Creating Compliance Tools Using Common Software
Camille Glover VP, Compliance & Ethics - OMERS Katherine Segersten Director, Compliance Operations & Senior Compliance Officer - American International Group Timothy Growley FBI Compliance - U.S Federal Bureau of Investigation
Camille Glover VP, Compliance & Ethics - OMERS
Introduction to OMERS OMERS is one of the largest pension funds in Canada with over CAD $79 billion in net assets Established in 1962, OMERS now serves approximately 1,000 employers, 35 unions and associations and 461,000 members including retirees and survivors Coverage extends to municipal workers, Children s Aid Society workers, firefighters, emergency services staff, police, school board staff (non-teaching), transit workers, hydro workers OMERS invests plan member contributions and earnings through its investment entities in a diversified portfolio of investments in the public markets, and in the private markets which include private equity, infrastructure and real estate OMERS has offices in Toronto, New York, London, Amsterdam, Luxembourg, and Sydney London Amsterdam Toronto New York Luxembourg $79.6 bn Public Markets Infrastructure Private Equity Real Estate $40.0 bn; 52% $14.9 bn; 17.5% $11.0 bn; 15% $13.7 bn; 17% 7 Sydney
OMERS SharePoint Tools Today s focus is on two OMERS Compliance & Ethics customized SharePoint tools:
Why SharePoint? OMERS moved to Microsoft Office 365 platform in 2016/2017 SharePoint is a web-based application that integrates with Microsoft Office Information is kept on Microsoft servers hosted in Canada and assessed to ensure compliance with OMERS Security requirements Highly customizable (and ideal for document management) OMERS employs SharePoint developers
SharePoint Tool Creation Process Compliance & Ethics looked at the policies it monitored and identified supporting processes: 1. With heavy administrative tasks for the team 2. Not being applied consistently across the organization 3. Consistently followed a limited number of workflow patterns based on the same set of underlying criteria Once identified, Compliance & Ethics worked with a dedicated SharePoint developer to map out what was possible.
OMERS Code of Conduct and Ethics Policy (excerpt) You must: Report gifts with an estimated value in excess of $/ 100 Report entertainment with an estimated value over $/ 500
Gifts & Entertainment Reporting Tool Launch Page
G&E Tool Mechanics Users (or their assistants where permitted) can enter data at any time through a dedicated icon on the OMERS intranet Periodic email reminder asks users to confirm reporting and/or report additional items Automated reminders at regular intervals if report not completed on time Ability for managers to generate reports on G&E received by their staff Ability for Compliance & Ethics to review all information for anomalies and escalate as appropriate
G&E Tool Benefits The benefits of the Gifts & Entertainment Disclosure Tool include the following: Reduced paper User friendly/intuitive Real time reporting (with quarterly check) Easy to administer Easy to sort/report on and isolate anomalies Cost-effective Easy to replicate
G&E Tool Replication The format of the G&E Tool can be used to report and capture: External Directorships Conflicts of Interest Political Donations Vacation Requests Any manual or highly administrative process that follows a set protocol, especially those where data sorting and analytics may be applied
OMERS Anti-Bribery & Corruption Policy (excerpt) Policy references an Initial Bribery Risk Assessment which we created in SharePoint This initial assessment determines the role of Compliance & Ethics and the escalation protocol for potential investment transactions
Initial Bribery Risk Assessment Four Questions
Initial Bribery Risk Assessment Tool Launch Page
Bribery Tool Mechanics User launches the program through a dedicated icon on the OMERS intranet ensures confidential information is restricted based on predetermined access controls Background information in requested through a series of drop down menus and free text fields user is guided in providing a minimum level of relevant information while allowing the opportunity to attach additional material as required The user is prompted to answer the four initial assessment questions
Bribery Tool Mechanics Each response to the four questions receives an inherent risk level of low, moderate or high (color coded green, yellow or red) Ratings have been determined based on a combination of external source data, internal research, and feedback from impacted business units and are reviewed at minimum annually The highest risk rating received for any of the four questions dictates the escalation protocol
Bribery Tool Transaction Rating
Bribery Tool User View Each user sees only those transactions he/she created or have been granted access to
Bribery Tool Benefits The tool provides a number of benefits to OMERS including the following: Operationalizes OMERS Anti-Bribery and Corruption Policy Aligns resources with the perceived corresponding risk level Provides a consistent and documented approach to bribery and corruption risk in all transactions Provides a quick and efficient means of capturing and reassessing transactions when underlying risk assessment factors change Reduces paper by having the information available online As it was designed and developed in-house, it accomplishes the above in a customized and cost-effective manner
Katherine Segersten Director, Compliance Operations & Senior Compliance Officer - American International Group
The views expressed in this presentation are my own and do not necessarily represent the views or positions of American International Group, Inc.
