The Definitive Guide to Conflicts of Interest Compliance

Why Organizations Should Prioritize Conflicts of Interest (COI) Compliance

Compliance programs are never a one-size-fits-all solution and conflicts of interest are no exception. Depending on your organization’s industry, size, and risk appetite, the way you approach conflicts of interest (COI) may be vastly different from other companies.

The best way to build a world class conflicts of interest process? Find a tailored solution that works for your organization. It’s crucial that organizations adopt a structured approach to handling and monitoring conflicts of interest for its employees, management, and third parties from the moment they arise.

Conflicts of interest can truly be early warning signs or smoke signals for larger organizational issues. An effective COI program gives compliance officers a clear birds-eye-view into their organization so they can better understand where current risks exist and better predict where future ones lie. Companies must also ensure that their employees don’t take advantage of ambiguous situations. COI processes, like any compliance process, present companies with an opportunity to strive for transparency, loyalty, impartiality, and integrity.

What is a Conflict of Interest?

A conflict of interest is when the personal interest of an employee could interfere with or influence their conduct in the workplace. Common types of conflicts include, but are not limited to, outside employment, workplace relationships, selling to the company, political commitments, and personal financial interest. Conflicts should be avoided by employees if at all possible. When they cannot be avoided, all conflicts of interest should be openly disclosed and handled according to established workflows.

Current Challenges with COI Compliance

There are a handful of common issues that organizations face when approaching conflicts of interest. No matter where your conflicts of interest program is today, consider these problems—and more importantly, how you can solve them. Most compliance teams face one if not all of these hurdles:

Leveraging Tools Not Built for COI

The vast majority of compliance teams have a stop-gap solution in place that handles conflicts of interest. The most common tools being used for COI today include email, spreadsheets, SharePoint, ticketing tools, homegrown solutions, or hacking compliance tools to fit the COI use case.

The problem with these solutions? They were not designed for conflicts of interest and they are likely not flexible enough to reflect your organization’s unique needs. Having inadequate solutions in place for any compliance process is a disservice to the compliance team and the organization. In order to have a truly effective COI process, you need a tool that was built to handle this specific function.

Other solutions leave major gaps in your processes leaving room for risk to go unmanaged. Many of the most common tools being used for COI today have major limitations. The right conflicts of interest solution, is one that was built with conflicts in mind.

Limited Scope of COI

Another challenge organizations face with conflicts of interest is how exactly they define what a conflict is. Often, organizations define what they consider to be a conflict slightly differently based on industry, size, risk appetite, and other variables.

 Increasing this scope means addressing additional risk factors and, in all likelihood, also increasing the number of workflows and complexity of your current process.

Below are typical conflicts of interest that are addressed along with an expanded list of conflicts that compliance programs tend to address. 

Traditional conflicts

• Outside employment

• Personal financial interest

• Personal workplace relationship

Expanded view of conflicts

• Expanded mandate

• Interest in competitors

• Political commitments

• Interest in business partner

• Use of confidential information for personal purposes

• Selling to the company

• Lacking a central repository

Another widespread issue with conflicts of interest is not having the ability to view all conflicts holistically. Or in other words, having a searchable repository of all conflicts of interest whether one was declared or not.It’s important to remember: what might not be a conflict today could become a conflict 6 months or 2 years from now. This stresses the critical role of proper documentation in order to understand where future conflicts might arise. Having a central database where all conflict data is stored is a first and essential step to finding that data at a later date or aggregating the data for deeper analysis.

Not Understanding Conflict of Interest Trends

Most conflict of interest processes have a major gap: identifying trends in COI across the organization. Aggregating all COI data into a single database then extracting insights is an advanced function that is massively impactful to the compliance teams who are able to harness its power.

Being able to see what has been disclosed, common types of conflicts, and frequently named third parties or vendors can be critical information to inform the rest of your compliance and ethics strategy.

For example, understanding if certain types of COI mainly come from certain business units or geographies could be helpful to understand the organization’s risks. 

Finally, it should be the goal of any COI compliance program to have conflicts flow into an overall risk framework. COI data should be connected to adjacent compliance processes and ensure that it augments third party data, regulatory information, and whistleblower data and should inform your risk view in real-time.

Managing Organizational Change

The intense undertaking of changing current processes is actually what holds many compliance teams back from evolving their current processes. 

Whether it’s updating policies, re-training employees, rolling out new technology, or any combination of the aforementioned, it takes time, strategy, and likely a healthy dose of patience to overcome these organizational hurdles. It can also be beneficial to find examples of what impactful change looks like in your organization. Talk with leaders who have spearheaded major organizational changes before and get their specific tips on navigating change within your organization.

Defining a Robust COI Program

When revamping any compliance process, it is important to begin where you are. Understanding how to improve your current COI process starts with a deep understanding of where you are at today. There are a few critical questions that you should consider during this review:

Who is Currently Involved In the COI Disclosure Process?

Compliance teams can both over fulfill this need or under fulfill it. If compliance officers do not loop in enough people in the conflicts process (or the right people), they might be streamlining the process but failing to inform critical parties of risk they should be aware of. On the other hand, if compliance teams have overly complex processes with too many dependencies to get a decision over the line, the time to process a conflict could be unnecessarily lengthy. It is important to find the right balance and to ensure stakeholders are informed and their inputs are solicited at the right step of the process.

What Types of Conflicts Do Employees Disclose?

It’s important to understand what your employees and third parties are reporting as conflicts today. Digging into what percentage of your workforce discloses a conflict of interest is a good benchmark to understand. Depending on the absence or prevalence of COI throughout your organization it might highlight an opportunity to ensure employees are aware of the full scope and importance of the COI policy.

