Skip to content


The definitive guide to conflicts of interest

By GAN Integrity

Why Organizations Should Prioritize COI

Compliance programs are never a one-size-fits-all solution and conflicts of interest are no exception. Depending on your organization’s industry, size, and risk appetite, the way you approach conflicts of interest (COI) may be vastly different from other companies. The best way to build a world class conflicts of interest process? Find a tailored solution that works for your organization. In this article, we will explore the factors you should be considering when building or revamping your current COI process. It’s no secret that conflicts of interest present a significant risk within organizations and have the potential to result in serious regulatory issues. It’s crucial that organizations adopt a structured approach to handling and monitoring conflicts of interest for its employees, management, and third parties from the moment they arise. Conflicts of interest can truly be early warning signs or smoke signals for larger organizational issues. An effective COI process gives compliance officers a clear birds-eye-view into their organization so they can better understand where current risks exist and better predict where future ones lie. Companies must also ensure that their employees don’t take advantage of ambiguous situations. For example, giving preferential treatment to a vendor they have personal relationships with or making business decisions based on what will benefit themselves financially. For large organizations operating with multiple business units and constant expansion into new markets, it can be difficult to manage conflicts due to the sheer scope and complexity of the organization. COI processes, like any compliance process, present companies with an opportunity to strive for transparency, loyalty, impartiality, and integrity. Take a moment to reflect: is your organization taking full advantage of this opportunity? Organizations should care about conflicts of interest because creating an effective COI process can shield the business from current and future risks, inform other compliance processes, and give a holistic view of what is actually going on within your organization. Consider this your guide to tackling the current hurdles your COI process faces and a resource to help you build a solution that will reduce risk and increase transparency within your organization.


Manage conflicts of interest at scale

Manage conflicts of interest with an intuitive solution for higher visibility, a streamlined approach and an easy submission process

Learn more

What is a Conflict of Interest?

A conflict of interest is when the personal interest of an employee could interfere with or influence their conduct in the workplace. Common types of conflicts include, but are not limited to, outside employment, workplace relationships, selling to the company, political commitments, and personal financial interest. Conflicts should be avoided by employees if at all possible. When they cannot be avoided, all conflicts of interest should be openly disclosed and handled according to established workflows.

Current Challenges with COI

There are a handful of common issues that organizations face when approaching conflicts of interest. No matter where your conflicts of interest program is today, consider these problems—and more importantly, how you can solve them. Most compliance teams face one if not all of these hurdles:

Leveraging Tools Not Built for COI

The vast majority of compliance teams have a stop-gap solution in place that handles conflicts of interest. The most common tools being used for COI today include email, spreadsheets, SharePoint, ticketing tools, homegrown solutions, or hacking compliance tools to fit the COI use case. The problem with these solutions? They were not designed for conflicts of interest and they are likely not flexible enough to reflect your organization’s unique needs. Having inadequate solutions in place for any compliance process is a disservice to the compliance team and the organization. In order to have a truly effective COI process, you need a tool that was built to handle this specific function. Other solutions leave major gaps in your processes leaving room for risk to go unmanaged. Many of the most common tools being used for COI today have major limitations. The only tool that is a true solution for conflicts of interest, is one that was built with conflicts in mind. Depending on what COI tool you use today, it may be holding your program back from truly moving the needle for your business. Don’t let your COI process be limited by the technology that is intended to support it.

Limited Scope of COI

Another challenge organizations face with conflicts of interest is how exactly they define what a conflict is. Often, organizations define what they consider to be a conflict slightly differently based on industry, size, risk appetite, and other variables. No matter where your business stands today on the definition of a conflict of interest, there is likely room to broaden the scope of what a COI really is. Increasing this scope means addressing additional risk factors and, in all likelihood, also increasing the number of workflows and complexity of your current process. Below are typical conflicts of interest that are addressed along with an expanded list of conflicts that compliance programs tend to address. Understand which of these conflicts your program addresses today along with conflicts that may make sense for you to begin addressing in the future. If any of these conflicts could present sufficient risks to your organization and you are not currently monitoring for them, it might be time to expand your definition of what qualifies as a conflict of interest within your organization.

