No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Often-Overlooked Factors in Risk Management

by Scott LaVictor
February 23, 2018
in Featured, Risk
untouched office phone on desk

Driving Down Risk, From the Cubicle to the C-Suite

Effective employee engagement and reporting is key to accountability and effective risk management. So why are we not paying more attention to how today’s workforce prefers to communicate?

with co-author Jay R. Taylor, CEO of EagleNext Advisors

We are entering an era in which seemingly every decision made by managers of fraud prevention, audit, security and ethics are reviewed not just by C-Suite leadership and board members, but also after-the-fact by regulators, stockholders and the public. In financial services, managers of risk from across the enterprise, as well as directors and board members, are finding the evolution from an emphasis on meeting compliance obligations to a longer-term focus on organizational values, ethics and culture to be challenging. Ensuring that you have unvarnished observations from every corner and level of the organization is key to ensuring that you can meet the expectations of both internal and external customers and stakeholders.

A core responsibility of senior leadership and the board of directors is ensuring communication channels for employee reporting of workplace concerns are both available and effective.

As a senior executive or board member, you are probably aware of information gaps and are concerned. You don’t want to learn about events in the headlines or when reporters begin calling you for comment. One way to ensure you learn what is really going on in your organization is to listen more effectively. Each and every staff member, contractor or vendor connected to your organization may possess vital clues that too often remain undiscovered until after the fact.

While the quality of employee engagement and awareness campaign techniques has steadily improved in recent years, the same cannot be said for employee reporting channels. Evidence for this comes in part from a recent anonymous poll conducted by the creators of Neighborhood Watch® for Corporations. Results revealed that 45 percent of employees in financial services, health care and advanced manufacturing sectors observed behaviors of concern at least once within in the last year – harassment, fraud or a safety issue, for example – but did not report it to management. Fully 30 percent witnessed more than one concerning issue or incident and chose not to report it.

The False Sense of Security Created by a Reliance on Outdated Employee Reporting Channels

It is fair to expect your entire staff to support efforts to combat issues such as fraud and sexual harassment by speaking up. Let’s face it though: a certain percentage of employees are simply not going to “say something when they see something.” Some will always speak up.  Still others – probably the majority of employees – will share details of a concern if you make it easy for them to do so. For this to occur with any regularity, however, you need to ensure that the reporting process meets expectations regarding user experience, convenience and confidentiality.

Anecdotal evidence is everywhere that impersonal communication preferences have changed for the vast majority of the workforce. Walk down any hallway at work these days and you risk running into someone who is focused on a text or app rather than where they are going. Recent studies support this shift, as Americans age 55 and under now text and email at least as much as they make phone calls.[1]

Beyond traditional third-party phone hotlines, consider that the average employee faces a multiplicity of internal safety, human resources, ethics and security hotlines, forms and departmental email addresses for sharing their concerns. For a workforce faced with endless opportunities for distraction, any barrier to reporting – from confusion over which channel to use, to an aversion to making calls, to concerns about anonymity when using a form or email – increases the risk of them dropping out of the reporting pipeline. Thus, several redundant methods of communication scattered across the enterprise, rather than a single multi-faceted entry point, may actually be increasing risk.

Context is King (or Queen)

In addition to the challenge of utilization, traditional communication channels such as hotlines, forms and general departmental emails share an additional shortcoming in that they collect only basic information. Said another way, they record what someone wants to say, rather than what the experts who respond to concerns need to know. Without situational context, investigators and responders often lack the details needed to most effectively follow up. This results in investigations and remediation efforts that take longer to conduct and are at risk of being misguided or incomplete. Beyond recent headlines about failures in addressing sexual harassment or cybersecurity breaches, an indication of the risk/reward of effective employee reporting is provided by the 2017 ACFE Report to Nations. In their essential annual report, ACFE revealed that the cost of an average incident of fraud doubles from $100,000 to $200,000 when the organization lacks an effective employee hotline.

The era of counting on staff to walk into your office or make a call to share a concern is over. The key to maximizing your limited resources and preventing incidents remains increasing proactive engagement with the “eyes and ears” of your entire workforce, as well as ensuring that engagement results in increased efficiencies from the capture of relevant, actionable context. Why then are most companies still relying on increasingly outdated employee reporting methods to capture information that could prevent or mitigate potentially harmful incidents that carry with them massive costs?

Augmenting and Engaging Your Workforce with Artificial Intelligence-Powered Apps and Bots

Those tasked with responding to fraud, harassment and other incidents almost always prefer in-person reporting. That said, augmenting communication regarding workplace concerns with an AI-powered platform can provide a decided advantage in the battle to mitigate costly risks. More comprehensive and flexible than static forms, expert systems or decision trees, a solution that utilizes AI has the power to mimic a range of expert interviews in an app or desktop interaction.

The specific enabling technology behind the ability to employ this type of an intelligent reporting platform is machine learning, the subset of AI that focuses on the use of algorithms to process data in a way that informs useful predictions. A significant drawback to this approach, however, is that it requires large volumes of data from which knowledge engineers draw fuel to train these systems. This is a significant challenge in areas such as investigation of security, safety, ethics and other risk management issues, where large sets of training data are lacking. Thus, any effective solutions must instead rely on a carefully curated source of data based on inputs from subject matter experts.

