FCPA Data Analytics

Remarks from the Co-Chairs

Bryan Judice
Senior Director Compliance, Office of Compliance & Ethics
Panasonic Avionics Corporation

Tara Palesh
Senior Director, Compliance Analytics CoE Lead
Pfizer

Kara Brockmeyer
Partner
Debevoise & Plimpton

Defining Your Risk Profile and Cross-Functional Team to Achieve Effective, Data-Driven Compliance and Monitoring

Bryan Judice
Senior Director Compliance, Office of Compliance & Ethics
Panasonic Avionics Corporation

Andrew McBride
Chief Compliance Officer
Albemarle Corporation

Aditya Yerramilli
Data Analytics & Forensics Manager, Global Ethics & Compliance
Google

This opening session will discuss the real-life, unwritten rules of the road for developing and revisiting your data analytics program-with a focus on how to tailor your policies to the contexts of your industry and organization.

Each part will walk you through a practical case study to illustrate how to get started, and how to refine your blueprint for effective, data-driven compliance and monitoring.

Part I.
The Unwritten Rules for Conducting Risk Assessments and Determining Metrics: Configuring Risk Parameters to Facilitate Data Integrity and Effective Corporate Policies

• Ensuring a full understanding of your business operations when conducting a risk assessment
• Assembling qualitative data-gathering tools such as surveys and questionnaires
• Concrete examples of metrics used for assessing and analyzing risk
• Marrying qualitative and quantitative data to effectively measure risk and compliance weaknesses

Part II.
Implementing a Data-Monitoring System

Delegates will gain insight from case study examples of how to monitor data and learn how to create a fluid and adaptable program.

• Getting started using pilots, existing data and unstructured data, including emails, salesforce, notes
• Updating configuration of risk parameters based on new business risks-need fluid and adaptable program
• Identifying what pieces of data are important to collect to produce reports and dashboards
• Deciding what you want to monitor, including what policies you want in place
• Deciding what pre-approval systems need to be set up before a monitoring program
• How to monitor spend (i.e. payments, vendor spend, employee spend)

Part III.
Assembling the Right Cross-Functional Team: The Lesser-Known Pitfalls—and Best Practices for Creating Synergy and Efficiencies

Delegates will be invited to benchmark with fellow participants during this live anonymous polling on key topics, including:

• Assembling your cross-functional team and working with partners to achieve mutual goals
• Engaging relevant stakeholders early, including owners of relevant systems, addressing data security issues, defining peer roles and responsibilities
• Coordinating with IT partners to assist with monitoring
• Operationalizing policies: How to effect company-wide implementation and buy-in with effective employee training
• Real-life examples of how compliance and legal can partner with IT, HR, finance and compliance
• Key IT security controls to incorporate and upgrade
• Determining whether key personnel have sufficient direct or indirect access to relevant sources of data for timely and effective monitoring and/or testing of policies, controls, and transactions

Live Demos and Virtual Tradeshow

Save your spot to see live demos toward determining the best fit for your organization. Learn more about dashboards and how you can use them. See real-world examples of how a solution can be tailored to organizational needs—and more.

1:1 Networking

Make new connections, face-to-face through a series of random 1:1 meet-ups. Expand your network and exchange contact details!

Break

Data Acquisition and Dashboards: How to Know if You Are Accessing and Capturing the Highest Value Data Across Disparate Systems and Data Sources

Alan Gibson
Director of Legal Compliance Innovation
Microsoft

Zachary N. Coseglia
Managing Principal and Head of Innovation of R&G Insights Lab
Ropes & Gray LLP

Tara Palesh
Senior Director, Compliance Analytics CoE Lead
Pfizer

After calibrating your risk profile, the next step is the exercise of acquiring the right data from the right sources. During this practical session, speakers will review examples of data-output reports, discuss how to assess the data, and whether the program is capturing the right data.