Use of SharePoint to Collect and Analyze Local Compliance Training Data Define challenge/problem trying to solve Conduct baseline assessment, feasibility analysis, and gap analysis Create data collection tool, process documentation, & training materials Launch solution ü Required a centralized solution that could be easily accessed and utilized by 100+ Compliance Officers around the globe ü Needed ability to restrict access to the solution and require completion of specific data fields ü Required low/no-cost solution with a short turn-around timeframe for design and implementation
Use of SharePoint to Collect and Analyze Local Compliance Training Data Define challenge/problem trying to solve Conduct baseline assessment, feasibility analysis, and gap analysis Create data collection tool, process documentation, & training materials Launch solution ü Identified existing tools in place and analyzed current data elements collected ü Defined requirements for future state solution and assessed feasibility of existing tools for global use ü Conducted gap analysis between selected solution and ideal future state solution
Use of SharePoint to Collect and Analyze Local Compliance Training Data Define challenge/problem trying to solve Conduct baseline assessment, feasibility analysis, and gap analysis Create data collection tool, process documentation, & training materials Launch solution ü Considered needs and skills of end-user throughout design and development of the solution ü Identified and involved key stakeholders in review of draft tool and related materials to begin to achieve buy-in prior to launch of solution
Use of SharePoint to Collect and Analyze Local Compliance Training Data Define challenge/problem trying to solve Conduct baseline assessment, feasibility analysis, and gap analysis Create data collection tool, process documentation, & training materials Launch solution ü Considered who should launch the tool, how the tool should be launched, and when the tool should be launched ü After launch, provided opportunity for feedback, conducted post-mortem review, and tweaked design of tool/process accordingly
Timothy Growley FBI Compliance - U.S Federal Bureau of Investigation
What is SSRS (and Why Use It)? SSRS is a mechanism to display data Upgrade to the basic SharePoint look and feel Greater control over the user experience Drilldown reporting and interactivity Basically free if you already have SharePoint installed (comes with a standard SP install) It is relatively easy to learn and use Standard Microsoft Office style layout Example resource: SQL Server Reporting Services In Depth by Simon Allardice on Lynda.com
Getting Started in SSRS Configure / Install SSRS on SharePoint Farm Make sure your SharePoint site is a trusted site in your browser Make sure you have Report Builder 3.0 installed Setup SSRS for use Add a Report Library App in Site Contents Allow Management of Content Types in Library Settings Add SSRS Content Types in Library Settings Report Data Source Report Data Model Report Builder Model Create Data Source that connects to your SharePoint List Build Report Connect to Data Source (server, authentication) Identify Data Set (tables, fields, rows, columns) Compose Report (fonts, design, layout, colors)
Building Reports 1. New Document Report Builder Report 2. In Report Data, Select your Data Source 3. In Report Data, select your Dataset 4. Start designing your report 5. Once your report is designed, use a Page Viewer Web Part to display it in SharePoint
Practical Applications Building Dashboards Drilldown Reporting Data Analysis Recurring Reports Tracking Delinquency Processing
Lessons Learned Design for the intended audience If people can t understand it, they wont use it (no matter how great it is) Use intentional color choices Example: Adobe Color CC Use simple / clean layouts Automate routine reports Develop print ready reports only Use interactivity to allow users to drill down and to filter (by date ranges, etc.) Organize your report folder it will grow Be prepared for success
Questions