Legal news and trends for Canadian in-house counsel and c-suite executives
Issue link: https://digital.canadianlawyermag.com/i/1171384
34 www.canadianlawyermag.com/inhouse COMPLIANCE MONITORING is a critical and necessary task at any bank. Until recently, however, it has always been an activity that has required a great deal of manual effort. At Bank of Montreal, the last part of that statement isn't quite as true as it used to be as the bank is using artificial intelligence and machine learning to automate compliance tasks. It's an improvement that has changed the way the bank operates, says Conni Gibson, BMO's vice president and chief compliance officer for personal and commercial Canada. "We do a lot of monitoring activities, of behaviours, of sales, of controls — are our com- pliance controls working? — and so forth. It was a lot of manual activities where we were going out to people asking them to send us spreadsheets, asking them to send us data. Now, we have the ability, through the machine that we've built, to access the entire bank's data lake and pull all that data into us. "It's not only compliance that looks at it. We've also partnered with our business on the front lines, the people who are actually selling things and actually serving customers. They can also look at it and have an insight into trending patterns. And then in phase two of the project, which we are Compliance through technology BMO uses artificial intelligence and machine learning to create innovative system for compliance monitoring launching now and we're very excited about, it's going to get into predictive behaviour." Although this is definitely a project that is under the authority and purview of the bank's compliance officers, it wasn't something they could create without assistance, says Eric Moss, deputy general counsel, senior vice president and chief compliance officer. It took collaboration with the bank's technology experts to make the project a reality. "We've worked with the machine learning group and other contacts before and some of our team were just thinking about the ways that we could do a better job and be more proac- tive in identifying things to make sure that our customers are treated fairly. This was a kind of a brainstorming thing: We have this broader data across the bank. [The team was] familiar with some of the machine learning capabilities that are out there, so they started a dialogue saying, 'What can we do to pull together and utilize our data that we use in one context to help us serve and protect in another context?'" It took around six months from the time the compliance team began brainstorming to the time the AI-based compliance system was deployed. Admittedly, the initial version of the solution was only able to look at one particular compliance issue in one particular customer pro- tection area, but that was just the starting point. Today, Gibson says, it is examining four or five different areas, and she expects more will be add- ed as the solution's capabilities continue to scale. (While the bank is happy to discuss generalities of the solution, it is unable to talk about details, citing security concerns.) Because the AI and machine learning capabil- is diversified, employs not just a single fund-rais- ing campaign (or a single type of campaign) and that it reaches out to donors through a variety of advertising and marketing methods. The ERM program has been running for about a year (and took about one year to develop), but that doesn't mean it's completed. Now is the time for "blue sky thinking," says Goldbloom, as well as expanding the scope of the program and working to create new ways it can be used to prevent liability. It's also not finished because it should never be a static program. According to Goldbloom, he expects people to be continually reclassifying risks as they are dealt with, and moving them from potential future risk categories into catego- ries indicating they have been addressed. As an example, he says, one potential risk identified by the program and the committee was the need to implement cybersecurity software. That software has now been deployed, so the status of the risk a cyber-threat poses needed to change. While everybody involved with the ERM pro- gram is passionate about it because they're re- sponsible for developing the system, Goldbloom says it's critical to have senior management's commitment and support for creating a risk management culture as this type of approach must be driven from the top down in order to be successful. He also believes that it helps to have a lawyer in charge of risk management projects, rather than have them under the control of finance or IT departments. "As a general counsel, aside from ensuring we are legally compliant, I'm here to minimize risk to the organization and I'm also here to facilitate maximizing of revenue. One thing about a risk management culture is it feeds directly into the minimizing of risk, so in any organization . . . you as a lawyer want to make sure you can minimize risk in every way you can. "You're never going to have no risk in an organization. If you're trying to carry out your ac- tivities or trying to be innovative, there will always be some form of risk, but if you can mitigate it as best you can and think through all the stuff that can go wrong and plan against it, you're setting yourself up for success, and especially in the legal department, that will make your job that much more successful." (Left to right) Anneke Deetlefs, data scientist; Taha Patoli, senior manager sales practice, legal and regulatory compliance; Conni Gibson, VP and chief compliance officer for personal and commercial Canada; Eric Morrow, director, data science - Machine Learning Centre of Excellence; Joanne Wingate, senior compliance officer. INNOVATIO