Compliance Intelligence (CI) is the application and analysis of information related to regulatory changes and market violations to assist compliance and legal professionals implement and enforce regulatory controls.
Compliance Intelligence (CI) is also a methodology by which organizations create a holistic view of their measurement against a set of harmonized compliance requirements. Through the application of analytics, trending across the applicable compliance requirements can be identified and used to prioritize high-risk areas of non-compliance. CI is used by complex organizations to:
1. Provide a consistent and baselined approach for measuring adherence to compliance requirements
2. Identify overlap between several or many compliance requirements
3. Prioritize areas of internal review based on cumulative metrics and indicators of systemic failures
4. Evaluate the impact of regulatory compliance while setting internal policies
5. Establish ownership and accountability for meeting compliance requirements
6. Comparing compliance measurements across multiple regulatory requirements
The application of CI is dependent on the organization structure as well as the set of regulatory or internal requirements by which the organization must comply. A typical approach to building a CI program would require the organization to establish a compliance risk universe (potentially leveraging existing frameworks such as UCF (Unified Compliance Framework))
An alternative approach is to use a GRC data warehouse together with a standard Business Intelligence technology layer. This achieves the same goal but allows organizations to leverage their existing high value governance, risk and compliance data and applications. The set-up of a GRC data warehouse requires a stable unified GRC data model to be used at the core to manage the data transactions.
An advantage of using a GRC data warehouse approach is that it does not require upfront organization or process changes before the advantages and economies of a unified approach can be analyzed and identified. Instead, a passive approach can start to collect, quantify and qualify opportunity areas before they are used to improve structures, effectiveness and efficiency.