Could (and should) you be looking proactively at data to find corruption?

Size: px

Start display at page:

Download "Could (and should) you be looking proactively at data to find corruption?"

Garry Daniels
5 years ago
Views:

1 Could (and should) you be looking proactively at data to find corruption? Ethical and Efficient Corruption Detection for Governmental Agencies and Corporations Introduction by: Jennifer Rodgers Roy Pollitt Moderator: Daniel R. Alonso Panelists: Ren McEachern Brandon Daniels Stephanie Brooker Matt Galvin Melissa Ballard

2 Introduction Selected U.S. Laws & Policies

U.S. Department of Justice (U.S. Attorneys or Fraud Section)

3 Introduction: FCPA Basics The key U.S. Law used to combat Transnational Corruption Two Main Enforcers: U.S. Department of Justice (U.S. Attorneys or Fraud Section) Securities and Exchange Commission Two Main Provisions: Anti-Bribery Accounting & Recordkeeping

4 Introduction: FCPA Basics (cont.) Anti-Bribery The key U.S. Law used to combat Transnational Corruption Apply generally to U.S. persons and entities, issuers of registered securities, and others acting in furtherance of the scheme within the U.S. Elements: Payment, offer, or promise to pay money or anything of value, directly or indirectly To a foreign official, party official, candidate, or official of a public international organization For the corrupt purpose of influencing that person To assist the company in obtaining or retaining business or directing business to another to secure an improper advantage Federal jurisdictional elements Accounting and Recordkeeping: make and keep books, records, and accounts which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer.

Introduction: Principles of Federal Prosecution of Business Organizations Key Feature: Corporations Can Get Leniency Based on a Range of Factors That Federal Prosecutors Must Consider (cooperation,

5 Introduction: Principles of Federal Prosecution of Business Organizations Key Feature: Corporations Can Get Leniency Based on a Range of Factors That Federal Prosecutors Must Consider (cooperation, pervasiveness, voluntary disclosure, prosecution of individuals, etc.) INCLUDING the existence and effectiveness of the corporation s pre-existing compliance program. Major DOJ Policy First Issued in 1999

6 Introduction: Principles of Federal Prosecution of Business Organizations (cont.) Major DOJ Policy First Issued in 1999 Corporate Compliance Programs DOJ encourages corporate self-policing, but the existence of a compliance program is not sufficient, in and of itself, to justify not charging a corporation for criminal misconduct. Key factors: [W]hether the program is adequately designed for maximum effectiveness in preventing and detecting wrongdoing by employees and whether corporate management is enforcing the program or is tacitly encouraging or pressuring employees to engage in misconduct to achieve business objectives. Prosecutors should... Attempt to determine whether a corporation s compliance program is merely a paper program or whether it was designed, implemented, reviewed, and revised, as appropriate in an effective manner. Policy uses variations of effective six times re: compliance programs

7 U.S. Sentencing Guidelines Predate the Principles of Federal Prosecution of Business Organizations and Also Emphasize Compliance USSG provide for leniency for Effective Compliance and Ethics Program To have an effective compliance and ethics program, for purposes of subsection (f) of 8C2.5 (Culpability Score) and subsection (b)(1) of 8D1.4 (Recommended Conditions of Probation-Organizations), an organization shall 1. exercise due diligence to prevent and detect criminal conduct; and 2. otherwise promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law. The organization shall take reasonable steps A. to ensure that the organization's compliance and ethics program is followed, including monitoring and auditing to detect criminal conduct [ ]

8 2017 Department of Justice FCPA Policy Amendment to U.S. Attorney s Manual When a company has voluntarily self-disclosed misconduct in an FCPA matter, fully cooperated, and timely and appropriately remediated, all in accordance with the standards set forth below, there will be a presumption that the company will receive a declination absent aggravating circumstances involving the seriousness of the offense or the nature of the offender. If criminal resolution (including DPA or NPA) is nevertheless warranted: 50% reduction off low end of USSG Generally no appointment of a monitor IF effective compliance program

9 Could (and should) you be looking proactively at data to find corruption? Ethical and Efficient Corruption Detection for Governmental Agencies and Corporations Introduction by: Jennifer Rodgers Roy Pollitt Moderator: Daniel R. Alonso Panelists: Ren McEachern Brandon Daniels Stephanie Brooker Matt Galvin Melissa Ballard

10 Matt Galvin Case Study: Applied Data Aggregation and Analytics in Compliance

11 The Challenge: Integration of SABMiller The Past: Traditional Diligence Narrow data pull Audit Reliance on third-party resource Reactive focus Produces a report does not address issue The Future: Integration Through Analytics What if data was in one place? What if we could combine it and score to prioritize? What if we could teach the machine to get better? What if everyone wanted to use our system Compliance, Internal Audit, Internal Control, Procurement etc.

