Compliance isn't one of those trendy business buzzwords — it's an ongoing responsibility with very real legal consequences for not taking it seriously. Thanks to emerging laws, there seem to be more ways than ever to run afoul of compliance and reporting requirements. The good news is, there are also more tools than ever before for ensuring our companies stay within the bounds of the law and continually work to protect customers, employees, and shareholders.
Compliance represents a number of different types of challenges. Some of these, like social and political pressures, are the inevitable consequence of globalization. Others, like technological and regulatory pressures, require that companies balance self-interest and convenience with the needs of the environment and human institutions. Here's a look at how technology helps to address each of these in turn.
Cognitive Computing and Natural Language Processing
Regulators constantly adapt their expectations to changes in the political and social climate, and to address new technologies that carry implications for consumer privacy and general well-being. To stay abreast of emerging regulations — and changes to existing ones — companies will increasingly rely on tools like cognitive computing, machine learning, and natural language processing to efficiently digest and parse regulatory texts and identify which company policies, if any, need to be changed to remain in compliance.
It's true that regulations can be cumbersome, but technology like this removes excuses for non-compliance, including ignorance of the law or the length and complexity of the relevant texts. We can reasonably expect this kind of technology to make compliance officers' lives easier and their jobs more efficient. We're not likely to replace these positions with algorithms any time soon, but this does highlight how the right technologies can free compliance officers from poring over lengthy legal texts so they can focus on helping company leadership make informed policy and operational decisions.
IoT, Automation and Big Data
The Internet of Things is considered by many to be the fourth industrial revolution. In addition to vast improvements in productivity, the ability to embed intelligence-gathering technologies into every corner of our business processes also delivers opportunities to design with compliance in mind, streamline reporting, gather data to make future process improvements easier and much more.
When the IoT is combined with big data systems, it results in a framework where multiple business partners can engage with one another in good faith and with greater transparency than ever. In complex supply chains, taking for granted that a neighboring business is upholding their end of the social contract, through automated intelligence gathering, is a huge advantage.
As an example, the U.S. FDA partners with similar organizations in Canda, Australia, Brazil, Japan and the WHO to maintain clear expectations when it comes to the quality and consistency of manufactured medical products. In an industry as heavily regulated as this one, it makes good sense to invest in connected manufacturing equipment to detect issues in advance that may compromise product quality. In this and other industries, the IoT helps in a number of ways:
- Maintenance of assembly equipment is proactive rather than reactive. Companies won't need to wait until a product fails inspection to hunt down the machine responsible for the lapse in quality.
- Robotic inspection systems improve on human accuracy, greatly reduce rates of error and deliver real-time data for manufacturing.
- Environmental sensors remotely detect when shipments of perishable goods at rest or in transit exceed legal limits for temperature, humidity, etc.
Maintaining compliance has, historically, been a task that required constant vigilance and good faith reporting by essential but ultimately fallible compliance officers. Automated and connected systems help make product quality more consistent, recordkeeping far easier, auditing much more straightforward, and deliver compliance-related insights in real-time.
Blockchain is best known as the technology that makes cryptocurrency possible. But it's also emerged as an extremely important ally in compliance — including fraud prevention, reporting, auditing, and traceability.
First is fraud prevention. Blockchain's nature as an immutable record of transactions means companies can enjoy relative certainty that their financial records are free from most types of falsification and fraud. Transactions entered into this ledger cannot be changed after the fact, and each entry can be traced back to the individual or business entity responsible for it.
Then, there's the question of immutable recordkeeping so companies can shield themselves from accusations of noncompliance. A case brought against Coca-Cola in 2010 points to one potential application. One of the company's bottling plants was sued for discriminatory hiring, with the plaintiff arguing that the facility regularly hired equally qualified males over females. The company was ultimately found guilty and fined because they hadn't kept records and didn't have the data to prove their hiring managers were as inclusive as they claimed.
Blockchain could help save companies from running afoul of noncompliance and legal issues by providing a way for company leadership to identify trends in real-time as they're entered into the ledger. Inconsistencies in hiring practices, questionable chains of custody in material sourcing and freight handling, and other red flags, could be more easily spotted and reacted to as information is entered into this single, immutable company record.
Compliance as a Service
Compliance as a Service (CaaS) is a novel addition to the cloud computing tool kit and a way for companies to protect themselves when they rely on data gathered from multiple territories. It's well known that the EU's General Data Protection Regulation has implications that extend well beyond the European Union's borders. Since it pertains to data gathered on EU citizens, even if that data resides outside the EU, it means companies all over the world now have, potentially, multiple sets of compliance rules to keep in mind with respect to customer privacy and data stewardship.
CaaS is where a company in possession of customer data partners with an outside service to keep that data essentially in a "sealed vault" within a private cloud. When the company needs to retrieve a portion of this encrypted data, their CaaS partner ensures the correct actions have first been taken — including data de-identification/anonymization — according to the laws of the territory in question.
Most businesses these days rely on cloud computing and regular access to databases rich with customer and enterprise data, but CaaS ensures, in a globalizing world, that those companies don't run afoul of compliance issues when using that data.
In short, an abundance of new technologies, plus thoughtful uses of existing ones, mean companies should have an easier time going forward and fewer excuses over time for not taking compliance and consumer protections seriously.