• How to use pilot programs before rolling out your program
• Delineating what is highest value data and how to access it
• Staging access to data vs. accessing everything at once
• Assessing what data is important, what is being captured and not being captured accurately
• Collecting data across disparate systems
• Identifying data sources, ensuring good input and output and deciphering data integrity
• Evaluating the data analytics tools already being used in your organization, and the data feeds you can leverage
• Deciding how to aggregate data: Key factors to consider
• Leveraging third-party analytics
• Determining which data feeds to leverage, including core spend systems, ERP, SAP, CUPA for purchasing and invoice management, T & E, and compliance pre-approval systems
• Gaining access to data, including engaging relevant stakeholders early such as owners of relevant systems
• Working closely with owners of vendor master data and assessing data integrity (clear vendor expense categories, GL codes)
• Coordinating with legal, privacy and audit teams

“DUMMY” DATA DASHBOARDS & DILEMMAS

Testing Your Data and Testing Your Program: The Finer Points of Assessing Data Integrity

Jelena Majkic
Associate Director, Compliance Operations and Monitoring
Alexion Pharmaceuticals, Inc.

Kara Bonitatibus
Head of Product
Lextegrity

After you have isolated the correct data, discover what dashboard functions will suit your needs. Follow along as experts show how data can be interpreted on different platforms.

This session will be instructive and will include an opportunity for delegates to interact with a data program using dummy data.

• Utilizing dashboards and understanding their functionality
• Keyword tracking and content effectiveness dashboards

AUDIENCE POLLING

The Unwritten Lessons for Investigations: How Companies and Outside Counsel are Now Leveraging Analytics, AI and Machine Learning

David Turner
Senior Managing Director, Co-Leader of Data & Analytics, Forensic & Litigation Consulting
FTI Consulting

Kara Brockmeyer
Partner
Debevoise & Plimpton

Steve Spiegelhalter
Managing Director, North America Investigations Practice Leader
Alvarez & Marsal Disputes and Investigations, LLC

Delegates will be invited to compare notes with speakers and participants on data acquisition and governance for effective internal investigations.

• Mining and interpreting data over the course of an investigation
• Concrete examples of extracting and leveraging data for effective decision-making and risk management
• Managing the interplay of GDPR and more privacy law restrictions affecting cross-border data collection and transfers

Closing Remarks & Conference Adjourns

Opening Remarks from the Co-Chair

Your Data Governance Action Plan: A Real-Life Rundown of How to Address Red Flags, Conduct Risk Scoring, Fine-Tune Policies and Handle the Exception Processes

March D. Coleman
Legal Director
Merck & Co., Inc.

Aaron Lee
Compliance Director
Amgen

Nebiat Kidane
Director
BDO

Sonia Zeledon
Global Legal Executive, Strategic Board and Business Advisor | Head of Privacy and Compliance
The Hershey Company

Delegates will gain insight from case study examples of red flag reports that lead to policy reviews, updates and investigations.

• Addressing payments and transactions that are above aggregate risk score thresholds. What are the next steps for the compliance team?
• Using data feeds for continuous risk re-assessments and monitoring program upgrades
• Ensuring monitoring tool is in real-time to flag issues before it’s too late
• Processes for determining what will warrant internal investigations and further action
• Steps to take when data reveals employees and third parties are not diligently following policies for ex. Meals, expenses-needing buy-in from cross-functional leaders and their ongoing commitment
• Dealing with “grey” areas-and implementing exception processes to address them
• Addressing payments and transactions above aggregate risk score thresholds, and following-up with compliance team to assess drivers and risk score
• Assessing the severity of red-flags and the need for policy improvements Collecting data on third-party management, and reputational monitoring
• Integrity screenings
• Payments monitoring
• Distributor pricing monitoring
• Travel & Expense monitoring
• High-risk transactions with public officials or public institutions
• Tracking employee engagement
• Proxies for measuring ethical health
• Tender processes
• Tracking sponsorships and donations

HYPOTHETICAL EXERCISES

Leveraging AI and Machine Learning to Optimize Algorithms, Predictive Capabilities and Compliance Monitoring

Jared Crafton
Managing Director, Advisory Services, Fraud Investigation & Litigation
BDO

Travis Hunter
Senior Vice President, Financial Crimes Compliance, US Head of Anti-Bribery and Corruption
HSBC North America Holdings Inc.

