A few weeks ago, we hosted a webinar with our customer Clarios to discuss how they leverage our technology to increase the agility of their due diligence process. Over 200 compliance professionals from the industry registered for the session and posed insightful questions to our guest speaker Deborah Spanic, Chief Ethics and Compliance Officer at Clarios. The webinar was an interesting discussion on the power of technology in compliance.
Clarios, formerly part of Johnson Controls Power Solutions, is one of the world's largest automotive battery manufacturers, providing batteries to one in three of the world's vehicles. So chances are, even if you have not heard of Clarios, you have driven a car powered by their products. Clarios prides itself on being one of the world's best examples of a circular economy by having 99% of the materials in their batteries be recyclable, recovered, and remade.
Before Clarios spun off of Johnson Controls in May 2019, Deborah Spanic had already been part of the compliance team for seven years. Deborah served as Group Legal Counsel at Johnson Controls for four years and then went on to be the Legal Director of Global Compliance, before her current position as Chief Ethics and Compliance Officer at Clarios. Before joining Clarios and Johnson, Deborah worked as a legal counsel in the consumer industry and as an attorney.
If you would like to watch the full webinar, you can access the recording or keep reading for some of the key insights from our event:
A Technology-First Due Diligence Process
A technology-first due diligence process is a process that makes use of technology to automate workflows across global teams and maintains a centralized oversight of the risks associated with the different third-parties. This means rather than managing all of your due diligence processes manually with purely human-powered risk screenings and decentralized data management, a technology-first due diligence process is able to use solutions to streamline the process. From our experience working with customers, one of the main priorities compliance professionals have when establishing a due diligence process is leveraging technology in a way that ensures that the new process improves efficiency. Another key priority is that the tool allows compliance teams to distribute their due diligence program across different geographies while still maintaining oversight. Additionally, ensuring that the new process enables them to run the same workflows, but with the same or fewer resources, is also fundamental.
In order to strike a balance between tech and people, compliance teams need to make sure they involve the right stakeholders and staff at each point of your due diligence workflow process to get insights on potential false negatives arising from the inability to access data in more opaque jurisdictions. This means having a risk-based approach to the management of your third parties is essential. Especially because higher risk third-parties can, for example, require more human touchpoints.
The workflow above shows an example of what a due diligence process might look like, and showcases how the level of risk interacts with the number of steps or procedures before final approval.
It is also important to remember that due diligence is not an isolated process. Ideally, it works together with the rest of your compliance program. While your due diligence can identify several potential risks, it is important to analyze those together with other compliance metrics or relevant KPIs to have a clearer picture of where to focus. Compliance officers face many challenges including dealing with the increasing level of complexity of the regulation, as well as strains on resources. Technology can be of great support to get those insights automatically and to have a compliance program that adapts well to an ever-changing environment.
When Clarios separated from Johnson Controls last May, Deborah had worked on a larger team with more resources dedicated to managing due diligence reviews globally. Post-spin-off the new, leaner team had to make sure that their due diligence process still maintained the same rigor and effectiveness, but with significantly fewer resources.
The previous team had four full-time ethics & compliance professionals, as well as 45 part-time compliance program leaders and regional subject matter experts embedded within regional businesses. Post-spin-off, rather than having designated colleagues managing due diligence, the process was to be split among different team members with less staff and no increased resources, so, finding a way in which they all could manage the process in a centralized way was crucial.
The implementation of a technology-first due diligence solution allowed their team to set up a system in which due diligence is managed locally but overseen centrally. By collaborating with local legal teams, the tool allowed them to overcome language barriers and benefit from their subsidiaries being located in the local cultures to assess risks appropriately in each context.
Technology as a Catalyst for Organizational Change
After the spin-off, Clario’s compliance program was emulated to retain their tailored approach to risk but was adapted to use GAN's technology to help them manage the workflows. Besides the benefits mentioned above, one unintended benefit of implementing the GAN platform was to have access to a singular view of where their third parties are located and where they might have to focus from a training perspective. Being able to drill down to geographical areas of concern is essential, as it provides the ability to look at potential hotspots to focus your energy and resources in the right place.
For Deborah, the biggest challenge of running a global compliance program is ensuring consistency between the compliance teams deployed in different regions, this includes language barriers with smaller vendors across different regions. Therefore, the ability of the tool to provide due diligence questionnaires in different languages was a game-changer. In this case, technology became the great equalizer that increased transparency across regional teams.
To learn more about third-party risk rating and due diligence management with technology you can also access our eBooks, A Blueprint for an Automated Compliance Program, and A Compliance Officer's Guide to Third-Party Risk Rating.
Developing meaningful stakeholder engagement to successfully manage risk
Integrating third-party data into your third-party risk management (TPRM) program - Integrating with third party systems
Interacting with high-risk parties and government officials in the life sciences and extractive industries sectors