Factors to Consider When Implementing Risk Assessment Technology – Compliance Week | Region & Cash

The International Compliance Association (ICA) is a professional membership and awarding body. ICA is the world’s leading provider of professional, certified anti-money laundering qualifications; governance, risk and compliance; and financial crime prevention. ICA members are recognized worldwide for their commitment to best compliance practices and enhanced professional reputation. To learn more, visit the ICA website.

Technology solutions promise to transform business risk assessments. However, companies cannot simply implement a new technology solution and think that this is the end of their risk concerns.

So what factors should you consider when incorporating new technologies into the risk assessment process?

Understand the technology

Risk assessment technology should be treated for what it is: a tool that supports an established and effective risk assessment process, helping professionals identify and mitigate the risks their organization faces. Technology is not a panacea for problems faced by the business, nor is it a one-and-done solution.

To get the most out of any technology, it is important first and foremost to understand what it is, what it does and how it does it. Ensure that all team members who will be using the software are properly trained in its use and are able to spot problems if and when they arise. A company could spend significant time and money implementing a solution only to have its potential wasted when users struggle to understand it and resort to simpler but less effective workarounds.

know the limits

Part of that is understanding what the technology can do and, importantly,can not do. Each system will have its own strengths and limitations.

In addition, the adage “garbage in, garbage out” applies: the effectiveness of a system depends on the quality of the data fed into it. It is important to ensure that your information is accurate and up to date.

Industry expert and ICA tutor, Tyrone Griffiths, explained that even with great tech solutions, if you feed them information from legacy software, chances are your time-saving tech still needs the human hand to make sure it’s the Data processed correctly You need smooth controls.

“Some systems don’t communicate with other systems, so you might have to update two or three systems, which requires human intervention. There’s a chance you’re missing one of those systems,” he said.

This can mean that taking the time to review and change current ways of working can be an absolute necessity, which can be time-consuming in the short-term but will make your tech solution far more effective in the long-term.

The human factor

Finally, technology should be viewed as a complement, not a substitute, for human expertise. Businesses need to combine technical solutions with active risk mitigation by their professionals.

It’s hard to overstate the role of horizon scanning in quality risk management. Risk assessments are often viewed with the hindsight: looking at what challenges impacted the business over the past year and making sure those gaps are closed for the future. But Griffiths stressed that companies that become complacent — for example, assuming the threat is low as long as they only work with supposedly low-risk entities — can run into serious problems if they’re proven wrong, as has been shown in the aftermath the London Interbank Offered Rate (LIBOR) scandal.

“We can’t always look back. We need to start thinking from a horizon-scanning perspective and predicting potential risks,” he added.

In fact, crime does not stand still. Covid-19 made for an excellent case study of how quickly criminals can take advantage of a changing situation and how quickly companies need to react by predicting what can go wrong rather than waiting for regulators to tell them what to do , after the threat has already been detected. As Griffiths put it, “Companies need to start thinking like they’re criminals — start really questioning their systems and thinking, ‘Okay, we’re going to offer this product. … How could a potential criminal exploit this product?’ It may not have happened yet. But it will probably happen in the future.”

Technology can help organizations overcome such challenges, but leveraging the best of software solutions requires a thoughtful approach.

The International Compliance Association is a sister company of Compliance Week. Both organizations are under the umbrella of Wilmington plc.

Leave a Comment