When Are Conflicts Initially Being Processed?

And what’s the recurring frequency, thereafter? It’s best practice for all new hires to clear conflicts of interest before they are officially on-boarded. After that, new conflicts should be reviewed annually or when new conflicts present themselves. If you don’t already have a process in place for on-going monitoring or a plan to enable employees to submit conflicts as they arise, these could be potential ways to expand your existing COI program.

Where Are You Managing COI Processes and Storing Data?

As previously mentioned, a big step in making COI program improvements can be found in the COI software solution that supports your program. We go into detail on what a good COI solution looks like in other sections, but taking inventory of how your tools are enabling or hindering an effective COI process is a critical step. And yes, implementing new software does not always happen overnight but it often moves the needle the most and is worth investing in both from a resource and budget perspective.

How Does Your Organization View Conflicts of Interest?

The way companies approach conflicts of interest often depends on a number of variables. Work with the rest of your company’s leadership team to establish how to deal with the different types of conflicts and which ones will need remedy actions. Setting clear goals for this process with your leadership team will not only help you run the best program but it will also prove the value to the executive team by making them a part of the decision process.

Establishing a COI Disclosure Workflow

A COI disclosure workflow typically involves the employee reporting the conflict, the line manager, human resources team when required, and compliance team, depending on the risks involved. A disclosure management workflow should ideally map out the different steps involved in the management of a particular disclosure and who is to be alerted or engaged in the process based on the initial assessment of the risks involved.

Other stakeholders may be engaged on the process based on your unique organizational set up or on the types and risk levels of the disclosed conflicts.

Some compliance teams choose to remind employees periodically to report any potential or actual conflicts while others allow for ad-hoc submissions only. Some choose to only require submissions when there are conflicts to be declared, while others require confirmation from employees that there are no conflicts to declare. These may prove handy for documentation and audit purposes.

When addressing conflicts with their direct reports, managers should be trained to assess risks to business interests and the impact conflicts could have on the company. Disclosures made directly to managers should be submitted on behalf of employees ensuring that all disclosures live in a centralized place.

The Role of Conflicts of Interest Software

Conflicts of interest processes are increasing in complexity but have long been handled by basic tools with elementary functionality. Best-in-class programs have the leading COI software powering them.

COI requires a robust tool that streamlines complex workflows, automates notifications to relevant parties, and is tailored to your organization’s unique needs. It’s essential to select the right conflicts of interest vendor. Your technology partner can make or break how impactful your well thought through COI plan will be. 

Let’s review the solutions needed to effectively manage declarations:

• Systematically take in conflicts of interest declarations

• Ensure users are seamlessly guided through the processes for a higher adoption and completion rate

• Leverage automated campaigns to distribute COI policy and training and periodic disclosure campaigns

• Collect declarations from future fires before they become employees

• Effectively triage, review conflicts of interest, ask for additional information or escalate cases

• Mitigate conflicts by ensuring that employees accomplish appropriate mitigation tasks

• Maintain an overview of all conflicts of interest from one dashboard

• Govern interactions with disclosures and access to data based on user role and function

• Embedded reporting and analytics to be able to analyze data and report on results and trends

• Seamlessly export data into a detailed report (and easily share with management)

• Connect disclosure data to adjacent compliance processes when relevant; example conflicts involving third party relationships.

Another consideration with bringing on a solution to manage COI is how it will impact total processing time. Looking at your current processing time is important. On average, how long does it take your company to process a COI? Less than a week? More than a month? There’s little debate here—the quicker the better.

Deploying a New COI Process

A good communication strategy is key to the long-term success of your COI compliance program and compliance objectives. An effective communications plan allows you to make sure all relevant stakeholders are involved, create curiosity around the topic, ensure engagement over time, and create visibility for the ethics and compliance function. 

Management will also play a critical role in rolling out an updated COI process. Managers lead by example and their direct reports and other employees will follow suit. Here’s a simple 3-step process to effectively deploying a new COI process (or any compliance process for that matter) in your organization:

3-Step COI Communications Process

1. Tease the topic: Present to your organization’s leadership team to gain executive buy-in and request their assistance with establishing a strong tone at the top. For the rest of the organization, let them know that changes are coming soon, so as not to catch anyone off-guard with your new processes. This might come in the form of posters, emails, or screensaver communications to employees across your company.

2. Train the workforce: Launch your COI process and ensure that adequate awareness and training accompanies your roll-out. Leverage your trusted technology partner to make this step seamless.

3. Evaluate responses: With the launch of your digitized declaration campaign, it might be tempting to sit back and feel like your work here is done. You might think your only worry is to process the conflicts that employees declare. However, a huge part of deploying a new process is listening to feedback from outside of the compliance team.

Understanding the Impact of COI Compliance

Understanding the impact that proper COI compliance management has on an organization begins with knowing where the business impact comes from. Measuring the results of COI can come in two forms: direct and indirect results. For direct results, you can measure the impact of the average time an employee spends on conflicts and time saved across the organization due to automation. These are both measurements that look at the efficiency of the COI process and the larger impact that will have on the organization as a whole.

From a qualitative perspective, you can observe benefits including potential litigation costs avoided from knowing about these conflicts upfront, advantages in recruiting new employees (the speed at which you can clear conflicts and hire top talent), process timeline, the value of building an accurate library of conflicts and insurance value.

The key to COI compliance is transparency, disclosure, and proper documentation. That’s what an efficient solution is all about: finding the right workflows, checks and balances, and technology for your organization. If your COI process is managed properly it will shield your business from future reputational or monetary risks.