By  Jose Tabuena, JD, CFE, CHC

As the compliance field evolves, auditors should take heed of the power of data analytics and predictive models. The area of program evaluation is one that is ripe for opportunity to apply such techniques for both assessing compliance effectiveness and for nudging employee behavior toward supporting an ethical workplace. But keep in mind predictive models yield benefits only if appropriately acted upon.

Behavioral science provides a powerful set of tools for acting on data analytic indications when behavior change is the order of the day. Specifically, “behavioral economics” combines elements from economics and psychology to understand human behavior— even when it’s irrational.

The U.S. Department of Justice (DoJ) has signaled strong messages on the importance of having an “effective” compliance program finally bringing the conundrum of program measurement to the forefront. Although the Federal Sentencing Guidelines and its “elements” of compliance have existed for over twenty years, the formal standards and processes by which compliance programs are currently measured for effectiveness remain notoriously sketchy. This trend of the government to provide more guidance has continued with the DoJ stating it plans to release a set of sample questions to give companies an idea what investigators and prosecutors are concerned with. Apart from the ability of “effective” compliance programs to reduce the risks of high fines and liability, management has a financial stake in measuring the effectiveness of a compliance program. Operating a compliance program requires a significant investment in time and resources. Poorly functioning compliance programs are likely to waste money, divert scarce resources and operate sub-optimally with respect to mitigating serious, business-threatening risks.

Moreover, the positive effects of a compliance program may include better financial performance. Studies have started to show that in the long-run, a truly ethical and lawabiding corporation is more likely to foster on several measures—customer loyalty, increased employee retention, and strengthened public reputation.

The new DoJ compliance counsel in assisting federal prosecutors develop appropriate benchmarks for evaluating compliance programs, is to provide expert guidance to help prosecutors evaluate whether the implementation of such measures has been effective and has had a remediation effect. Naturally there is acute interest by compliance professionals in the work and impact of the DoJ compliance counsel. This position will be a focus for determining the benchmarks for effective compliance programs, and there is legitimate concern whether sufficient input from the industry compliance community will be considered in connection with future developments. Compliance professionals have had more than 20 years’ of practical experience in direct observation of what effectiveness means for organizational compliance programs, and the DoJ is only now embarking on zeroing in on this in a focused and systemic manner. The hope is that the DoJ will allow for constructive input from the compliance community on the meaningful measures of an effective compliance program.

Applying the “law” is not enough

The legal system is replete with examples where assumptions on how the world works as the basis for establishing laws and regulations has proven dreadfully wrong. Take the value of eyewitness testimony as one example. For a long history, prosecutors could argue for convictions based on the strength of a single eyewitness—the more confident the witness, the more seemingly infallible the testimony. That is, until psychologists conducted controlled studies on the reliability of eyewitness perceptions and the ability to accurately recall from memory.

An auditor evaluating an established compliance program could start with evidence that the organization has consistently implemented the elements of a program as defined by the Federal Sentencing Guidelines. But that is just the beginning. The experienced program evaluator recognizes that measuring implementation is different from the more difficult task of evaluating effectiveness.

After initial resistance, there was eventual recognition by the criminal justice system that eyewitness testimony can be extremely unreliable depending on the circumstances of the event and how potential suspects are presented to the witness. As a result, strict procedures for showing photographs and lineups for suspect identification have evolved. The use of psychologists to provide expert testimony during trials on eyewitness reliability is allowed by many judges. The emergence of DNA testing and the release of wrongly convicted individuals further demonstrate the danger of untested assumptions.

The modern American law school started with the belief that law can be understood and taught as a science. This belief was based on ideology that what mattered was understanding and rationalizing the law applied in courtrooms by judges. The search for the underlying principles provided the basis for the science of law. The body of cases, correctly analyzed, would reveal a set of internally consistent principles inherent in either human nature or culture and expressed case by case through the judges.

This approach of the law as a science has since fallen by the wayside. One only has to look at the divided opinions of the U.S. Supreme Court to recognize the fallacy of the law as a robust science. However, the myth that legal principles result in rational truth still persists. One example is the definition of an effective compliance program under the Federal Sentencing Guidelines. The elements of an effective program seem conceptually sound, but how do we know that applying them actually promotes a culture of compliance and prevents violations of law?

