Why Avoiding Communication Compliance Quandaries Puts Your Organization At Risk
Fifty-four percent of compliance professionals expect their personal liability to increase for compliance failures of their firms, according to the Thomson Reuters Cost of Compliance 2018 Survey. With recent fines for Financial Services firms with oversights in compliance supervision for electronic communications ranging upwards of $32 million, it is no surprise that compliance teams want to limit communication types and channels at their firms. In Part One of this three-part series, we discussed some of the internal tension between business and compliance teams when it comes to implementing new communication technologies. In this blog post, we’ll examine why hope isn’t an effective compliance plan and layout key considerations for organizations to pursue as they modernize their digital communication arsenal.
Imbalance Brings Risk
As previously established, internal misalignment between compliance and business teams can lead to major problems for organizations seeking to implement new digital communication technology. If the compliance unit shuts down the adoption of video or social technology in order to prevent risk and avoid potential fines, the organization faces an opportunity cost and leaves the door open for more progressive and innovative competitors. Specifically, as mentioned in Part One, using new communication channels like video marketing and personalized sales videos can improve key sales and pipeline metrics by 30 percent. Not adopting such a clear benefit due to compliance pushback paves the way for competitors to grab market share.
Similarly, an organization driven solely by business considerations runs the risk of compliance and regulatory mishaps, potentially leading to fines or loss of consumer trust. Facing a $2 million fine for not properly supervising communications could be the outcome of not properly implementing new tech with compliance. Worse yet, organizations can swing from one perspective to the other, increasing risk with each extreme position taken. This can create a vicious cycle where lack of innovation stemming from excessive compliance roadblocks leads to less growth and less profit. Then, the slow growth and business pressure leads employees and organizations to take too many risks that may violate regulations and hurt customers.
Mitigating Regulatory Risk
It’s important for organizations to understand the regulatory perspective as technical complexity increases. New technology brings new communication channels which are avenues for conducting business, but can lead to rules violations, especially when the pace of growth exceeds specific regulations. Regulators expect companies to make a good-faith effort to understand and uphold the requirements for monitoring any communication channel used to conduct business; ignorance is not an excuse for non-compliance.
It is a new era of personal accountability for compliance professionals where the regulations increasingly include expectations of knowing what is communicated and taking steps to protect sensitive information in communications. Organizations can no longer perform “check box compliance” – simply going through the motions of recording and storing the information without a thorough review. The modern expectation is that organizations must know what’s included in their communication and take action if they notice a risk. In this new environment, there are fundamental measures that each company should undertake to lower their compliance risks and adhere to industry standards.
So, how can organizations strike a balance between adopting new technologies and avoiding compliance catastrophes? We’ve identified three key measures any organization should implement to lower risk.
Striking a Successful Balance
Key Measure #1: Create a Policy Framework for New Communication Channels
When adopting a new communication channel like personalized sales videos, video marketing, video conferencing, and other video interactions with customers, organizations should have a high-level framework for conduct requirements on that channel. For example, some basics that should be consistent across phone, email, social and video communication are clear identification of who you are, who your company is, what you are discussing, and maintaining simple, clear references to disclaimers and disclosures. In fact, newer channels like video provide more scenarios to leverage this framework onscreen and in spoken content. Creating this as a template for communications and disseminating it clearly sets a consistency expectation for communications that helps avoid basic mistakes and sets a baseline that can prevent regulatory mistakes – regardless of the information channel.
Key Measure #2: Train Team to Implement and Adopt New Technologies Compliantly
Building on measure one, training teams on that policy framework as well as the new communication channel itself should be the obvious next step. As new technologies emerge, organizations should train team members on how to properly adopt and implement the new tools. This training can be costly upfront in both time and money but is increasingly important. Deloitte found that 76 percent of Chief Compliance Officers listed compliance training as a top priority. Luckily, for new communication technologies like video, there is an obvious cost benefit for creating training content using video itself for rich training content that has relatable examples of do’s and don’ts. Further, in a highly regulated environment, good training increases accountability and reduces the likelihood of careless compliance errors.
Key Measure #3: Implement RegTech Solutions
Finally, it’s crucial to build processes that can scale. Organizations need to enforce policies, both for what gets communicated and for monitoring communications. With the broadening of communications channels and the exponential increase in communication volume, a non-scalable solution leads to significant risk. Unfortunately, it’s a common instinct to think that many aspects of the compliance process are manual-based review efforts on a scale that’s unwieldy, slow, cost-ineffective, and prone to inconsistencies that lead to oversights. In reality, organizations can implement RegTech solutions to ease the communication capture and analysis process, increase accuracy in detecting risks across more media types, and allow for scale in the volume and type of communications handled. We’ll explore how to best implement and get the most out of RegTech technology for communication compliance in our next installment.
Tensions between the business and compliance teams are to be expected, but left unchecked, can cripple growth efforts that center on adopting new communication technologies. Companies must work to accommodate modern communication technology adoption and compliance requirements to balance topline growth opportunities while effectively managing regulatory risk. To do this, organizations should start with the straightforward steps of implementing a clear policy framework, investing in training their team, and adopting modern RegTech Solutions.
In the final part of this three-part series, we’ll examine RegTech Solutions – what they are, how to implement, and why they’re critical in the expanding digital ecosystem.
About the Author: Devin Redmond is the CEO and Founder of Theta Lake. He has more than 2 decades of experience in enterprise risk and compliance and is a frequent speaker on AI-based RegTech for video communication compliance. The former CEO and Co-Founder of Nexgate, a pioneer in social and digital media compliance and security acquired by Proofpoint (PFPT) in 2014, Devin also held executive and leadership roles at Check Point, Neoteris, Websense, and more. In addition to living in 7 countries and speaking 3 languages, Devin is a frequent public speaker that is passionate about modern digital risk and compliance technology that helps businesses gain a competitive advantage.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
The "same-site" origin policy (SOP) is a critical piece of online security. While it's not an internet standard, but rather a rule enforced by interne…
For years, micro USB connectors were the standard for nearly every device on the market. Also known as USB Type-A connections, they were the preferred…
There are many elements that make up a great casino site. Some of these aspects are obvious to the customer while others have an important role to pla…
Compared to traditional home security methods, smart home security systems have far more effective capabilities. Innovative home technologies are a pr…
If you're looking to start a business, no matter if it's big or small, you're going to want to make it easier for your customers to find you and havin…