Traditional Conflicts:

  • Outside employment
  • Personal financial interest
  • Personal workplace relationship

Expanded View of Conflicts:

  • Expanded mandate
  • Interest in competitors
  • Political commitments
  • Interest in business partner
  • Use of confidential information for personal purposes
  • Selling to the company

Lacking a Central Repository

Another widespread issue with conflicts of interest is not having the ability to view all conflicts holistically. Or in other words, having a searchable repository of all conflicts of interest whether one was declared or not. Let’s dive a little deeper into why this is such an important factor. For one, record keeping. Having a library of all conflicts is essential to locating them at a later date, potentially after suspicious behavior has occurred or a case has been opened. This is a huge drawback of leveraging email when everything is handled by individual records and never pulled into a central repository. Having all conflicts of interest data in one place is also a precursor to what we will get into next: analyzing trends. But before we go there, it’s important to remember: what might not be a conflict today could become a conflict 6 months or 2 years from now. This stresses the critical role of proper documentation in order to understand where future conflicts might arise. Having a central database where all conflict data is stored is a first and essential step to finding that data at a later date or aggregating the data for deeper analysis.

Most conflict of interest processes have a major gap: identifying trends in COI across the organization. Aggregating all COI data into a single database then extracting insights is an advanced function that is massively impactful to the compliance teams who are able to harness its power. However, even the first step of viewing conflict data holistically can be a major hurdle. Once that is tackled, it’s time to start analyzing the information. Being able to see what has been disclosed, common types of conflicts, and frequently named third parties or vendors can be critical information to inform the rest of your compliance and ethics strategy. For example, understanding if certain types of COI mainly come from certain business units or geographies could be helpful to understand the organization’s risks. Another trend that would be beneficial to track is other conflicts that employees report, the ones that don’t fall under a predetermined category set by the compliance team. If there is a specific unique conflict that a critical volume of your employees begin reporting, this could be a signal to create a new category for that conflict. Finally, it should be the goal of any COI program to have conflicts flow into an overall risk framework. COI data should be connected to adjacent compliance processes and ensure that it augments third party data, regulatory information, and whistleblower data and should inform your risk view in real-time.

Managing Organizational Change

If conflicts of interest are so important why isn’t every organization frantically updating their process to be cutting-edge? Two words: change management. Change is difficult for humans and even harder for large, complex organizations with many moving pieces and multiple stakeholders. The intense undertaking of changing current processes is actually what holds many compliance teams back from evolving their current processes. You’re going to have to get curious and creative to come up with an effective solution to upgrade your COI processes. Whether it’s updating policies, retraining employees, rolling out new technology, or any combination of the aforementioned, it takes time, strategy, and likely a healthy dose of patience to overcome these organizational hurdles. It can also be beneficial to find examples of what impactful change looks like in your organization. Talk with leaders who have spearheaded major organizational changes before and get their specific tips on navigating change within your organization.

Defining a Robust COI Process

When revamping any process, it is important to begin where you are. Understanding how to improve your current COI process starts with a deep understanding of where you are at today. There are a few critical questions that you should consider during this review:

Who is currently involved in the COI process?

Compliance teams can both over fulfill this need or under fulfill it. If compliance officers do not loop in enough people in the conflicts process (or the right people), they might be streamlining the process but failing to inform critical parties of risk they should be aware of. On the other hand, if compliance teams have overly complex processes with too many dependencies to get a decision over the line, the time to process a conflict could be unnecessarily lengthy. It is important to find the right balance and to ensure stakeholders are informed and their inputs are solicited at the right step of the process.

What types of conflicts do employees declare?

It’s important to understand what your employees and third parties are reporting as conflicts today. Digging into what percentage of your workforce submits a conflict is a good benchmark to understand. Depending on the absence or prevalence of COI throughout your organization it might highlight an opportunity to ensure employees are aware of the full scope and importance of the COI policy.

When are conflicts initially being processed?

And what’s the recurring frequency, thereafter? It’s best practice for all new hires to clear conflicts of interest before they are officially on-boarded. After that, new conflicts should be reviewed annually or when new conflicts present themselves. If you don’t already have a process in place for on-going monitoring or a plan to enable employees to submit conflicts as they arise, these could be potential ways to expand your existing COI program.

Where are you managing COI processes and storing data?

