With the dynamic change in organizational structures, new mergers and frequent change in roles and responsibilities, the general fiduciary duties of loyalty to be performed by individuals and organizations are often conflicted. This can lead to improper functioning of duties, loss in goodwill and often a high cost of penalty effectuated by a non- conformance to standards or other compliance laws. Growing complexity and lack of transparency in business transactions, have led to issues related to 'Conflicts of Interest' (COI) coming to the forefront. This is made apparent by the large number of COI litigations and penalties imposed on individuals and corporates.Download a Solution Brief
COI is increasingly gaining focus and impacting multiple industries, driven by some strong external and internal mandates. Some examples of this are enclosed below:
- In June 2012, under the Dodd-Frank Act 2010, the SEC formed the 'Office of Credit Ratings' to monitor COI in the ratings provided by credit rating agencies.
- Wall Street watchdog Financial Industry Regulatory Authority (FINRA) now examines how brokerages are managing COI, including compensation that may motivate brokers to push certain securities to investors.
- The UK Department of Health announced new rules to address perceived conflicts of interests within the boards before the boards start commissioning in 2013. This includes rules that are aimed at curtailing unlawful spending by doctors who are newly appointed to clinical commissioning boards.
- Other COI mandates under the Corporate Code of Conduct and Ethics policies, enlisted by various government, educational and medical bodies.
Even though organizations are aware that setting a standard COI Policy that can identify and address all potential risks is an elusive goal, their investment in COI programs continues to increase. This could be attributed to an organizational commitment to prevent such incidents, and as proof of evidence to regulatory authorities.
Challenges in Managing COI Programs
COI incidents can emerge in any form of transaction and can apply to both internal and third-party clients. The applicable regulations are specific to the industry in which an organization operates. This poses a complex challenge for large corporates looking to establish a standard COI policy for all their subsidiaries that are operating in different lines of business. Lack of a common compliance law can increase the complexity associated with the execution of COI programs.
Historically, COI regulations have primarily impacted processes in the financial services, life sciences and healthcare verticals. This scenario is rapidly changing as the scope of COI is now expanding to include ethics and compliance guidelines such as affiliations, financial and competing interests, gifting practices, bribery, and supplier contracts. The ambiguity in defining the reasons for conflicts can make it difficult to identify potential conflicts, thereby rendering the organization's COI program ineffective and further hampering the organization's reputation.
Organizations are now driven to address such issues and are working on creating COI policy frameworks for their employees and business processes. However, they need to address the key concerns bothering compliance managers and supervisors by enabling flexibility in the program, hence allowing for the incorporation of future policies and ensuring linking policies to change controls and audit trails.
Once the program is implemented, COI certifiers are required to review multiple records and continuously monitor submissions. Records with policy exceptions and validation errors must be efficiently tracked through alerts. Any change in guidance must be updated in the COI policy and standards and the request for additional information as per the new policy should be automatically triggered as an assignment to the employees. The lack of workflow automation in the COI compliance tool can impede timely disclosures and monitoring of the program.
Building a COI Management Framework
In order to enforce COI compliance, organizations must firstly establish a well-documented, enforceable, and regularly reviewable COI policy that can define and identify conflict of interest incidents. The COI program must ensure consistent decision making for similar incidents and safeguard organizations against incidents that can violate the law. Effective creation of COI policies, standards and guidelines, and quick identification of the risks of potential conflicts is critical to the success of the program.
At the initial stage of a COI program, the organization should conduct a complete screening of employees and their organization-level fiduciary duties that can cause potential conflicts of interest. Duties, transactions, relationships and roles/levels have to be assessed to help evaluate COI risks and their implications and compile them into a program policy guideline. Financial relationships with suppliers, customers or competitors involving contracts, processes or products that can become potential conflicts require a separate policy/code for third parties (separate from employees).
In cases where employee and organizational data is stored in a third party application, the program should be able to gather and synchronize relevant data for activities related to conflict of interest. Information regarding the types of risks evaluated for specific groups can be maintained in a library of surveys and questionnaires with appropriate metadata for each questionnaire. The availability of multiple survey templates like these can facilitate the creation of records. Confidentiality settings can be configured to hide employee and other details.
Employees can be alerted about the COI program through automated email notifications triggered at desired intervals. In case of an annual COI re-certification process, employees can receive reminders at the due time.
Employees who have no specific appeals regarding their surveys can submit the completed survey for review to Line managers who will receive a notification of an assignment for review. The entire review process can be administered by appointed Ethics Advisors and COI board members who also review the COI submissions and monitor the overall progress.
Ethics advisors can monitor the program by extracting reports on all submissions, past dues and non-submissions. They can also request further clarifications from specific employees regarding specific cases, and the COI record is only closed when requirements are fully satisfied. A full disclosure status report can be extracted to analyze redundant surveys and modify guidance based on the review request received by the review committees.
How Can MetricStream Help:
- Create a Framework for COI Policies: The MetricStream system provides a central repository for storing and organizing all types of policies based on various templates and classification criteria. Relevant business units and subsidiaries can design assignments for creation, review and approval of COI policies. COI coordinators can gather COI disclosure information through scheduled assignments and notify employees of due dates for completion. Built-in, automated notification and alert functionality with configurable workflows facilitates policy distribution and acceptance. System can also configure and execute surveys, certifications and self-assessments to designated executives based on predefined templates and schedules.
- Execute Surveys and Certifications: The MetricStream solution can manage and store your COI survey templates and define the various sections of the checklist. New surveys can be created by leveraging old template formats and enabling copying of data. The system supports role based assignment of surveys to desired respondents and requests them to complete surveys before they are due through automatically triggered email notifications. New workflow rules are created to schedule survey assignments on incidents such as new hire onboarding, promotions, quarterly and annual COI disclosure dates. The system can also identify COI from responses to survey questions and record survey responses as historical data for future use.
- Continuous Monitoring of COI Incidents: The MetricStream system enables tracking of COI incidents by Ethics advisors and COI committee members right from initiation to closure. The solution provides continuous visibility into COI incidents by case type, automates workflows for remedial action, and supports regulatory reporting. A continuous monitoring process helps detect exceptions and validation errors in real time and enables real time responses from reviewers and policy makers.
- Integration: MetricStream's solution can be integrated with any existing HRM or ERP application to facilitate a one-time data load of employee or supplier data that can be linked with COI programs. This provides customers with the ability to modify programs as per the latest management changes and organizational hierarchy. Integration through installed active Directory and Single Sign-on systems, enable users' SSO login to the MetricStream application while working on their company networks.
- Reporting: The system supports creation of reports for ongoing, complete, incomplete and delinquent surveys. Administrators responsible for organizational COI and those with internal subsidiaries will be able to run timely reports to monitor findings and observations.