FCPA Data Analytics

Registration & Breakfast

Opening Remarks from the Co-Chairs

Nkechi Iheme
Global Anti-Bribery Lead and Senior Counsel
Google

Bryan Judice
Global Head of Compliance Data Analytics and Monitoring
Panasonic Corporation of North America (PNA)

Developing Your Risk Profile: Utilizing Data Analytics for Risk Assessments and Identifying Compliance Weak Spots

James Griffin
Vice President Risk & Compliance Americas and Global Compliance Operations
American Express Global Business Travel

Travis Hunter
Senior Vice President, Financial Crimes Compliance, US Head of Anti-Bribery and Corruption
HSBC North America Holdings Inc.

Compliance programs must be customized to the challenges facing each company; and be comprehensive enough to deal with all of the risks the company has identified. An effective risk assessment is crucial, and should begin with a detailed picture of the compliance landscape your company operates in.

Since your compliance efforts should be aimed squarely at the risks that are most critical to your business, it is important to identify all of the variables that that represent the threats and dangers.

In this session we will examine best practices for identifying the threats and developing your risk profile, such as:

• Developing an understanding of the current state of affairs; finding out what risks already exist; and documenting the key company processes, systems, and transactions that need to be monitored for risk
• Ensuring a full understanding of your business operations when conducting a risk assessment
• Mapping out the potential risk contact points that exist throughout your company 
• Assessing the current controls in place to prevent, detect, and correct violations
• Determining and prioritizing the compliance enhancement measures you undertake
• Updating your risk assessment periodically

Data Acquisition – Accessing and Capturing Clean, High-Value Data Across Contrasting Systems and Multiple Data Sources

Gurkan Ay
Director
Resolution Economics

Jeannine Lemker
Senior Global Ethics & Compliance Director
Major, Lindsay & Africa

Andrew McBride
Chief Compliance Officer
Albemarle Corporation

After mapping your risk profile, the next step is to ensure that you are acquiring internal and external data from reliable sources. During this session our speakers will review real-world examples of data output reports; discuss how to assess the data; and, determine if the program is capturing the right data.

Key Topics:

• Defining high-value data and progressively accessing it – to avoid accessing everything all at once
• Collecting data across multiple different systems and assessing what data is important; what data is being captured; and what data is not being captured accurately
• Identifying data sources and deciding how to aggregate the data to ensure good input and output
• Evaluating the internal and third-party data analytics tools that are available, and deciding which data feeds your organization can leverage
• Cleaning the Data by utilizing a continuous feedback loop to eliminate false positives

Networking Break

Data Governance: Managing Integrity, Conducting Risk Scoring and Handling Exception Processes

Joshua Black
VP, Editorial
Diligent Corporation

Andy Gandhi
Global Leader, Data Insights and Forensics
Kroll

An effective data governance program is comprised of many moving parts, as critical data can be coming in from a variety of sources, documents, systems, and technologies that are needed to run operations. In addition, it is crucial to evaluate existing and available resources – budget, personnel and technology – to navigate and prioritize areas of higher risk.

Join us in this session as we review key considerations when developing an effective data governance program, such as:

• Do compliance and control personnel have the appropriate experience and qualifications for their roles and responsibilities?
• Has there been sufficient staffing for compliance personnel to effectively audit, document, analyze, and act on the results of the compliance effort?
• Determining what to do when payments and expenditures are above aggregate risk score thresholds:
• Define what constitutes a red flag
• Understand the details of the activity – and analyze whether approvals, third parties, amounts, and circumstances align with existing policies and procedures
• Track and document each follow-up activity
• Assess remediation and consider whether follow-up risk assessments, communication and/or discipline is necessary
• Using data feeds for continuous risk re-assessments and monitoring program upgrades
• Providing training and ongoing support to ensure that employees and third parties can analyze incoming data to determine if it is consistent and trustworthy
• Steps to take when data reveals employees and third parties are not following critical policies:
• Understanding whether any controls failed
• Determining if the employee received the appropriate compliance training – and if the compliance expectations were extended to third parties
• Performing the appropriate investigative steps and addressing remediation
• Deciding if additional predictive and detective measures should be implemented

Implementing Automated Transaction Monitoring Applications for Real-Time Risk Detection and Analysis

Maureen Mohlenkamp
VP, Chief Ethics & Compliance Officer
DXC Technology

Reynaldo Goto
Chief Compliance Officer
BRF (Brazil)

Ana Iacovetta
Chief Compliance & Ethics Officer, VP and Deputy General Counsel
VMWare

Bryan Judice
Global Head of Compliance Data Analytics and Monitoring
Panasonic Corporation of North America (PNA)

A data-driven compliance program requires having the monitoring tools that are necessary to retrieve data from multiple systems, databases, and different parts of the business automatically; both domestically and internationally. This often leads to the necessity of having the IT department build such a program in-house; and having data scientists analyze all of the data for risk identity and assessment.

