Understanding the limitations of data solutions
January 2018 | EXPERT BRIEFING | RISK MANAGEMENT
We are awash in data ‘solutions’ relating to everything imaginable. Data providers claim that all risks now can be readily identified and mitigated with easy-to-use data solutions. Need to perform due diligence on a vendor for Foreign Corrupt Practices Act compliance? Punch the vendor’s name into this database and out will pop all the information you require. Need to identify potential witnesses for a fraud matter? Click that button. Need to screen a potential joint venture (JV) partner in China? Click that third button.
Unfortunately, however, no data solutions are comprehensive, and that is something that may not be fully appreciated. In terms of fraud and diligence work, there is value in databases, but there are also limitations. One common weakness in database research involves simple common failures, like a third party failing to report information, even when the report is required by law. Recently a responsible party, the US military, failed to report known adverse information about Devin Kelley, who was discharged from the Air Force for assaulting his wife and child, to civilian law enforcement databases. The result was Kelley could pass a background check and buy a gun – he then killed 26 people in Texas.
Data entry errors are extremely common, and therefore reliance on databases must be thoughtful. Names are misspelled, dates of birth wrongly entered, fathers confused with sons, criminal records assigned to the wrong persons, and more. To use a common expression – garbage in, garbage out. Errors are inevitable.
When performing due diligence outside the US, you might want to know whether a Chinese company for which you are considering a JV is state-related or has a history of corruption. To identify and mitigate the risks inherent in that prospective transaction, you will need to research media in local languages, talk to knowledgeable industry experts and perform site visits, all to really know what a company in a geography like China is really doing. Database research will not tell you all that you need to know.
Why the limitations? After all technology is rapidly improving and data is getting better. Do we really need people anymore? In short, yes we do, because data solutions have holes in coverage, like all investigative tools. The algorithms and processes behind the capture of masses of data still do not identify a lot of important or essential information.
Databases offer excellent information about many matters of importance. But no one approach or solution, unfortunately, will identify the risks you may want to know about.
If you are performing due diligence on a low-level vendor in a low risk geography, database research may be quite enough to satisfy organisational needs regarding compliance. But larger risks, say your organisation is considering doing business with entities in a higher-risk country like Russia, cannot today be satisfied through database research alone.
There are other ways to think about these things. Consider all the secrets perhaps you or your friends know. Would database research reveal that your friend’s business does not pay taxes, or that your neighbour is stealing millions from his employer and has a second family in Michigan, or that your business partner has stolen millions from you? The answer is a resounding no. Databases today are a useful tool for mitigating risk, and should be a starting point in most research efforts. Yet, they are not a comprehensive tool designed to mitigate all risk, especially when material monies, brand reputation and other valuable organisational assets could be harmed.
Risk mitigation tools, including databases, are amazing in many ways and are valuable. Think about a noted private investigator like Sam Spade in the 1940s relying on the phone book, a gun and his wits when trying to unravel the doings of say, a counterfeiting gang. What a tool a database would have been that had people’s addresses, names and email contacts. Database offerings today are rich, diverse and an excellent starting point for virtually any fact-finding inquiry.
Yet, the limitations to even the best databases are well known, the need for other research is doubtless, and every organisation should recognise when there is a need to do more than just click that button.
Jeffrey Klink is president and chief executive of Klink & Co., Inc. He can be contacted on +1 (412) 201 9123 or by email: firstname.lastname@example.org.
© Financier Worldwide
Klink & Co., Inc.