The fallacy is that while legal principles may seem rigorous in theory, they may not reflect actual reality. The idea of a classic mathematical proof is to begin with a series of statements that can be assumed to be true or that are self-evidently true. Then by arguing logically, it is possible to arrive at a conclusion. If the statements are correct and the logic is flawless, then the conclusion will be undeniable.

Scientific theory, on the other hand, can never be proved to the same level of a mathematical theorem. It is only considered highly likely based on the evidence available. Scientific proof relies on perception and observations both of which are fallible and provide only approximations to the truth. This is why experiments are performed to test the predictive power of a scientific hypothesis.

Legal principles often make assumptions about human behavior—such as the accuracy of eyewitness perceptions or the view that investors act rationally in financial markets. But science has started to reveal the weaknesses and subtleties underlying those assumptions.

Applying behavioral science

Principles, such as compliance program components, shouldn’t be taken on faith. When practical, the underlying elements should be field-tested using randomized controlled trials to measure their validity.

For instance, simply having a code of conduct and related compliance policies is obviously not enough to influence employee behavior. So what is it about a code of conduct, how it is written, communicated, and trained to the workforce, that can make a real difference?

In the field of behavioral economics, priming has proven to be an effective tool to subtly encourage honest behavior. Priming occurs when an individual is exposed to a specific stimulus that influences his or her ensuing actions. In studies by behavioral economist, Dan Ariely, experiments were designed to influence honest behavior when researchers “primed” people with a stimulus that involved morality and then observed how often cheating occurred when solving small math problems. When the participants were asked to recall the Ten Commandments, cheating significantly decreased compared with those who were instead asked to recall the names of Shakespeare’s sonnets.

Similar studies provide additional behavioral insights. It is easier to be just a little dishonest. Experiments show that we are more likely to cheat over a small amount of money than a large amount. People also tend to find it harder to be dishonest when interacting with another person than with an impersonal mechanism. The belief that we make rational decisions is a myth that belies the complexity of human behavior.

How do you know a program is working?

How can the auditor tasked with evaluating a compliance program take into account the findings of behavioral scientists? In the short history of the compliance profession, a variety of distinct approaches have been attempted. Yet any approach taken in isolation may yield unreliable information.

An auditor evaluating an established compliance program could start with evidence that the organization has consistently implemented the elements of a program as defined by the Federal Sentencing Guidelines. But that is just the beginning. The experienced program evaluator recognizes that measuring implementation is different from the more difficult task of evaluating effectiveness.

One might look to see if the compliance program incorporates “best practice” features adopted by leading companies. As to the code of conduct, one could inquire whether it was written with simple, understandable text and distributed to all employees. However, experience shows that just because employees received a reasonably well designed code of conduct does not necessarily mean that they understood it, found it useful or took it seriously.

Academic research indicates that the highest indicator of workplace misconduct is fear of retaliation and the confidence employees feel when raising issues. So data on employee willingness to address matters with their immediate supervisor or to use the compliance hotline, as well as their views on what would happen if they reported misconduct, can prove meaningful as a measure of effectiveness.

The current obstacle is the lack of an accepted methodology for consistent measurement along with the absence of a comprehensive set of metrics in which to benchmark your compliance program. The means by which organizations measure the effectiveness of their programs still vary, and in some cases organizations can be lulled into a false sense of security by evaluations that may not be empirically based or reliable.

Which is why the recent moves by the DoJ and particularly the hiring of a compliance counsel are such promising developments. Compliance professionals have been seeking open discussion and analysis on the measurement challenge, including consideration of possible outcome measures by which organizations could demonstrate the impact of their programs (e.g., observed misconduct, frequency and nature of reporting, fear of retaliation, direct measurement in risk areas where this is possible). Doing so could encourage companies to undertake high-quality evaluative efforts, and prompt boards of directors to review and reflect on the results of such efforts.

