What metrics should be tracked, and why? What do they actually tell you? Three unique perspectives will be explored from compliance, risk, and legal officers at Biogen Idec, PSEG, and OfficeMax. The trio will demonstrate, discuss, and debate the data they measure, the metrics they track, and the reasons for both.
- Biogen Idec Chief Compliance Officer Rosland McLeod
- PSEG VP Risk Management & Chief Risk Officer Laurie L. Brooks
- OfficeMax Inc. EVP and General Counsel Matthew Broad
- Scott Mitchell, OCEG
These are my notes, live from the session:
How do compliance professionals demonstrate that what they are doing is effective and efficient? It’s difficult because compliance success is usually about what did not happen.
OfficeMax has some measurements that are key to retailers, including inventory shrink.
One risk that have to managed at a public utility is options trading and financial risks. They do lots of market trading. That means they also have trader compliance issues. They have the classic compliance requirements of wall street, although it’s from the end user perspective.
They are highly regulated so there is compliance risk, of failing to follow the complex rules. There is strategic risk in designing the business operations. Lastly there is tactical risk in deploying the strategy and meeting the requirements of compliance.
Biogen tracks metrics around policy development. They track how long it takes and how much it cost. If it’s taking lots of outside resources, maybe they will consider bringing a resource internally.
One key discussion of the panel was the business impact of the measurements. Ideally, the measurements should impact business decisions and business strategy.
The panel emphasized the need for collaboration across the enterprise. Other units are already measuring business operation. Take advantage of the existing information. You can get better information (and save costs).
The more you understand the business and the more you demonstrate your knowledge of the business, the more successful you will be. Metrics for the sake of metrics is useless.
It’s great to generate stories about the bullets you dodged by identifying issues and risks before they have an impact on the business. Try to transform compliance from a value-add from merely being a cost-center.