What does data mean? Does is lie, is it misinterpreted or simply misunderstood? The Man From FCPA has long considered data, even big data an important part of any best practices compliance program going forward. But what insights should a compliance practitioner draw from data and is it the right one going forward? Moreover, is gathering the data is only one part of the equation and interpreting it correctly even more important. One could point to the recent failures of polling in the Untied Kingdom over Brexit and in the United States over the recent presidential election as examples of wider failures in both data collection and data interpretation.
One of the most obvious areas is around hotline reporting. If your company does not have many or even no hotline reports of unethical, illegal or even conduct which violates your Code of Conduct, does that mean there are no problems, issues or even concern? Perhaps, but it may also be symptomatic of larger problems within your organization such as fear of retaliation, lack of training, and education of the hotline or simply non-functioning technology, in that your hotline does not work.
What about the effectiveness of your online training? Is a written 10-question test sufficient to determine whether your employee base has understood the nuances of your anti-corruption compliance program? Does the score for an accounts payable clerk in your corporate home office in the United States matter as much as the foreign-based account representative? Most probably not, but have your factored in the risk ranking for these persons in determining effectiveness?
Many of these questions are still being explored in the compliance profession. Data input, analytics, and analysis within an organization is not a zero sum game but one which must be continually managed, tested and recalibrated. The holy grail of data analytics does not generate perfect information going forward. It is about how you use the data as much as the data itself.