The application of the Electronic Discovery Reference Model (EDRM) is triggered in response to a lawsuit, investigation or government action for prior workplace behaviour. This nine-step set of standards that guide the collection and organisation of electronically stored information is a reactive approach to risk management; it doesn't necessarily advance an organisation's ability to identify and reduce real financial, operational and reputational issues before they impact its bottom line.
And the risks are real - and global. This past year, European antitrust officials fined Google a record $2.7 billion. And the Financial Conduct Authority, the U.K. markets watchdog, opened 84 probes, another record number for insider-dealing investigations in 2017 - well above the 70 total from the prior year. The upward trend of large fines continues into 2018: as recently as February, for example, U.S. Bancorp was in the headlines with $613 million in fines and penalties to settle money laundering allegations. That's the type of press coverage company directors do not want to read over their morning coffee.
Transformational trends and technology, however, are converging to help companies identify potential violations and get out in front of compliance, ethics and procedural issues before any negative impacts.
Before documents become evidence in litigation during an eDiscovery process, they are already assessible within a company's vast data repository as risk. The misconduct has happened; it's just hidden until it's flagged as part of a potential legal matter. This isn't surprising given that only 18 percent of organisations use proactive audits to detect risk. The alternative of passively waiting for employees to alert the organisation to governance, risk and compliance challenges is not an adequate risk mitigation strategy.
For example, sexual harassment claims are impacting senior executive positions, company reputations and enterprise value in a seemingly daily barrage of sordid news. In the U.K., half of British women have been sexually harassed at work or a place of study, according to a BBC survey. Of those, 63 percent of the victims kept it to themselves. And sexual harassment risk is not the only compliance challenge to go unreported. That doesn't bode well for pre-empting and mitigating the heavy side effects of enterprise risk: increased absenteeism, low productivity and staff turnover, as well as, of course, financial settlements and litigation costs.
Having an early warning risk smoke detector to uncover harassment and other GRC challenges before they engulf an organisation's bottom line and reputation is the future of risk management - and only accessible using innovative technology like AI.
The ability to find what matters when it matters is becoming increasingly complex. A company can no longer expect to just throw bodies at the challenge; it's literally impossible to find, analyse and digest terabytes of information in a typical investigation or eDiscovery matter, for example. Innovative technology, therefore, has a central role in our high-volume, high-stakes and high-speed market.
Traditional analytics tools like keyword searches are practical when you know exactly what you're looking for. But what do you do if someone is trying to hide information or obfuscate evidence within vast amounts of unstructured data? In the real world, searching for "insider trading" or "money laundering" doesn't typically return a usable document set.
Conceptual analytics are designed to capture the abstract meanings of written, unstructured communications, like those found in the myriad emails, chat messages and PowerPoint presentations created daily in every organisation. Unlike keyword searches, conceptual analytics allow you to describe an issue naturally, as you would if you were explaining it to a friend - or how you have defined it in an Employee Code of Conduct. There's no need to consider which keywords and phrases are most likely to identify the materials you're interested in. The technology derives the conceptual meaning of your query and finds documents that are closely related.
Case Study: A financial services corporate client completed a review of over two million documents as part of an internal investigation into potential insider trading among multiple custodians within its global network of traders. While senior management was convinced of an issue, the four-week investigation using traditional eDiscovery tools, including a review team of 30 attorneys, did not uncover any evidence of wrongdoing.
The introduction of a patented, AI-powered, conceptual analytics platform changed the outcome by accurately identifying seemingly disconnected patterns of communication and behaviour.
Using an insider trading taxonomy defined with the client as key search input, the platform ingested the same documents as before, including emails and text messages from the prior internal investigation. The result: Fewer than 75 documents that had previously gone unnoticed were highlighted as potentially responsive. Their subject matter: children's birthday parties.
Conceptual analytics uncovered irregular patterns of communication between two traders ostensibly discussing the timing of multiple birthday parties and the size of appropriate birthday gifts. Out of context, human reviewers disregarded the documents as unrelated to the investigation. However, the analytics identified the pattern of speech as similar to that used to describe insider trading. Once flagged, investigators were able to trace the birthday party dates and gift amounts to specific stock trades made by the employees - who also, it should be mentioned, did not have children. The insider trading was proactively self-reported to the proper authorities before it resulted in litigation or regulatory penalties.
Traditional approaches to risk management are inadequate in today's business market. Innovative technology like AI-enabled conceptual analytics will be a game changer as an early warning smoke detector for companies and their boards to manage and mitigate risk. Proactive internal investigations and the ongoing assessment of ESI will help organisations find the smoke and put out the fire.
Copyright © 2019 Legal IT Professionals. All Rights Reserved.