Proactive Vigilance Ensures the Health of Your Company

Peter Drucker, the noted management expert, is credited with the phrase “If it can’t be measured, it can’t be managed,” but according to Zach First of the Drucker Institute, Drucker never actually said that. I have heard several versions of that famous “Druckerism” over the years, and while I liked thinking that I was quoting a famous management expert, it does not make the maxim any less true: Managing things without a solid system of measurement and feedback is ineffective.

I have a milestone birthday approaching in a little over a year, so I bought myself a fitness tracker (aka FitBit) to try and get in better shape. I got one with an integrated heart rate monitor, step counter, and a few other features and my fitness has actually improved since I started wearing it. The default daily goal is 10,000 steps, which for me is about four miles of walking. If I notice that I am a little short at the end of the day, I just take a quick walk around the block to reach my goal.

Analog pedometers (step counters), heart rate monitors and calories counters have been available for years, but there was no platform to integrate these disparate data sources. My fitness tracker syncs to my smartphone and gives me nice graphs and charts, including one that compares my fitness performance to others in my “fitness circle.” With all of this real-time information at hand, I can readily adjust my performance to ensure that I’m hitting my fitness and overall health goals.

In essence, my FitBit has become my own personal Chief Medical Officer, monitoring every aspect of my health so my entire being functions as it should.

Similarly, in the financial world, you cannot measure the health of your company without proactively monitoring every disparate part of the business. In some cases, the bottom line may look healthy, but it turns out a cancer was taking root that could have put the entire entity and its brand reputation at risk.

To solve for that, compliance groups were set up to report to regulators that everything is on the up and up.

But compliance has been woefully lacking in this kind of monitoring and measurement. When they do have measurement systems in place, they often measure only a portion of the business or are days or even weeks behind. This is because the foundation layer of most compliance management systems was never meant to store the kind of data that compliance professionals need to look at. And when regulators knock, it becomes a Code-Blue to assemble everything in Excel spreadsheets.

Baselines, Feedback and Alerts

While apparently Drucker never uttered the famous saying, what he did say gives us a good footprint for designing a better compliance management system. In his book, Management: Tasks, Responsibilities, Practices, Drucker wrote: “Work implies not only that somebody is supposed to do the job, but also accountability, a deadline and, finally, the measurement of results — that is, feedback from results on the work and on the planning process itself.”

In order to judge the effectiveness of the work being done, for example, commodity trading, we need tools that provide accountability and measure results not only on the work itself but also on everything that surrounds that work.In other words, we don’t just need to see the raw trade data, we need to see what the trader was thinking.

We need to view individual trades in context with others and be able to capture all the information around the trade: e-mail messages, instant messages, security information, in addition to real-time access to trade information. Anomalies need to be funneled back to the traders so that they can understand how their actions are being portrayed and be allowed to provide additional context on suspect activity.

Compliance regulations are difficult to write, and perhaps even more difficult to read and interpret because the actions are nuanced by each individual.

One trader may log tens of phone calls prior to each trade while another may rely on instant messages. One person’s habit is another’s outlier. Your system needs to be able to know and alert for both. In the case of my FitBit, I may be able to log my heart rate, but for a neighbor with A-Fib a professional heart-monitoring device alerts him if he is in A-fib. (The right system for the right application.)

Proactive Vigilance

Compliance professionals and those they safeguard need that same kind of telemetry, alerting and feedback to see whether or not the firm is in compliance, but often the data they get is stale and incomplete. The industry is starting to coalesce around the term “Proactive Vigilance.” And to be Proactively Vigilant firms need to:

• Measure everything
• Identify Key Performance Indices (KPIs)
• Determine baselines
• Set alerts for when things are awry.

Part 2 of this series explains the challenges of Proactive Vigilance and guides you on how to get there.

In the meantime, get up and go walk around the block. Something tells me you have been sitting too long.