using artificial intelligence to step …...state using only a few seconds a week of the employees...

P U R P L E PA P E R USING ARTIFICIAL INTELLIGENCE TO STEP-CHANGE EMPLOYEE COMPLIANCE STANDARDS & IMPROVE RISK MANAGEMENT

1

P U R P L E PA P E R

USING ARTIFICIAL INTELLIGENCE TO STEP-CHANGE EMPLOYEE COMPLIANCE STANDARDS & IMPROVE RISK MANAGEMENT

According to a host of risk management & compliance forums and bodies, of the 10 greatest risks facing regulated firms in 2019 and beyond, your employees not only figure, but are most likely the single biggest risk! By way of example, Information Security breaches are most frequently the results of inadvertent errors and knowledge & competency failings of your own staff than they are malicious hacks by a 3rd party.

For any risk management professional, CRO or Approved Person, the reality of increasing regulation and an ever more demanding burden of proof is a constant challenge. Doing what “we have always done” is, in itself, a flawed strategy and compliance and risk management professionals are constantly seeking ways

to improve employee & organisational compliance and conduct together with reducing operational risk.

Artificial Intelligence (AI) now has a key role to play, particularly with respect to employee centric risks. Elephants don’t forget are world leaders in the use of AI to guarantee employee knowledge and competency in regulated markets and we add a new UK regulated client to the portfolio every week.

Your business already deploys the Artificial Intelligence known as Clever Nelly, but it is not currently being used as a strategic component of the Three Lines of Defence. There are considerable visibility improvement and risk reduction benefits for you in doing so and potentially little or no extra costs1.

Unique opportunities also exist to confidentially and anonymously benchmark compliance performance with other users of the AI and participate in an Academic study with the University of Reading - only should you choose to do so.

If after reading this paper you would like to learn more or would like our assistance in supporting you making this AI a strategic component of your compliance toolkit, please drop us a line with your contact details to [email protected]

ABSTRACT

1 See footnote 2 later in document

1. Executive Summary

2. “Mastery” explained

3. Compliance Manager

4. Benchmarking

5. Conclusion

CONTENTS

2



3

Your business, to a greater or lesser extent, already deploys our Artificial Intelligence (AI), called Clever Nelly. Nelly’s AI leverages a number of proven learning techniques, including continual assessment. When viewed in the context of compliance and risk management evidencing, it represents best practice, because employees are assessed daily rather than at far wider intervals, like annually.

Not only does it assess daily but it also automatically plugs knowledge and competency gaps and subsequently maintains the required standards. There is no more effective and robust solution for ensuring your employees genuinely learn and retain the knowledge and competencies required for your business to comply with the regulations that govern your sector.

L&D and other functional leaders are often the first users of Clever Nelly in an enterprise. They will deploy the AI to harness a variety of business benefits and frequently they will use Nelly to guarantee the learning outcomes of compliance training, in an employee and functional leadership acceptable fashion.

It is however, often initially deployed tactically and without the strategic support of the CRO and risk management community within the client. Whilst the compliance function may very well be aware of the use of AI to guarantee learning outcomes, they may not be aware of specific strategic functionality available to them through dedicated reporting screens and data cuts.

There exists functionality within Clever Nelly specifically designed with the 2nd Line (of defence) in mind and we call this functionality “Compliance Manager”. There are no additional costs to existing Clever Nelly licenses for strategic compliance purposes and very little administration.

In any event, the tactical use of AI guarantees that employees learn and retain what they are trained which is a huge improvement over the non-use of Clever Nelly, where average knowledge and competency levels languish around 52%. The advantages, to a CRO or any individual charged with ensuring employee compliance, of using Compliance Manager over a tactical deployment are:

1 . Step-change in the accuracy and quality of employee knowledge and competency data accessible to your existing control/management systems

2. Bespoke views and heat map reports that pin-point genuine compliance failings and key operational risks

3. Unique lead-indicators of potential risk and failure within the enterprise, with drill-down capability to view teams, functions, locations and even individuals.

4. High-risk employee filters that enable you to view competency and knowledge with a role/individual filter for more intelligent risk assessment.

5. Early warning notifications when pre-agreed parameters and minimum standards are breached.

It is an easy process for in-house CRO and compliance professionals to harness Clever Nelly to massively improve the insight, evidencing and early warning of your existing risk and compliance control systems and make AI an essential part of your toolkit.

