computer chip overlay on blue brain

5 Ways Organizations Can Benefit from ML

Heidi Maher, Executive Director of the Compliance, Governance and Oversight Council (CGOG), discusses the machine learning (ML) use cases for compliance and legal teams, plus key first steps for taking advantage of ML technology.

Compliance and legal teams are struggling to keep pace with an ever-evolving regulatory and legal landscape – from constantly tracking employment and office safety standards to understanding complex rules governing ethical employee conduct to dealing with the monumental regulatory, legal, privacy and cost challenges created by new technologies, such as the cloud, social media and the internet of things (IoT).

In this environment, knowing the rules of the road can be every bit as difficult as ensuring employees follow them, which in turn can create critical gaps in both rule tracking and employee monitoring that lead to waste, fraud, abuse and other practices that put a company at risk.

The difficulty of this struggle is exemplified by the state of compliance with the EU’s General Data Protection Regulation (GDPR). Despite more than two years of high-profile educational efforts by the EU, compliance and legal publications and solution vendors, a recent survey from Deloitte found only 35 percent of respondents felt they could demonstrate a “defensible position” on GDPR compliance. Even more surprising, a DemandBase survey found only 32 percent of respondents were fully GDPR compliant and 20 percent were completely unaware of the regulation! And as the implementation challenges around the new California Consumer Privacy Act suggest, complying with privacy regulations will only get more complicated. The particularly bad news for compliance and legal teams is that privacy is just one of many regulatory initiatives facing them.

However, there is good news as well: Machine learning (ML), a technology being adopted throughout the enterprise to support improved business insight and customer experience initiatives, offers huge potential to help compliance and legal teams accomplish many of their most important rule tracking, employee monitoring and documentation activities faster and more accurately at lower cost.

For example, many legal teams are already using ML to power technology assisted review (TAR) for e-discovery document reviews. With TAR, a machine learning-powered database sits under the document review platform and is trained to do the review by analyzing and “learning from” how a team of human reviewers tags a small percent of the documents. A certain amount of iteration is required, but once the system is properly trained, it can be significantly faster and more accurate – and overall less expensive – than human review.

ML can also serve as the foundation for applications that support all aspects of governance and compliance, slashing the time required for key operational processes and leaving time for more strategic tasks. For example, ML-powered applications could:

  1. Track changing global regulatory obligations, expectations and control requirements across the business – supporting the most complex compliance efforts with unprecedented speed and accuracy.
  2. Monitor specific compliance requirements related to surveillance, Foreign Corrupt Practices Act (FCPA), anti-money laundering (AML) and know your customer (KYC). This would enable global companies to quickly identify potentially corrupt employees or partners and reduce the potential for fines by mitigating the issue or self-reporting.
  3. Identify contracts affected by large rule changes. For example, many organizations have used ML applications to identify which vendor agreements are impacted by GDPR.
  4. Automate data classification to determine whether data needs to be retained or disposed. This would serve two vital purposes: reducing costs and risks associated with legal and business retention and also enabling organizations to implement defensible disposal to reduce infrastructure costs.
  5. Facilitate faster and more accurate legal research. For example, by using ML in a class action product liability suit, a company was able to determine its potential exposure and settle the case early in the process. The savings in litigation costs and minimal reputational damage resulted in no perceptible impact on the company’s stock price.

Getting Smart About ML

Machine learning is complex technology, and the potential impact on an organization may not always be easy to understand. To ensure your organization will derive the maximum benefit from the various ML initiatives – and to better understand how it can support your governance processes – consider the following recommendations.

Most important: Act now. Getting up to speed with ML and understanding how to approach it will take time. Delaying getting started may lead to missed opportunities across your organization.

Develop your own ML expertise. Start by looking for existing expertise in your company. Which teams are already using ML (most likely marketing and sales), and who can best educate you on how it works? Consider a new hire or using a consultant to bring in the expertise you don’t have internally. Published articles and vendor-produced case studies are also helpful. Then map out the critical issues you need to understand for new ML initiatives and how ML can improve your governance practices.

Closely track the progress of ML use cases across your organization. It’s critical to assess whether these projects are compliant with evolving data regulations. You also need a clear understanding of your company’s future goals. As you go through this process, you may also be able to see what other departments or processes may benefit from ML and your input.

Make the business case for how ML can support governance processes. Pull all your information together to propose using ML to support specific governance processes. Start with small projects that will show a clear ROI, then expand from there. For example, you may want to start with TAR, which has a proven track record.

Ultimately, the value of ML depends on the quality, connection and volume of the data within your enterprise, so the full impact can’t be gauged until you begin experimenting with your data, revealing noteworthy patterns and running proofs of concept. The time to start doing this is now.


Heidi Maher

Heidi Maher is an attorney and a legal technology specialist who has advised hundreds of organizations on information governance around data security, compliance and eDiscovery. She is the Executive Director of the Compliance, Governance and Oversight Council (CGOC), a forum of over 3,800 legal, IT, records and information management professionals from corporations and government agencies. For over a decade, CGOC has been advancing governance practices and driving thought leadership across the industry.

Previously, Heidi was a legal subject matter expert for a fortune 150 technology company, a felony prosecutor, a litigator, and an assistant state attorney general. She is Certified Information Privacy Manager.

Related Post

Got Compliance News?

We do!  Sign up for CCI’s free weekly eBlast to get GRC news, views, jobs & events delivered to your inbox once a week.  Cancel anytime.

Click to Subscribe.