Compliance units have the important function of ensuring that all processes are in line with relevant laws and regulations. The risk of non-compliance may not only generate unnecessary costs (e.g. administrative fines) but also lead to reputational losses and customers’ exodus. In certain circumstances, it may also have adverse effects on the management board and its members as lack of compliance may result in personal liability. This is a reason why having effective and swift units that can react to any wrongdoing is essential.
Control and supervision of business units and their activity (both ex-ante and ex-post) are one of the main goals of compliance functions. In case of a potential threat for an organization, such units should be also able to act to eliminate risk. But how a compliance function can have effective oversight on the whole business, especially if such business is highly decentralized? It seems it is almost impossible.
Imagine a scenario. A company has thousands of sellers or relationship managers all around the country (or globe) that are solely responsible for selling products or providing services on behalf of the company (say it is an investment firm). All of them are subject to specific rules and procedures that are clearly (or not) explaining what can and cannot be done in relation to customers of the company.
[Example: certain phrases cannot be used while offering brokerage services to avoid entering a legal and regulatory regime for investment advisory services that are quite strict and demanding. Lack of compliance with relevant provisions may have harmful consequences for the investment firm]
People are using e-mails and phones to reach customers and offer products or services. In both cases, the data - that is a particular conversation – is somehow stored and archived for legal and regulatory purposes (including potential claims made by the customer). Compliance functions are obliged to regularly go through such conversations (more often a sample of them) to find potential gaps or inconsistencies with relevant policies or procedures. The compliance officer is sitting at a desk and listening to voice samples or reading tones of e-mails and forms filled by employees to ensure that ‘everything is ok. As you can imagine it might be boring and prone to human errors.
Is it a way to automate this process or make it less boring and burdensome? Of course, with natural language processing techniques. The well-trained and prepared model may be able to find certain phrases or keywords that may suggest that specific ‘undesirable behavior’ took place. The compliance officer will not have to go through the entire document but will receive an alert with justification and ‘link’ to a particular part of the text that requires his or her attention. Sounds good?
It will, however, require some effort from your side. You will have to propose a set of phrases, words, or even whole sentences (if possible) to let the NLP model learn undesirable behaviors. In the end, you will receive an ‘automated’ compliance officer that will not be sensitive to ‘human’ weaknesses.