Sarah Foley
Deputy Compliance Officer and Director of Compliance
Patterson Companies, Inc.

During this practical, interactive session, faculty members will take you through a series of hypothetical scenarios and provide best practices for:

• Conducting periodic reviews of your risk assessment program, based on continuous access to operational data and information across functions,” and not just based on a “snapshot” in time
• Leveraging Machine Learning by learning from past data and past transactions, and by reviewing false positives
• What can be gleaned from anomaly detection
• Feeding back learnings from algorithms and human learning that allow you to leverage AI and ML toward making them more predictive
• Managing risk around your third-party organization over the “lifespan” of the relationship
• Identifying emerging risk factors before they become a broader compliance concern—and assessing whether or not a review or an internal investigation is needed
• Examples of further upgrades to data monitoring
• Which types of platforms are more likely to become more predictive

1:1 Networking

Make new connections, face-to-face through a series of random 1:1 meet-ups. Expand your network and exchange contact details!

Break

DATA GOVERNANCE and INTEGRITY EXERCISE

Carrie Ashcom
Vice President, Global Compliance Monitoring & Internal Controls
Zimmer Biomet

James Griffin
Director of Risk and Compliance Operations and M&A Integration
American Express Global Business Travel

Vincent M. Walden
Managing Director, Forensic Technology: Regulatory & Compliance Intelligence
Alvarez & Marsal Disputes and Investigations, LLC

Delegates will be invited to benchmark with fellow participants during this live anonymous polling session. Gain the latest know-how for working closely with owners of vendor master data and assessing data integrity.

Delegates will gain insight from case study examples of how to address red flags, approach risk scoring and aggregate risk scores, and document follow-up and remedial actions within a dashboard platform.

AI & Ethics — Industry Shares Experiences for Effective Implementation of an Ethical AI Framework and Code of Conduct

Carl T. Hahn
Vice President and Chief Compliance Officer
Northrop Grumman Corporation

Glenn Leon
Senior Vice President and Deputy General Counsel, Chief Ethics & Compliance Officer
Hewlett Packard Enterprise

Christina Montgomery
Vice President & Chief Privacy Officer
IBM

Part I.
Developing an AI code of ethics that mirrors your organization’s code of business conduct

• Exploring how artificial intelligence will be used in a specific job function, and how AI can help to achieve specific goals How is the company using AI?
• Where does this happen within the organization?
• Which job functions should be thinking about AI and ethics?
• Which data is (and isn’t) being fed into the algorithms?
• The finer points of consent and permission forms from customers, clients, employees and partners
• Identifying if third parties will be handling sensitive data, and, if so, for what purpose
• Ensuing that the third-party access to data aligns with the organization’s values

Part II.
Embedding an ethical framework into AI by aligning AI systems with the organization’s core values

• Ensuring that AI systems align with legal and compliance imperatives, including regulations, data privacy and cyber-security
• How to determine if the AI solution’s intended purpose align with the organization’s mission and values
• How do you get consent around the data? Do customers need to be informed, for example, that you’re capturing their data?
• Should there be a reporting process in place to escalate issues concerning ethical lapses in AI?

Part III.
Conducting an AI ethics gap analysis and identifying next steps

• Testing and monitoring the validity of the data
• Reducing the risk of inherent biases and inaccuracies
• Ensuring sensitive third party data is handled in accordance with ethical AI standards

Part IV.
Educating, training and establishing a culture of accountability and inclusion

• Training team members who make extensive use of AI in their job functions
• Educating team members to spot and mitigate bias within AI applications when developing algorithms
• Fostering and sustaining a “see something, say something” culture that complements an AI ethics policy
• Ensuring employee concerns and complaints of potential ethical lapses created by AI are appropriately handled, including anomalies and fraudulent payment transactions

Closing Remarks from the Co-Chairs