Subject matter expertise

When considering the compliance program as a broad control and evaluating program elements, don’t neglect the value of technical expertise. While auditors have expertise in the methodology of program evaluation (itself a valuable skill), subject matter expertise is just as essential. It does occur that auditors miss a significant problem because the evaluation approach was structurally blind to the domain and members of the review team not truly understanding the details of “how it works.” And technical folks are nudged outside their core expertise such as when audit and professional services teams strive for high utilization of its staff. Have a fraud specialist on the team for financial controls, a cyber-expert during an information security review, and definitely have a compliance specialist when evaluating a compliance program.

As the field of compliance management continues to mature, reliable means to evaluate compliance program effectiveness will increasingly become imperative. This is true not only for auditors assisting operational leaders who must effectively manage risk, but for those in enforcement who need to make informed decisions, consistent with announced policies, relating to prosecution and punishment.

Originally published in Compliance Week

Donald Trump’s prediction that the U.S. economy was on the verge of a “very massive recession” hit a wall of skepticism from economists who questioned the Republican presidential front-runner’s calculations, reports Reuters.

In a wide-ranging interview with the Washington Post published on Saturday, the billionaire businessman said a combination of high unemployment and an overvalued stock market had set the stage for another economic slump. He put real unemployment above 20 percent, Reuters said.

“There is a very low probability of a massive recession, less than 10 percent,” said Sung Won Sohn, an economics professor at California State University Channel Islands in Camarillo. “If it happens, it would be because of what is happening overseas, especially in China and Europe.”

Read the article.

Governments invest billions of dollars annually in automating government financial management, customs, and tax systems respectively. But aside from a few cases that are repeatedly quoted, there is little rigorous evidence of the impact of these investments on government efficiency and accountability to deliver services, reports Zahid Hussain, Lead Economist, South Asia Finance and Poverty group, for the World Economic Forum.

“An examination of the roughly 530 e-government projects funded by the World Bank in the past twenty years, for example, reveal that almost a third are unsatisfactory, and perform worse than a typical project,” the report says.

The conclusion is that digital technologies can indeed be transformative; but only if accompanied by “analog complements,” Hussain writes.

Read the article.

The colorful litigator who represented the late “D.C. madam” Deborah Palfrey and threatened this week to release call logs of his former client that he says are “very relevant” to the 2016 presidential election says those records already are digitized and posted online, reports U.S. News.

The report says Montgomery Blair Sibley threatened that the records will become public if he fails to reset a 72-hour countdown clock, which could cut short his soft two-week ultimatum for federal courts to consider lifting a 2007 gag order that covers the records, lest he deem that order void.

“The records are stored on four servers around the world, Sibley says, and dozens of reporters will receive a website link if the clock is not reset. He says he loaded the information online in January, when he decided to publicly claim the records are relevant to the presidential race,” writes Steven Nelson.

Read the article.

Four of Hillary Clinton’s closest aides appear to have adopted an unusual legal strategy, hiring the same ex-Justice Department attorney to represent them in the FBI’s investigation of Clinton’s private email server, reports Politico.

“The united front suggests they plan to tell investigators the same story — although legal experts say the joint strategy presents its own risks, should the interests of the four aides begin to diverge as the probe moves ahead,” writes Rachael Bade.

She explains that the aides’ decision to use a so-called “joint-representation” or “common-defense” strategy suggests the staffers believe they’re in this together and are unlikely to turn on each other.

Read the article.

Photo by Michael Vadon

Less than 24 hours after Donald Trump threatened to sue for votes ahead of a potentially contested GOP nominating convention, a move that could foreshadow a new phase in the GOP’s ugly primary fight, his campaign backed down, reports Time.

A Trump senior advisor later said that Trump’s “lawsuit” was not in fact meant for a court of law, but for the Republican National Committee’s committee on contests — which under GOP rules hears complaints over the allocation and selection of delegates.

“It’s clear why. Election lawyers and party operatives said challenges to the arcane state-by-state delegate selection rules being used to outfox Trump would face an unwelcome reception in court,” the report says.

Read the article.

While the feds have certainly put hurdles in place to prevent abuse, outsourcing IT in a highly regulated industry like banking may very well lead to higher standards and quality outcomes, writes Bruce Harpham for CIO.