1. EXECUTIVE SUMMARY

2 Benefits can only be harvested for employees who have been allocated a license and are using it. It maybe that you want a wider audience of users in which case more licenses would be required at an additional cost. Sometimes some additional questions are required and there is a nominal additional cost of authoring these.


4

Different “rules” are required for the use of a continual assessment regime for required learning material than more dynamic and general workplace knowledge. We have functionality within Clever Nelly designed to address these rules and we call this functionality “Mastery”.

Mastery has been designed specifically to overcome “compliance fatigue” and to make it as painless as possible for employees working in regulated firms. On-going engagement and acceptability by employees and line management are critical success factors in any continual assessment regime and this is precisely why Artificial Intelligence must be a component part of any sustainable solution.

Whilst it is theoretically possible for a human to analyse the daily question returns and to subsequently determine the most appropriate next questions and what intensity of questioning - it would take an army of administrators (doubtless making numerous mistakes as humans are want to do) to manage even a relatively small deployment of a few hundred people.

We use Artificial Intelligence to augment how the brain learns and retains workplace critical content. This AI ensures, that we stick to the “rules” and that employees are treated as individuals; subject matter expertise is recognised and respected and intensity and content is personally appropriate to individual roles and proven expertise.

So, despite the importance of regulatory compliance and its mandated nature, the fact of the matter is operational leadership and the employees themselves wish to spend as little time as possible engaged in learning it! So any long-term sustainable solution must achieve the highest possible standards whilst recognising this narrative and the ”rules” above.

Mastery mode enables an employer via their CRO or L&D team to establish initial organisational compliance knowledge and competency, fix the knowledge and competency gaps at an individual employee level and subsequently maintain that state using only a few seconds a week of the employees time.

2. “MASTERY” EXPLAINED


5

It works like this:• Clever Nelly asks questions

in the normal way (asking between 2-5 questions per day depending on competency) and quickly establishes a baseline level of compliance knowledge and competency by individual and sums that for an enterprise view. Like as not c.52%.

• Once all the questions in the Q-set “compliance” (including sub-sets) have been asked, then as soon as the individual demonstrates to the AI that they have “mastered ” the content, the AI automatically changes the status of that particular employee and reduces the intensity of the compliance based questions to perhaps 2 questions per week.

• If the employee continues to answer these questions correctly then the AI retains the employee’s “mastery status” and the employee continues only very light touch question intensity for the purposes of checking knowledge and competency retention.

• If the employee at any time in the future fails to demonstrate they have maintained mastery mode then the AI automatically switches back to learning mode (2-5 questions per day depending on actual subsequent competence).

• As soon as the employee once again demonstrates mastery then the AI changes the employee’s status to Mastery and again reduces the intensity.

Thus an employer will preside over 3 employee states, learning, mastery and re-learning, all controlled fully by the AI and all merit/competency based, i.e. you are only interacting more

intensively again because you demonstrated you need to.

Critically, an employee is guaranteed an entirely personalised learning and retention experience, where the time taken is entirely based on demonstrated personal knowledge/competency levels.

Mastery therefore enables a CRO or compliance manager to operate a long-term, sustainable, evidence-based, continual assessment regime that is entirely employee and leadership accepted. In this way you achieve the very highest standards whilst actually improving employee morale and attitude toward compliance!

MASTERY SUMMARY

100%

80%

60%

40%

20%

0%

JANUARY 19 JUNE 19

81%

38%

47%

15%19%

LEARNING IN MASTERY FAILED MASTERY


6

Once you make the decision to take advantage of Compliance Manager in your risk and compliance function, it is as easy as switching on the Compliance Manager functionality and then harvesting the insight.

The team at Elephants don’t forget are on hand to guide you and your team through the setup and configuration to ensure that the reporting you receive and the associated automated interventions are what you desire. This is easy and relatively quick and all the technical work is performed by the Elephants don’t forget team.

Currently your team and other users with Administration rights

can see data pertaining to required learning questions in many different formats, via the Clever Nelly default reporting portal. Not dissimilar to the summary format shown below. It is useful, certainly, but it requires the risk and compliance community in your firm to “work the data” to get to views and cuts that are optimal for their specific purposes.

Compliance Manager provides for unique views constructed specifically for the risk and compliance community within your business. These views being tailored by our support team so they are optimised and reflect how you want to manage compliance and risk in your 2nd Line of Defence.

