Developing a Data Analytics-Enabled Compliance Program for the Real World

CEP Magazine | April.22.2020

This is the first article in a two-part series.

In a speech at the Government Enforcement Institute in September 2019,[1] Deputy Assistant Attorney General Matthew Miner raised a few eyebrows when he said that Department of Justice (DOJ) lawyers would scrutinize whether and how a potential enforcement target used data analytics to “analyze or track its own data resources—both at the time of the misconduct, as well as at the time [DOJ is] considering a potential resolution.” On their face, these comments were most directly targeting “compliance-oriented companies in the securities and commodities trading space,” but they came near the end of his remarks describing the broader efforts of DOJ’s Fraud section. Miner acknowledged that “the subject [of data analytics] doesn’t fit as well with the other aspects of these remarks.” However, he insisted “the topic actually does fit thematically.” So how must compliance professionals respond to Miner’s remarks?

In this two-part series, we will discuss how compliance programs can become technology- and data-ready to improve outcomes, prevent misconduct, and withstand government scrutiny. Not all compliance departments can access and unlock a company’s data and technology resources. Such compliance programs are in the pre-maturation phase. This article will offer advice to pre-maturation phase companies and suggest steps to begin building out a technology- and data analytics–enabled compliance program to perform effectively and cost-efficiently. A company enters the post-maturation phase once it gains capabilities to access and unlock data and technology. In part two of this article, we will discuss considerations important to building a proactive compliance monitoring solution in the post-maturation phase.

Companies with a still-maturing data analytics program should proceed in three steps.