When you think of a dashboard, what comes to mind? Is it a panel containing instruments and controls that indicate the health of your vehicle, or charts that provide information and statistics? Simply, a dashboard provides a picture story in one view. Just like a car dashboard will show you your speed, RPMs, and gas level, a compliance dashboard should show you key metrics at a glance to clearly understand the health of your program.
.
What Are the Benefits of a Compliance Dashboard?
Investing in a compliance dashboard solution provides your company with the ability to integrate data collected from various systems utilized within your company. This collected data is stored in a central warehouse that can be extracted to create the visual story you wish to communicate. This would eliminate the time and resources it takes to request the data from your lines of business, analyze the data, and manually create reports.
Other key features of a compliance dashboard are the ability to filter and integrate the data to generate customized reports and to identify issues and trends in real-time. You can utilize the dashboard to measure efficiencies and inefficiencies within your organization. The collected data provides the end-user with the ability to drill down and filter the data to get the desired results to monitor key performance indicators (KPIs) and key risk indicators (KRIs) to share with management or other stakeholders. The generated reports also provide documentation of your compliance program monitoring efforts.
A compliance dashboard is utilized to tell a story. You determine what story you wish to deliver and apply the data to meet your needs.
.
Why is Having a Compliance Dashboard Important?
In today’s ever-changing regulatory environment, organizations that are subject to maintaining a compliance program must ensure their program is effective as outlined in the Evaluation of Corporate Compliance Programs issued by the Department of Justice (DOJ) in June 2020. The DOJ emphasized the use of data to track and test the effectiveness of compliance programs. More importantly, this guidance stipulates:
“Do compliance and control personnel have sufficient direct or indirect access to relevant sources of data to allow for timely and effective monitoring and/or testing of policies, controls, and transactions? Do any impediments exist that limit access to relevant sources of data and, if so, what is the company doing to address the impediments?”
Regulatory authorities are monitoring companies to determine how effective their compliance program is. For companies that failed to implement a viable compliance program, they collectively paid billions of dollars in penalties and were subject to criminal prosecution.
The following companies are examples of being subject to criticism and fined for not maintaining an effective compliance program:
- Capital One recently assessed a $390M civil money penalty for failing to implement and maintain an effective Anti-Money Laundering program.
- Sabre Corporation, a travel technology company, paid a $2.4M settlement with 27 State Attorneys General for a 2017 data breach involving hotel booking services. Sabre failed to adhere to state laws regarding data breach notification.
- Goldman Sachs settled $3.9 billion in penalties with the DOJ and SEC to resolve FCPA charges related to the Malaysian sovereign wealth funds, 1Malaysia Development Berhard (1MDB). Goldman Sachs’ compliance and control functions failed when the culture of compliance was pushed aside over profitable deals and bribery payments.
- Berkshire Hathaway paid $4.1 million for violating Iran sanctions because one of its subsidiaries knowingly sold products to intermediary companies in Turkey with the knowledge that the products would be resold to Iranian end-users.
With the DOJ’s compliance program guidance, it is more relevant and important to ensure your company’s compliance program is effective and works in practice, to avoid these types of violations. Compliance touches various areas within your organization—so how do you monitor to identify issues, risks, and threats before they become a problem? The compliance dashboard is your tool to centralize collected data and monitor your compliance program.
.
How to Develop an Effective Compliance Dashboard?
Create your story. Work with the various stakeholders in your company to identify the applicable compliance regulations that make up your program. Inventory the various systems and platforms utilized by the lines of business to collect and integrate the data required to make informed decisions on the effectiveness of your compliance program.
When designing your dashboard, consider the following components you wish to display to align with the strategic needs of your company and lines of business:
- Perspective – who is the report intended for
- Objectives of the compliance program
- Measurements (KRIs and/or KPIs)
- Indicators – color-coded symbols to provide a quick glance of the measured performance.
In addition, determine the best visuals that would link the data to the strategic objectives of the dashboard:
- Heat maps
- Charts (bar charts, line charts)
- Trends (month over month or year to year comparisons)
- Scorecards to monitor KPIs and trends.
Identify, track, and manage your KPIs and KRIs of every compliance process in areas such as:
- Reputation
- Sanctions
- Legal
- Financial
- Operational
- Regulatory
- Third party
- Distribution channel
- Fraud
From the collected data, identify trends and correct these trends where necessary. Review your chosen metrics in real-time to identify issues before they become a problem, and develop snapshots to report the performance of the compliance program with the board of directors, management, and other stakeholders in your company.
Part of the storytelling is to determine the type of dashboards to design based on your business requirements. It helps to define the purpose of the dashboard, data to collect, and who will receive this report. Some examples of using a dashboard can be:
- Strategic
- Informational and provides an overview to the board and decision-makers to monitor the health and opportunities of the compliance program.
- Across the enterprise or by company function (i.e., Information Technology, Human Resources, Supply chain/Distribution Channels, Operations, AML, etc.).
- Provides a focus on high-level, measurements of performance and forecasts.
- Indicate areas that need improvement.
- Identify areas that are well-managed and effective.
- Trends illustrated.
- Presents a static snapshot of data (daily, weekly, monthly, and quarterly) that does not constantly change.
- Informational and provides an overview to the board and decision-makers to monitor the health and opportunities of the compliance program.
- Analytical
- Provide more context to the data to include comparisons and history, with performance evaluators.
- Analyze the data to drill down to underlying details.
- Operational
- Monitor and measure activities and events that constantly change, such as:
- The number of opened/closed screening alerts and the age of the alerts.
- The number of failed quality inspections per hour of manufactured parts.
- Employees that have completed training vs. training not completed.
- Receive alerts through the dashboard that may require attention and respond at a moment’s notice.
- Track for open and closed issues.
- Monitor and measure activities and events that constantly change, such as:
Compliance dashboards can be as simple or detailed based on the amount of data you wish to display and the message you intend to communicate. Ensure the data supports the company’s strategic plan, the information is meaningful, and is useful to the intended audience.
.
Leveraging Compliance Management Software and Compliance Dashboards
Compliance touches all areas within your organization. Data plays an integral role to gauge how well your company is performing. The desired result is to monitor how effective your compliance program is in real-time. The compliance dashboard helps tell your story and the right technology can go a long way in making this vision a reality.
.
By Michael Volkov, February 11, 2021, published on GAN Integrity