Perhaps owing in part to the challenge of obtaining and curating expert knowledge, the few existing reporting tools that advertise use of AI employ it to support relatively basic interactions. The most common example of this are the chatbots you often see on websites in support of customer service. These tools also rely on natural language processing (NLP).  Like machine learning, NLP is a subset of AI and deals more specifically with understanding the complexities of human language. While useful for basic interactions, solutions that focus on NLP do little to add to the context on which effective responses to critical issues rely.

Take the case of computer theft. Traditional forms or scripted hotline calls, whether or not powered by NLP, would treat the theft of a computer and a hammer the same way – an object has been stolen. In contrast, a system that uses machine learning with training data created by vetted subject matter experts would appreciate that the actual issue at hand is data security and privacy and will then intelligently guide the user through an interaction focused on those issues.  Similarly, an investigation into allegations of sexual harassment, money laundering or fraud might take a dramatic turn with the addition of context beyond who was involved or when the incident happened.

Can AI-powered mobile apps improve employee reporting and reduce the time and money spent on obtaining and responding to workplace concerns?

Within the financial services community, much is being made of convergence between AML, fraud prevention, loss control and cybersecurity. Done right, bringing together these kindred resources, skills and perspectives can be a powerful asset. The same is true with regard to the reporting tools that many times play a critical role in kicking off investigations and/or risk mitigation efforts. Meeting the workforce on their terms with an intelligent, mobile-first solution, partnered with desktop and telephone reporting mechanisms, you increase coverage and introduce efficiencies similar to that of ATMs or airport check-in kiosks.

Rather than replacing employees, this approach augments the relatively small number of security, ethics, safety, audit or HR professionals in the average workplace, allowing these key personnel to focus on high-value tasks. Just as important, recent studies have shown that automated interviews on mobile devices increases both disclosure and precision. Likewise, allowing users to respond when and where they want generally increases their levels of satisfaction with the experience.[2]

Yesterday’s single-issue telephone hotlines provided a “check the box” solution for compliance with SOX, HIPAA and OSHA reporting. Most companies also continue to rely on mix of internal phone extensions for reporting safety and security issues. The advent of email and web forms extended employee engagement on these and other workplace issues and incidents to the desktop. Like telephone hotlines, however, these methods are now outdated. Rather than a security blanket, relying solely on these methods actually invites underreporting and, eventually, will result in a lack of notice and accountability regarding costly incidents that could have been prevented.  Savvy leaders, however, will appreciate that meaningful workplace intelligence regarding a range of risk management issues will in the future rely on a meaningful combination of artificial intelligence and, for now, mobile-first design.

[1] Pew Research Center, April, 2015, “The Smartphone Difference” Available at: http://www.pewinternet.org/2015/04/01/us-smartphone-use-in-2015/

[2] Michael F. Schober, Frederick G. Conrad, Christopher Antoun, Patrick Ehlen, Stefanie Fail, Andrew L. Hupp, Michael Johnston, Lucas Vickers, H. Yanna Yan, Chan Zhang, “Precision and Disclosure in Text and Voice Interviews on Smartphones.” Department of Psychology, New School for Social Research, The New School, New York, New York, United States of America


Tags: Artificial Intelligence (AI)Board of DirectorsHarassmentMachine Learning
Previous Post

Economic Sanctions Compliance in the Age of Blockchain

Next Post

4 Risks that Keep Your CIO Up at Night

Scott LaVictor

Scott LaVictor

Scott LaVictor is CEO at Arbor Insight, home of Neighborhood Watch for Corporations®, an intelligent software platform that reduces costs related to safety, security, ethics and compliance while helping build safe, secure and trustworthy workplace neighborhoods. Scott spent 13 years with the Central Intelligence Agency, conducting intelligence operations around the world. He was also Manager of Investigations for a Fortune 150 manufacturer where he addressed challenges related physical and cyber security, fraud, ethics and counterfeiting.

Related Posts

tech fluency_n

Not Your Grandpa’s C-Suite: Improving Tech Fluency at the Top of the Organization

by Jim DeLoach
January 18, 2023

In our hyper-connected world, just about every company is a tech company. As commerce and technology become increasingly intertwined, it’s...

hottest takes

The Hottest Compliance Takes of 2022

by Staff and Wire Reports
December 14, 2022

Nobody was canceled for anything they wrote for our pages in 2022 — at least that we know of. But...

board personalities

Arsonists, Long Rangers & the Impact of Personality Types on Board Governance

by Rob Kunzler
December 14, 2022

It’s easy to think of your company’s board of directors as simply a group of individuals. But OnBoard’s Rob Kunzler...

cci top 10 stories collage

Top 10 Compliance Stories of 2022

by Jennifer L. Gaskin
December 7, 2022

The more things change, the more they stay the same. This time last year, we summarized the top 10 ESG...

Next Post
woman lying in bed awake at 3 am

4 Risks that Keep Your CIO Up at Night

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT