Companies are increasingly investing in enterprise governance, risk, and compliance (eGRC), largely in response to an uptick in regulatory action and enforcement. Between the enactment of laws such as the Dodd-Frank Wall Street Reform and Consumer Protection Act and the Foreign Corrupt Practices Act, as well as the agency’s “broken windows” philosophy, finding that no case is too small to prosecute, financial organizations face unrelenting scrutiny. A recent press release confirms that organizations’ focus on eGRC initiatives is well-timed. Last week, the Securities and Exchange Commission (SEC) announced a new single-year record for enforcement actions: 868 cases (compared to 805 in 2015 and 755 in 2014). The agency attributed the record in part to its continued “use of data to detect illegal conduct and expedite investigations.”

The SEC’s caseload for the fiscal year ending September 30, 2015 toppled records in a number of areas, including “the most ever cases involving investment advisers or investment companies (160) and the most ever independent or standalone cases involving investment advisers or investment companies (98). The agency also reached new highs for Foreign Corrupt Practices Act-related enforcement actions (21) and money distributed to whistleblowers ($57 million) in a single year.” For its efforts, the agency experienced a boon in recovery, reporting that it “obtained judgments and orders totaling more than $4 billion in disgorgement and penalties.”

During the course of its investigations, the agency learned that many organizations lacked the requisite internal controls to detect or prevent illegal behavior. The agency repeatedly found that the sanctioned companies and individuals ignored red flags denoting suspicious transactions and other indicia of bribery, corruption, and fraud. In some of these cases, the SEC acknowledged that it discovered the misconduct while studying other transactions and discerned patterns from the data it collected.

What’s the best defense against regulatory actions and penalties? Fight data with more data—that is, data analytics. To put themselves on equal footing with government agencies that are exploiting the power of information, organizations are making the most of their access to a panoply of advanced data analytics tools. In a strict eDiscovery context for individual cases, these include analytics such as predictive coding, relationship analysis, anomaly detection, and concept analysis.

However, to gain an even greater advantage in regulatory compliance, organizations are turning to Big Data analytics capable of consolidating an organization’s entire data across prior and current legal and compliance matters, including up to billions of records collected for disparate legal and compliance matters and previously classified by attorneys, across hosted review platforms. With this analytics-as-a-service, organizations can proactively identify risky communications or actions in real-time. Most importantly, they can gain unprecedented insight faster than ever before through the automatic classification and identification of relevant, privilege and other attorney-designated data, creating an efficient early warning system that can pre-empt liability.

Karl Sobylak is Senior Director, Data Analytics, at Conduent. He can be reached at

Conduent Legal and Compliance Solutions (“Conduent”) is not authorized to practice law, and neither offers legal advice nor provides legal services in any jurisdiction. The services offered by Conduent are limited to the non-legal, administrative aspects of document review and discovery projects. Conduent provides such services solely at the direction and under the supervision of its clients’ authorized legal counsel. See more at
Note: This blog was founded upon the completion of the separation of Conduent from Xerox Corporation. Certain articles here were originally published when Conduent's business portfolio was part of Xerox. Web links, telephone numbers and titles were correct at the time of publication, but may have changed. We appreciate your diligent readership. Should you come across any information that appears out of date, please e-mail