“Banking has changed since the global financial crisis in 2008. The steady increase in regulations from Washington, the states and international organizations are now impacting IT leaders,” he writes in the article. “As regulators examine vendor relationships and outsourcing arrangements more closely, there is a significant risk that poorly managed IT could trigger an audit finding, a fine or negative publicity.”

The article discusses some risks to manage as IT leaders plan to review and renew IT service providers in 2016.

Read the article.

A second federal judge in Washington ruled Tuesday that a conservative legal watchdog group may question the State Department and potentially several top aides to Democratic presidential contender Hillary Clinton about her use of a private email server while she was secretary of state, reports The Washington Post.

U.S. District Senior Judge Royce C. Lamberth granted a request from Judicial Watch, which has sought public records of talking points used by Susan E. Rice, then the U.S. ambassador to the United Nations, in television appearances after the deadly Sept. 11, 2012, attacks on U.S. facilities in Benghazi, Libya.

“His decision came about five weeks after another federal judge in Washington, U.S. District Judge Emmet G. Sullivan, ruled that current and former top State Department and Clinton aides could be questioned under oath about her email arrangement in a separate Judicial Watch FOIA case,” the newspaper says.

Read the article.

Trump University isn’t the only Donald Trump endeavor that has landed in court, reports Mother Jones magazine.

“The tycoon has launched — or lent his name to — a slew of business ventures that have yielded frustrated customers and investors who have sought legal recourse. There are hundreds of lawsuits extending over 43 years that name Trump or one of his businesses,” says the magazine.

The report includes a list of some of those legal skirmishes that began when Trump joined his father’s business and continue through his run for the GOP nomination, such as Trump Management, Trump Tower, Trump’s Atlantic City casinos, Trump SoHo, Trump Baja, Trump Model Management, and more.

Read the article.

As Donald Trump rolls through the political calendar, his campaign has already begun focusing on a new battle that may have a broader set of consequences — finding delegates who will be loyal to his cause at the Republican National Convention, reports ABC News.

“Part of the battle has come in the form of emails to delegates and supporters trying to lock down crucial votes. The other half is a five-person task force that has been quietly being trying to amass the 1,237 votes needed,” the network reports.

“Emails obtained by ABC News show the Trump campaign calling on supporters in Michigan to watch for precinct-level delegates who may defect to a rival candidate during a contested convention”

Read the article.

Now that Marco Rubio is out of the race, for the first time in U.S. political history, every presidential candidate — of both parties — supports at least states’ rights to do as they please with regard to marijuana legalization, according to a report in Rolling Stone.

Bernie Sanders, who pledges to end the drug war, is the most progressive on marijuana policy. And fellow Democrat supports states’ rights to legalize, but proposes to reschedule instead of deschedule cannabis, the newspaper says.

Donald Trump believes there should be more research on cannabis. Ted Cruz says he would not support legalization, but he believes states have a right to determine the legality for themselves. John Kasich also is opposed to marijuana use, but would defer to states’ rights, the report says.

Read the article.

Donald Trump is facing some tax and legal challenges that could complicate his bid for the White House, reports Bankrate.

“Citizens for Responsibility and Ethics in Washington, or CREW, has asked the IRS to look into a donation from the Trump Foundation to a group connected with the Florida attorney general. CREW contends that the gift was improperly made to a political group and was not reported as required on the foundation’s tax filing,” the article says.

The Donald J. Trump Foundation is a tax-exempt organization with an IRS 501(c)(3) designation.

Read the article.

A U.S. government agency says it has made a breakthrough in battery technology that could see it leapfrog the likes of Elon Musk and Bill Gates in the multi-billion-dollar race to build the next-generation system of energy storage, reports the World Economic Forum.

“By paying those (legal) fees, wouldn’t you be rewarding and encouraging violence?” asked host George Stephanopoulos.

“No, no I didn’t say that. I haven’t looked at it yet, and nobody’s asked me to pay for fees, and somebody asked me a question and I haven’t even seen it, so I never said I was going to pay for fees,” the Republican front-runner said, at first denying what he has said both during a campaign rally and on Sunday during an interview, according to the report on CNN.