However, many successful compliance analytics and transaction monitoring initiatives can be utilized with applications that do not require the construction of a costly and complicated on-premise infrastructure. The advantages of utilizing such applications from a compliance standpoint, is they put more control in the hands of the compliance team instead of IT – which may not prioritize the transactions in the same way.

Key Takeaways for this session:

• Determining the next steps for the compliance team when addressing payments and transactions that are above aggregate risk score thresholds 
• Ensuring the data feeds and monitoring tools are coming in and working in real time – and developing processes for determining what warrants internal investigations and further action
• Which transactions to monitor and how to monitor them:
• Gifts
• Donations
• Effective feedback through communications and HR teams
• Identifying the solutions and applications that are needed to risk-rank transactions and geographic regions; to readily identify areas that require enhanced due diligence and potential internal investigations
• Equipping the compliance team with data and “actionable insights” early in the transaction lifecycle, so they are able to make better-informed decisions

Networking Lunch

Special Keynote

Matt Galvin
Counsel, Compliance & Data Analytics, Fraud Section
U.S. Department of Justice

Using Data Analytics to Measure the Effectiveness of Your Compliance Program: Concrete Examples of Using Metrics and KPIs to Evaluate Risk Detection and Compliance Red Flags

Ally Bandoian
Manager
Resolution Economics

Zachary N. Coseglia
Managing Principal and Head of Innovation
R&G Insights Lab

Carl Hahn
VP and Chief Compliance Officer
Northrop Grumman Corporation

Recent DOJ guidance stresses to companies the importance of leveraging data analytics and other objective evidence to demonstrate a compliance program is working effectively and manages its compliance risks. As such, metrics-driven solutions are needed to align compliance accountability; and embed a proactive compliance function on the first line of defense.

By utilizing compliance metrics to identify corruption risks early, companies are in a better position to reduce risks and understand whether the correct controls are in place.

Key Takeaways:

• The importance of tracking the numbers at regular intervals, and keeping records over an extended time period; in order to have a firm grasp on trends, and the ability to compare where you are now versus where you started
• Determining which compliance metrics to measure, and comparing them to industry standards and benchmarks for improved predictability
• Assembling qualitative data-gathering tools – such as surveys and questionnaires – to encourage adaptability  and accountability 
• Concrete examples of metrics used for assessing and analyzing risk

Networking Break

Audience Polling – Case Study

Behind the Scenes of Building an Effective Data Analytics Program: How to Know if You Are Achieving True Data-Driven Compliance and Monitoring

Bryan Judice
Global Head of Compliance Data Analytics and Monitoring
Panasonic Corporation of North America (PNA)

Kwame Manley
Partner
Paul Hastings, LLP

This session will walk you through a practical case study that defines how to get started and refine your blueprint for effective data-driven compliance and monitoring.

Topics will include:

• The goals for those compliance analytics efforts
• Detailed walk-throughs of those compliance analytics efforts
• Approaches to building such programs (e.g., internal, external or hybrid) and the resources needed
• Identifying the data needed, the process for acquiring the data and overcoming challenges around data availability and quality
• Connecting monitoring programs with existing or new pre-approval systems

Utilizing Artificial Intelligence and Machine Learning for Investigations and Compliance: The Latest Best Practices and Innovation for Upgrading Your Approach

Andrew McBride
Chief Compliance Officer
Albemarle Corporation

Natalia Shehadeh
SVP & Chief Integrity Officer
ABB (Switzerland)

Praneeth Vepakomma
Researcher
Massachusetts Institute of Technology

Vincent Walden
Chief Executive Officer
Kona AI

AI and ML technology can improve the efficiency of compliance operations and reduce costs in today’s data-driven compliance environment, by autonomously categorizing compliance-related activities and alerting them to important updates, events and activities.

In this session we will discuss the advantages and best practices for leveraging AI and ML in your compliance program:

• Conducting periodic reviews of your risk assessment program, based on continuous access to operational data and information over time and across functions
• Leveraging Machine Learning by learning from past data and past transactions, and by reviewing false positives
• What can be gleaned from anomaly detection
• Feeding back learnings from algorithms and human learning that allow you to leverage AI and ML toward making them more predictive
• Managing risk around your third-party organization over the “lifespan” of the relationship
• Identifying emerging risk factors before they become a broader compliance concern—and assessing whether or not a review or an internal investigation is needed

Networking Cocktail Reception and Registration for Main FCPA Conference