Recent Posts

Copyright Giulio Coraggio 2018

Compliance and its challenges at the age of AI and IoT


Compliance and its challenges at the age of AI and IoT

How compliance with change or even disappear with the digital revolution of the coming years, including the Internet of Things and artificial intelligence?

As part of the series of guest posts named Thoughts Leaders’ Corner, here is a very interesting article from Patrick Henz who is Regional Compliance Officer Americas at Primetals Technologies. I hope you will enjoy it!

*          *          *

We are in a continuous technological revolution. Different experts predict that by 2025 30% of our today’s jobs had been taken over by robots. This means that in ten years also the job of a Compliance Officer could be done by a machine?

Artificial Intelligence is on the rise. Computer programs are able to crawl through required databases and the internet. For them it should be possible to search internal databases of the company’s policies and guidelines, connect to external law databases and search the internet for news and actual interpretations of the law. Such results could be combined with other available databases, as for clients, payments and suppliers. With this a powerful software can answer all guideline- and law-related questions. Already today with a human-like voice, so that for the employee it will be hard to distinguish, if he or she speaks with a robot or human being. This software can connect to intranet, but also with the employee’s laptops, tablet and smart-phones. A 24/7-service is guaranteed. A related app can understand the employee’s voice and process audio into information, further it can analyze the emotion in the voice, and understand if the employee is, for example, in a stress situation.

Further this software can reach out to global risk indices, as for example the Transparency International Corruption and the Bribe Payer’s Index. With this it ensures a real-time risk monitoring, what could replace the regular execution of different Compliance controls. Connecting risks, guidelines, employee’s CV and travel activity, a software can go further and predict possible violations before the employee even think this about it. Welcome to Philip K. Dick’s world!  The algorithm of such software would be based on David Cressey’s Fraud Triangle and combine pressure, opportunity and rationalization. The Compliance Officer’s experience regarding human behavior and the company’s business is required to calibrate the software and interpret its results.

Even if we are still not there, it is the question, if this ever will be possible. The US Securities and Exchange Commission (“SEC”) already decided that a “check-the-box”-Compliance system is not sufficient to protect a company against Corruption. The Compliance core function is not to inform employees about internal and external guidelines and execute regarding controls, but moreover to implement an adequate positive and sustainable corporate culture; Compliance is about humans. Still today the human brain is not completely known, but for sure more complicated than today’s existing computers, including the quite regular habit to act and or decide “illogical”.

So technology will not replace the Compliance department, but brings new tasks for it:

  • New technologies as home-office and 3D printing are reducing the economics of scale and opening small companies the possibility to act globally. Such startups are idea- and technology-driven, so that management is aware of products, services and how to sell this, but compliance-, legal- and export control-experience is lacking. The pro-active new technology philosophy may tempt the employees to take on risks, without being aware of the consequences. The world is not becoming less complicated, the tendency is going to the other direction; a relevant risk, especially for small companies.
  • Internet of Things. Even more than today, all machines and products will have a WiFi-connection. This can be limited to a reading of information, but also lead to the possibility of a remote change of the machine’s preferences and functions; with or with-out the end client’s knowledge. Even without internet, machines can be programmed that way that they understand, when they are in daily-use or when they are in a test-, audit- or control-situation. With the IT-department, Compliance has a new target-group.
  • Millennials and following generations have a strong sense of ethics and see this as relevant for choosing a job. Nevertheless this is not a general advantage for Compliance; personal ethics do not automatically have to be compatible with the law and company’s guidelines. Further, these generations are not only raised with internet, tablets and smart-phones, also they are used to Apps and media libraries, meaning they do not consume anymore linear television. Content is available, when the user wants to see it; it is not required to wait for a special day and time. The disposition to wait is less developed than in earlier generations. Individuals and non-formal high technology groups may enforce ethics on their own. Data protection stays a relevant Compliance topic.
  • Smartphones and wearables continuously collect information about their users, including which locations they are visiting, if they do this by car or walking. Such information could be interesting for the HR department, as based on this the health condition can be predicted and so future sick-times, especially if a central software not just could access these devices, but connects this information with central employee healthcare information database. Data privacy would be strongly violated. Wearables are only a small step away from William Gibson’s vision of computer implants and cyber upgrades. In fact, implanted microchips already today can enable blind people to see again, bionic parts replace lost arms and legs. In 2015 a group of hackers got the control of several cars; in future it would be theoretically possible to hack a human being. Cyborgs are a target for data privacy and cyber protection.

This is a too extreme vision of the future? Maybe it is, maybe not, at least some thought provoking thoughts. Surely the job profile of a Compliance Officer is changing. The focus must be the individual employee with technology being a partner, but also threat. With this, the position evolves to an Ethics and /or Sustainability Officer.

If you found this article interesting, please share it on your favourite social media. And for more discussions around the topic, you can follow Patrick Henz on his LinkedIn and Twitter profiles and on his blog Ethics Playground. Also, if you want to contribute to the Thought Leaders’ Corner, here are the guidelines for guest posts.

Giulio Coraggio

I am the head of the Italian Technology sector and the global head of the IoT and Gaming and Gambling groups at the world leading law firm DLA Piper. Top global IoT influencer and FinTech lover, finding solutions to what's next for our clients' success.