So we made BrewRIGHT BrewRIGHT (formerly Lantern) is ABI s awardwinning data analytics platform for detecting and addressing compliance risks. Key features of five year plan 1.

12 So we made BrewRIGHT BrewRIGHT (formerly Lantern) is ABI s awardwinning data analytics platform for detecting and addressing compliance risks. Key features of five year plan 1. Data aggregation of ERP and compliance systems of enterprise 2. Apply a series of BRIGHT algorithms to rank transactions for potential connection to fraud, bribery, money laundering or violation of economic sanctions. Centralization and Integration of Compliance Systems 3. Development of user-interface & machine learning 4. Multi-functional user acceptance launch

13 Really, the hard part is getting the data Phase One March 1, 2017 Countries: 13 Companies: 50 Phase Two August 1, 2017 Countries: 24 Companies: 65 Phase Three December 31, 2017 Countries: 94

14 What does it cover Modules: Both Live & In Development Payments Vendor 360 Duplicate Payments Travel & Entertainment Conflict of Interest Data Pollution AML / Sanctions Global Risk Ranking Cash, Checks and Wires Free Beer Investigations Investigators Diligence Performance Usage Enrichment Process Anti Trust Ambient Sales

Next step static tests, visualize, data set, and launch Pro tip: People prefer maps and pictures over spreadsheets Out of the box It simulated what an accountant with ten years experience could do if

15 Next step static tests, visualize, data set, and launch Pro tip: People prefer maps and pictures over spreadsheets Out of the box It simulated what an accountant with ten years experience could do if she could see everything on the ERP Detect anomalies and instances of fraud and corruption Visualization is key to cut noise Organization of teams around world to analyze outcome of KPIS Key innovation integrated case management system to capture outcomes of KPIs and teach system to get smarter

16 Going dynamic machine learning Global Risk Score Transparency International Corruption Perception Exports & Imports by country Political stability Sales volumes Transaction Monitoring Start a Investigation Flag transactions to review through Case Manager Take steps to remediate Risk Score Machine Learning Results feedback into Bright

Triaging Due Diligence for new vendor and stop payments before they are made Global roll out of risk score for each country Baseline country score contributed by risk

suspicious transactions via workflow Migrate from tableau to Salesforce (a effective and efficient visualization tool) Migrate data from BrewRight to Azure Integrate

Where are we going Single source of truth on compliance risk Ongoing view of quality of impact of data quality / system integrity on risk Dynamic risk scoring of country,

17 Triaging Due Diligence for new vendor and stop payments before they are made Global roll out of risk score for each country Baseline country score contributed by risk score from various modules Onboarding new countries Onboarding Target Scoring Dynamic Visualization Azure Fraud Squad Predictive User Acceptance Capture similar suspicious transactions via workflow Migrate from tableau to Salesforce (a effective and efficient visualization tool) Migrate data from BrewRight to Azure Integrate cross functional processes into BrewRight Dedicated resource with knowledge to analyze transactions. Where are we going Single source of truth on compliance risk Ongoing view of quality of impact of data quality / system integrity on risk Dynamic risk scoring of country, zone, globe tied to employee targets and remuneration Predictive model to predict and prevent fraudulent and corrupt payments before they are made Tie employee / group KPIs to output of compliance system bonuses will be tied to downward trend of risk score

19 Could (and should) you be looking proactively at data to find corruption? Ethical and Efficient Corruption Detection for Governmental Agencies and Corporations Introduction by: Jennifer Rodgers Roy Pollitt Moderator: Daniel R. Alonso Panelists: Ren McEachern Brandon Daniels Stephanie Brooker Matt Galvin Melissa Ballard