailor-made communications to employees.” The GE employees receive specific, almost real-time messaging and communications to help them navigate any bribery and corruption issues that could arise under the Foreign Corrupt Practices Act (FCPA) or other anti-corruption regimes.
The ‘P&L-of-One” provided three key innovations for GE compliance. The first was in the area of ongoing communications and training. GE compliance was able to deliver to its customers “customized, timely and easily consumable information” which “increases possibilities for reduced risk and greater compliance awareness as compared with overly broad compliance training programs traditionally delivered via web or in-person.” But the ongoing communications and training did not simply stop with a specific message or even messaging, as the company “gained insight into employee preferences when it surveyed hundreds of its salespersons operating in a high-risk region to understand how they want messages delivered to them.” Employees also are able to rate the effectiveness of the communications giving GE compliance the feedback it needs to help determine effectiveness. This sounds very similar to what the Department of Justice (DOJ) described in its Evaluation of Corporate Compliance Programs (Evaluation) when it discussed ‘tailored’ and ‘effective’ training.
Walden illustrated these concepts through the following diagram:
A second key discernment was in the area of behavioral insights. Chris Costa, the EY Global FIDS Chief Operating Officer who coordinated his firm’s involvement in the pilot project, said “The most striking argument for the P&L-of-One approach is the integration of data analytics and digital twin concepts combined with the human element of compliance monitoring and communications. By building feedback loops into the system, companies will be able to track what type of communication and delivery seems to be the most effective over time and what content needs to be revised to improve its relevancy. In the long run, this enables companies to continuously improve their compliance program based on machine learning principles.”
They were able to do so by employing messaging around three key concepts; Automated, Intriguing and Relevant. Automated seeks to drive efficiency, provide transparency and facilitate compliance for repeatable processes so that when the system “identifies a situation that has higher-than-normal risk to the organization, the system sends timely communications to the employee to raise immediate awareness to support ethical decision-making. To inspire employee action, the organization develops messaging in a way that’s the most appropriate for the employee, including format, delivery method and mechanisms.” Under Intriguing the pilot project included gamification techniques such as point scoring, competition with others and rules of play with a plethora of media. Walden noted, “Brief and highly visual communications — through emails, text messages, video clips and other mediums — containing links to helpful information and policy reminders, help promote employee action.” The final EY key was Relevant which meant the employee messages were “customized with a person’s risk profile, job function and activities.”
The innovation demonstrated through the P&L-of-One shows how the digital transformation of compliance through true operationalization will not only burn compliance into the fabric of an organization but illustrates how more robust compliance can make a company run more efficiently and, at the end of the day, more profitably. Walden concluded by stating, “The compliance vision of the future seeks to further move compliance towards a more proactive, advocacy role, which helps organizations by providing needed communications, trainings and responses in an automated, intriguing and relevant fashion. This is the compliance vision of the future and what the authors call the P&L-of-One.”
Walden’s work on the P&L-of-One demonstrates yet another innovation in compliance. He and his team were able to create an improved and more efficient business process out of a compliance solution. This is precisely the untapped value of corporate compliance to drive greater business efficiency and higher profitability. It not only manages a compliance risk but makes the entire process more effective