3. COMPLIANCE MANAGER


7

The point being that when the data is presented in the formats below, aligned specifically to how your business currently manages compliance and risk, the answers leap off the screen. Quantifying in numerical terms, for example that your business faces a clear and real risk in relation to information security (INFOSEC) and enabling the CRO (or nominated specialists) to drill down and explore that risk in more detail is incredibly valuable.

The approved person(s) can explore trend with regard to that risk, e.g. over the last 13 weeks has this increased or decreased? They can sort the data by individual and

team and function, to make it completely real. They can even tag individuals within the workforce and qualify them by virtue of a risk spectrum. For example, it may well be that competency and knowledge failings in those employees providing formal investment advice to HNW individuals on complex products represent a far higher risk to the enterprise than perhaps a junior sales person selling simpler products? The ability to cut and view data based upon your risk spectrum is incredibly helpful. It is far more relevant that your highest risk employees are scoring poorly than vice versa.


8

It is your business, you decide your own risk spectrum (which need not be role centric, it might even relate to territory of products touched) and we configure the AI accordingly. Changing your mind and developing your models based on outputs is a key component of effective compliance and risk management and the AI is easily refined to accommodate the inevitable iterative nature of the role and the desire for continual improvement.

Whilst all the data that Compliance Manager draws upon is theoretically

available to many authorised administrators and stakeholders in your business, you may wish to restrict access to these particularly stark views of risk within your business. This is not uncommon and we would typically only enable approved risk and compliance professionals to see these views unless instructed otherwise.

We can build alerts into the workflow such that in certain circumstances defined by you (with our guidance), the AI executes your given orders. The application is wonderfully versatile and as you come to use it, so it will rapidly become

a mission critical tool in your risk and compliance toolkit. Not least because unlike any employee related system or application you are using, this is the only source of lead indicator data on your employees that is updated daily and self-repairing.


9

Optionally, you may wish to confidentially and anonymously compare and contrast the performance of your firm with that of others in your sector and further afield, either across your whole curriculum of required learning or perhaps one or two current “hot potatoes”.

For example, Vulnerable Customer legislation is proving tricky for some firms and in response to client requests, we have partnered with Money Advice Trust who are the recognised go-to source of help, advice and content on this sensitive subject. This enables us to create a full Q-Set to support this subject and a more compact benchmarking Q-Set that enable interested clients to compare and contrast their enterprise wide knowledge and competency in this area. Knowing you have a challenge in this area is helpful, knowing you are in fact performing in the top decile of 10 of your peers is certainly comforting.

As we build out the benchmarking community this service is provided free of charge. Ultimately though we intend to make this a readily affordable, chargeable add-on.

It should be stressed this is entirely optionally and you are under no obligation to participate and none of your data will be used for any purposes other than those specifically approved by you.

4. BENCHMARKING

10

IF YOU WOULD LIKE TO LEARN MORE ABOUT HOW OUR AWARD WINNING AI COULD SOLVE YOUR IDD MIGRAINE, DROP NELLY A LINE AT [email protected]


Whilst the Compliance Manager dedicated reporting, heat maps and risk spectrum functionality is of most logical use to the 2nd Line of Defence within your business, the ability for Senior Managers to genuinely know that work is being delegated to employees who are genuinely knowledgeable and compliant is of huge comfort to the enterprise and the managers themselves.

Notwithstanding the self-repairing nature of the AI, the ability for the 1st Line of Defence to quickly, easily and intimately understand the compliance strengths and weaknesses of their employees is helpful on many levels. Evidencing material weakness means line management can quickly intervene and

address the problem before it translates into a more serious outcome. Less material individual weaknesses can also now be identified, form part of 121’s and specialist coaching interventions.

High risk employees as determined by your own risk spectrum can also be monitored and pro-actively managed. Some firms have found that simply having this continual and accurate visibility has enabled different, better controls and procedures to be put in place to protect the employer. Compliance Manager is a game-changer for any firm that genuinely wants to address the biggest single risk factor facing their business today - their employees. Compliance Manager not only

provides you with genuinely unique insight and gently repairs those gaps it uncovers in individual employees’ knowledge and competency, it also acts as the most accurate early warning system of real employee centric risk. Come the time when the regulator or 3rd party audits your firm you will be in a position to instantly provide the most up to date evidence, at the most granular level of every single employee in your enterprise, at the click of a mouse.

There is no better, more comprehensive and less intrusive solution on the market. And unlike anything else you use, Clever Nelly from Elephants don’t forget is guaranteed to work.

5. CONCLUSION

using artificial intelligence to step …...state using only a few seconds a week of the employees...

Documents