As previously mentioned, a big step in making COI process improvements can be found in the technology that supports your program. We go into detail on what a good COI solution looks like in other sections, but taking inventory of how your tools are enabling or hindering an effective COI process is a critical step. And yes, implementing new software does not always happen overnight but it often moves the needle the most and is worth investing in both from a resource and budget perspective.

How does your organization view conflicts of interest?

The way companies approach conflicts of interest often depends on a number of variables. Work with the rest of your company’s leadership team to establish how to deal with the different types of conflicts and which ones will need remedy actions. Setting clear goals for this process with your leadership team will not only help you run the best program but it will also prove the value to the executive team by making them a part of the decision process.

Establishing a COI Workflow

A COI workflow typically involves the employee reporting the conflict, the line manager, human resources team when required, and compliance team, depending on the risks involved. A disclosure management workflow should ideally map out the different steps involved in the management of a particular disclosure and who is to be alerted or engaged in the process based on the initial assessment of the risks involved. Other stakeholders may be engaged on the process based on your unique organisational set up or on the types and risk levels of the disclosed conflicts.

Some compliance teams choose to remind employees periodically to report any potential or actual conflicts while others allow for ad-hoc submissions only. Some choose to only require submissions when there are conflicts to be declared, while others require confirmation from employees that there are no conflicts to declare. These may prove handy for documentation and audit purposes. The volumes of disclosures this approach might generate shouldn’t discourage compliance teams. Leveraging automation in your COI workflow process can automate the collection and review process based on pre-determined threshold allowing compliance teams to only escalate disclosures that require human review.

When addressing conflicts with their direct reports, managers should be trained to assess risks to business interests and the impact conflicts could have on the company. Disclosures made directly to managers should be submitted on behalf of employees ensuring that all disclosures live in a centralised place. The underlying disclosure management workflow should guide the manager towards the best next steps to take based on the inputted information to ultimately make a pragmatic decision. At the end of the day, the goal is to minimize risks to the company and protect employees interests as much as possible.

What Should Be Done About Conflicts

Historically, organizations have approached conflicts of interest as risks that should be avoided. However, now enterprise companies are beginning to take a different approach: viewing the ability to efficiently and effectively manage conflicts as a competitive edge. Whether or not your company falls into this category, this perspective can shift your thoughts about the right way for your organization to manage conflicts.

There’s little question here—turnaround will depend on the risks involved, however building an efficient process is critical to resolve or mitigate conflicts as quickly as possible. Take for example a large technology company vs a large financial firm. A technology firm might view conflicts as a hiring hindrance and something that should be expedited. For this reason, their COI process is likely to be quick, lenient, and streamlined. Their goal is to clear conflicts as quickly as possible so they can extend top candidates an offer before their competition. The financial firm, however, functions in a more highly regulated industry with issues like insider trading constantly top-of-mind. Due to their industry and caution around conflicts, their COI process is likely longer. Another example that takes place within a single organization is adopting a variable risk appetite based on the seniority of the potential hire. That is to say that an organization might take on more risk for a senior hire than they would for a junior one. In this situation, junior-level employees would still be rejected as candidates if they had conflicts of interest but senior employees would go through a different workflow where appropriate mitigations are established to ensure the identified conflict doesn’t represent an exposure risk for the organization. This is the organization’s way of saying they are willing to take on additional risk for certain roles, but not for all hires. Both of these examples highlight why compliance teams need customizable and flexible solutions that are tailored to their specific needs. Which brings us to our next topic: the role of technology.

The Role of Technology

Conflicts of interest processes are increasing in complexity but have long been handled by basic tools with elementary functionality. Best-in-class programs have the leading software powering them. COI requires a robust tool that streamlines complex workflows, automates notifications to relevant parties, and is tailored to your organisation’s unique needs. It’s essential to select the right conflicts of interest vendor. Your technology partner can make or break how impactful your well thought through COI plan will be. Let’s review the solutions needed to effectively manage declarations:

  • Systematically take in conflicts of interest declarations
  • Ensure users are seamlessly guided through the processes for a higher adoption and completion rate
  • Leverage automated campaigns to distribute COI policy and training and periodic disclosure campaigns
  • Collect declarations from future fires before they become employees
  • Effectively triage, review conflicts of interest, ask for additional information or escalate cases
  • Mitigate conflicts by ensuring that employees accomplish appropriate mitigation tasks
  • Maintain an overview of all conflicts of interest from one dashboard
  • Govern interactions with disclosures and access to data based on user role and function
  • Embedded reporting and analytics to be able to analyse data and report on results and trends
  • Seamlessly export data into a detailed report (and easily share with management)
  • Connect disclosure data to adjacent compliance processes when relevant; example conflicts involving third party relationships.

