3 reasons why compliance teams need to move beyond emails and spreadsheets
When it comes to regulatory change management, the default tools in the arsenal of every regulatory compliance professional include emails and excel spreadsheets. It’s easy to see why: these are incredibly easy-to-use and flexible tools that we already use every day for different purposes. While that flexibility can become addictive, it does have its limitations; and when it comes to regulatory change management, those limitations can be costly. Here are 3 reasons why regulatory compliance teams need to move beyond emails and spreadsheets in order to manage regulatory risk well.
- SURPRISE, SURPRISE! Emails and Excel Spreadsheets were not designed for regulatory risk management.
The big question then is if it is a sensible strategy to wait for your reliance on inadequate tools to directly hamper your regulatory risk management efforts before considering a change, especially when you know that the trick to effective change management is to be proactive?
Let’s begin by stating that excel spreadsheets and emails are wonderfully flexible tools and all of us use these tools for multiple purposes in our daily lives. That being said, the flexibility of these tools can be a limitation especially if you are hoping to use these to manage regulatory change effectively. Whether it’s your summary of a new regulatory document, an exchange of views with your colleagues on regulatory interpretation and analysis or simply a statement of tasks — emails and excel spreadsheets are not the best tools and we know it.
We know that regulatory impact assessments should be recorded and retained in an easily accessible manner so that we can demonstrate the work done to whomsoever wants to know (think senior management, auditors and regulators) whenever the need arises. We know that collaborating on document reviews can be more collaborative and that the results of our deliberation should be easily accessible for us to revisit 1 week or 1 year from now. And yes, we also know that when it comes to project management, there are task and project management tools in the market that already make it far easier to collaborate and work with team members in different locations. However, despite all that we know, some compliance teams still rely on excel spreadsheets and emails primarily because they are too used to these since their frameworks are already built and maintained using these tools; and digitizing their compliance framework takes an investment of time, effort and money that they are not able to commit just yet.
The big question then is if it is a sensible strategy to wait for your reliance on inadequate tools to directly hamper your regulatory risk management efforts before considering a change, especially when you know that the trick to effective change management is to be proactive?
2. Drowning in Emails and Spreadsheets
One major consequence of relying on emails and spreadsheets is the sheer volume of documents that get generated as a result. Let’s say you need Joe over at finance to update you on some numbers for quarterly reporting purposes, this is how that process may look like today:
Email # 1: You would send an email to Joe requesting him to provide you with the required information and gently remind him to do so by the end of day tomorrow. Joe receives the email, glances at it quickly but doesn’t get to it right away because he is busy with another task. Joe inevitably forgets and heads home for the day.
Email # 2: It’s the next day. You come into the office and notice you haven’t heard from Joe just yet. So, you send another ‘gentle reminder’ to Joe via email.
Email # 3: Joe is over at his desk, enjoying the final few drops of his morning coffee when your email comes through. He gets right to it this time and tries looking for the spreadsheet you mentioned but has trouble finding it (although Joe doesn’t really try too hard trying to find it). Joe then drops you a quick reply over email asking if you could share the spreadsheet.
Email # 4: You find the spreadsheet and attach it in an email and send it across to Joe.
Email # 5: Joe performs the required task and notifies you that he’s done so over another email.
Email # 6: Because you are polite, you thank Joe with yet another email.
For a simple task between 2 people, it’s taken 5 to 6 emails, depending on how polite you are. Of course, things can always be done better and a little faster, but the point is that it would still involve needless back and forth. If this is what typically happens for a simple task, you can guess how much worse it gets when you are managing multiple tasks or larger projects. Infinitely more time spent back and forth resulting in greater delays and wasted effort. Compliance teams are drowning in multiple emails, documents and spreadsheets used to collaborate with multiple teams for multiple purposes across multiple locations; which is what happens when we use inadequate tools.
This is why it’s important to consider moving away from these tools to adopt others that are better suited for regulatory change management. With the advent of artificial intelligence, compliance professionals shouldn’t still be struggling with this problem. For example, there are natural language processing and machine learning algorithms today that already go some way to addressing this problem by linking conceptually similar documents (or even segments of documents) and even suggesting these to you automatically. Using our example from before, this can mean that in the course of writing your email, an algorithm will be able to monitor the language used to automatically suggest attaching the referenced spreadsheet. Alternatively, you can move beyond emails altogether, which is exactly what we offer our clients via our smart spreadsheets feature. With this feature, all you would have had to do was create a task once, set it to recur quarterly and tag Joe along with any other relevant regulatory document or internal process and voila; that’s it. You’d be automatically notified when Joe completes the task and also if he doesn’t do so in time.
In either case, you would spend far less time and effort on non-vital tasks which lets you focus on more meaningful work. This is how it should be when you have access to proper tools.
3. If no one really manages multiple Emails and Spreadsheets well, should we continue to expect people to do so?
Managing information well remains a problem for us all. When it comes to regulatory change management, the documents we deal with, whether it’s an email, a word document or an excel spreadsheet, can easily number in the hundreds (if not thousands). No matter how many record-keeping processes and guidelines we may have and no matter how many smart folder solutions there may be in the market, everyone continues to struggle with document management. Why?
This is because, ultimately, we are still relying on people to manage those documents well. Whether it’s (remembering and then) adhering to the proper naming conventions or if it’s dragging and dropping the right version of the right document into the right folder, it all requires someone to do something extra after they have interacted with said document; which means extra effort and extra work and people have limited time (and attention) and a lot to get done.
What ends up happening then is that everyone ends up spending more time on more unnecessary work. We have irate line managers sending team members more emails reminding them to adhere to ensure information is stored in the right folders. We have more back and forth between team members who are working on a document who have to also remember to store the correct versions in the right folders. And what happens if (god forbid) someone leaves the organization? Well, the line manager invites IT into the mix to help ensure that the information (that can be found) is appropriately retrieved and stored for future reference.
The most important question here is: how does all of this help convince senior management, auditors or even regulators that you have your house in order? How do you demonstrate that you are on top of your regulatory risk if you have trouble locating and demonstrating the risk assessment you performed 3 months ago, or the work that was done to implement changes into your framework?
Equipped to deliver certainty
If the role of a regulatory compliance professional is to help deliver certainty to senior management, it helps if that professional is not hampered with uncertainty resulting from having to rely on inadequate tools. This is why it is important to move away from excel spreadsheets and emails altogether and to begin employing tools that are better suited for managing regulatory change.
At RADICALi, our purpose is to help compliance professionals deliver certainty by making it easier to track, understand and act on regulatory change. If you would like to learn how, just say hi!
Originally published at https://radicali.io.