Read the article.

WikiLeaks has debuted a new section on its website that allows visitors to search thousands of messages from the private email server Hillary Clinton used while secretary of state, reports The Washington Times.

“While the newly-launched portal does not host any previously unreleased correspondence, its format enables users to quickly scour the 50,547 pages of documents that have already been put out by the State Department all at once for key words and phrases,” the report says.

Emails previously released by the State Department show that some people close to Clinton were concerned after more than 200,000 diplomatic cables were shared with the secret-spilling group in 2010.

Read the article.

ABC News is reporting that Donald Trump and his campaign are not expected to face inciting a riot charges in connection with a violent incident at a rally in Fayetteville, NC.

The Cumberland County Sheriff’s office had been investigating the real estate mogul and his campaign but decided “that the evidence does not meet the requisites of the law as established under the relevant North Carolina statute and case law to support a conviction of the crime of inciting a riot,” the report says, quoting from a sheriff’s department statement.

A man who attended the rally last weeek allegedly sucker-punched a protester in the face as he was being escorted out of the venue. John Franklin McGraw, 78, faces charges of assault and disorderly conduct.

Read the article.

Photo by Brian Solis, www.briansolis.com and bub.blicio.us

Dallas billionaire Mark Cuban is talking politics again, reports The Dallas Morning News. And while he’s not endorsing GOP front runner Donald Trump, Cuban does believe a candidate with a business background is better qualified than a politician.

When he appeared on CBS’ The Late Late Show with James Corden on Thursday, the owner of the Mavericks NBA team said he likes the fact that Trump doesn’t worry about being politically correct, the report says.

“Like, before all the presidential stuff, he was like that friend everybody had that you liked to pick on,” Cuban said. “In person, he’s nice. But now, he’s gone crazy. I can’t explain what’s happened to him.”

Read the article.

The SEC announced the promotion of Anthony Kelly on Thursday, the same day he participated in a panel discussion at the Investment Adviser Association’s annual compliance conference. In the panel, he took the opportunity to reassure the audience that his team is not singling out CCOs for enforcement actions, reports Financial Planning.

“I know there’s a sense out there that the SEC is targeting compliance professionals,” Kelly said.

“I can tell you that is not the case. There is no change in policy where we are now trying to target compliance professionals,” he said. “There’s no shift in our thinking.”

“Industry concerns about regulators targeting CCOs gained steam last summer after the SEC brought an enforcement action against BlackRock and its CCO in a case turning on the failure to disclose a conflict of interest and other compliance lapses,” the report says.

Read the article.

Photo by Michael Vadon

An alleged assault of a protester at a Donald Trump rally by a man who was later arrested after saying that the protester “deserved it” and “next time, we might have to kill him,” is only the latest in a series of violent and frightening incidents at Trump rallies of late, reports Vanity Fair.

Last week, some two dozen Black Lives Matter protesters were forcibly expelled from a Trump event in New Orleans, following a week in which the Republican front-runner initially refused to condemn the Ku Klux Klan and former K.K.K. leader David Duke.

Other incidents occured at a Trump rally in Georgia, in Louisville, and at a rally in Las Vegas where Trump said that he’d like to punch one protester in the face, reminiscing about the “good old days” when agitators would be carried out on a stretcher, the magazine reports.

Read the article.

In last night’s Democratic debate, Hillary Clinton dismissed a question about whether she would resign if indicted for mishandling classified information, saying “Oh for goodness … that’s not going to happen. I’m not even answering that question.”

A report by Christian Science Monitor staff writer Peter Grier addresses the question: Is Clinton right to be so dismissive?

“On the one hand, the FBI investigation of the issue could be a shield for Clinton,” Grier writes. “If she isn’t indicted, she can use that fact as an all-purpose dismissal. Something along the lines of, ‘The feds found no problem here, so move along, move along.’ ”

But Republicans will keep the issue alive, he adds, pointing to two new lawsuits seeking access to Clinton’s State Department communications.

Read the article.