Another consideration with bringing on a solution to manage COI is how it will impact total processing time. Looking at your current processing time is important. On average, how long does it take your company to process a COI? Less than a week? More than a month? There’s little debate here—the quicker the better. Building an efficient process is the name of the game. Being agile with COI allows companies to hire faster, retain talent, and have an accurate picture of what their current conflicts and risks are. Organizations will also be better prepared for the risks that lay ahead. A strong library of COI can go a long way as risks fluctuate and change over time.


The Integrity Platform

Drive tangible impact with the Integrity Platform, making your people active participants in a journey toward ethical business transformation by engaging them with ethical experiences at all touchpoints.

Learn more

Deploying a New COI Process

A good communication strategy is key to the long-term success of your COI process and compliance objectives. An effective communications plan allows you to make sure all relevant stakeholders are involved, create curiosity around the topic, ensure engagement over time, and create visibility for the ethics and compliance function. However, change management is something that must be handled carefully. Management will also play a critical role in rolling out an updated COI process. Managers lead by example and their direct reports and other employees will follow suit. Nail the communication process to managers in order to set the correct tone at the top. Plus, managers can actually ensure their teams adhere to the new process. Here’s a simple 3-step process to effectively deploying a new COI process (or any compliance process for that matter) in your organization:

3-Step Communications Process

  1. Tease the topic: Present to your organization’s leadership team to gain executive buy-in and request their assistance with establishing a strong tone at the top. For the rest of the organization, let them know that changes are coming soon, so as not to catch anyone off-guard with your new processes. This might come in the form of posters, emails, or screensaver communications to employees across your company.

  2. Train the workforce: Launch your COI process and ensure that adequate awareness and training accompanies your roll-out. Leverage your trusted technology partner to make this step seamless.

  3. Evaluate responses: With the launch of your digitized declaration campaign, it might be tempting to sit back and feel like your work here is done. You might think your only worry is to process the conflicts that employees declare. However, a huge part of deploying a new process is listening to feedback from outside of the compliance team.

Understanding the Impact of COI

Understanding the impact that proper COI management has on an organization begins with knowing where the business impact comes from. Measuring the results of COI can come in two forms: direct and indirect results. For direct results, you can measure the impact of the average time an employee spends on conflicts and time saved across the organization due to automation. These are both measurements that look at the efficiency of the COI process and the larger impact that will have on the organization as a whole. From a qualitative perspective, you can observe benefits including potential litigation costs avoided from knowing about these conflicts upfront, advantages in recruiting new employees (the speed at which you can clear conflicts and hire top talent), process timeline, the value of building an accurate library of conflicts and insurance value. Ensuring nothing slips through the cracks and exposes the company to unknown risks is a value add that can be difficult to quantify but undoubtedly provides the business with immense value. Process timeline can be a bit of a gray area because it will vary dramatically depending on how many checks and balances your processes have. Some processes need one approval, others have multiple layers of approvers with complex rerouting workflows that naturally take longer. When considering indirect results of COI processes you might also contemplate the impact of missing out on a top candidate for no other reason other than your competitor was able to clear their conflicts faster and extend them an offer first. There are many ways to partner with your HR team to ensure COI processes run as smoothly as possible. The key to COI management is transparency, disclosure, and proper documentation. That’s what an efficient solution is all about: finding the right workflows, checks and balances, and technology for your organization. If your COI process is managed properly it will shield your business from future reputational or monetary risks. As you revamp your conflicts of interest processes keep these business drivers in mind; How will your new and improved process impact these results?

Implement a tailored Conflicts of Interest solution

View platform

Related reading

Join the E&C Community

Get the latest news from GAN Integrity in your inbox.

We respect your privacy. Your data will be kept confidential and will not be sold or shared with third parties. For more information, please see our Privacy Notice.