Data analytics allows the core competencies of compliance leaders to shine, and it elevates the compliance function. Don’t let it scare you. Data is just information. Specifically, it’s information used as a basis for reasoning, decision-making, discussion, or analysis. This is not a new concept for compliance professionals. But somehow—the charge to create a “data-driven” compliance program is daunting. Where to start? What’s actually expected? What’s realistic? Timeline? Budget? What’s the real ROI?

To complicate matters, some CCOs have become compliance-style celebrities for creating Death Star-equivalent, data-forward compliance programs. These programs are interesting and very impressive – but there’s also been concern and critique about the perceived shift from a focus on training/ethics/culture to a Big Brother environment. Does “continual monitoring” mean that we gain the ability to know more about our employees and programs in real-time—but at the expense of facilitating a culture of trust? Can we have it both ways? We think we can.

This is how you begin. Have a real think about your program data. Thinking in a “data forward” way entails taking ownership of compliance data. We aren’t simply consumers, but true stewards and owners of our program data.

Some examples common to almost all industries:

  • Data relating to policy and training consumption;
  • Conflicts of Interest data;
  • Third-party data;
  • ESG data;
  • Health and safety data;
  • Gifts and Hospitality data;
  • Cyber data;
  • Hotline / Case Management Data;
  • Trade group activity data;
  • Sales and Marketing
To analyze data, you’ll need to get it into one place.

To build all the piping to create a true data lake is costly and relies heavily on buy-in from management and IT. Alternatively, putting a bunch of flat-file file exports from different systems into a single folder can be burdensome to maintain and will never be close to “real time” unless automated. Nonetheless, you will have some low hanging fruit.

Map your key risks to data sets to which you have easy access.

Would looking at two (or more) categories of data at once tell you something new about a risk area? If so, that’s where to start.[1] Pick a couple of data sets where you have a hunch about potential insights—and aggregate them. Start small, and consider beginning with a data set that the compliance team can access without engaging IT. The goal is to see things you couldn’t have spotted by simply viewing the single data set on its own.

Reporting and visualizations are important.

Not least because executives love consuming information in beautiful pictures. You’ll want the end result to be versatile, so you can dive deep into the weeds with your team or pull the camera back to show other stakeholders only the key insights.

Data analytics is a hot topic and the enforcement agencies are expressly requiring it. But the most exciting part of data analytics is in demonstrating all we do in compliance to add value to the business. We are uniquely positioned to understand how the cogs in the machine intersect. We’ve been doing it the entire time. Compliance professionals have always had to understand the motivations of other players in the business to effectively operationalize our programs.

Reach out to our Data Analytics team with any questions.


[1] If you are only looking at a single data type with more ways to slice and dice, it’s not really analytics—it’s enhanced reporting. That’s a good thing but know that half of what’s being called “data analytics” in the market is really just better visualization and reporting—not to minimize its importance. Visualization is a generally a prerequisite to the more interesting possibilities.

Posted In: