Regulatory Compliance, and How Unmanaged Workforce Risk Makes it Hard to Achieve

Posted 3.11.2019

Competitive advantage and revenue assurance are big motivators for any company; the big rewards that push everyone to make operations as efficient and secure as possible.  But the reality is that organizations are also driven by regulatory and compliance requirements — a carrot and stick scenario in which enterprise risk management becomes a lynchpin for success.

Unfortunately, some of the biggest risks come from the resources that are hardest to manage: human resources.  As hard as it is to secure the integrity of infrastructure, data and systems, it’s even more difficult to do so with the workforce that oversees and interacts with these assets across your operations and extended supply chain. This post tackles some of the biggest workforce compliance challenges, and points the way toward the right solutions.

Strict Regulations

Compliance rules affect every sector — from manufacturing and healthcare, to retail and agriculture. But certain industries stand out for the intensity of regulation, and the scrutiny it places on unmanaged workforce risk.  Let’s look at three areas in particular:

Financial Services — The financial sector is replete with regulations, including international reporting standards, capital requirements, money laundering statutes and many other safeguards. When it comes to the workforce, financial services stands out for special scrutiny, since so much of accounting, investments and other financial services are driven by human advisers.  Unfortunately, regulatory bodies like the Financial Industry Regulatory Authority (FINRA) rely on self-reporting. This can lead to huge blind spots about compromising events or circumstances that people may be reluctant to report on their own.

Transportation — Because so much critical infrastructure and national security involves transportation, it’s not surprising that transportation is a heavily-regulated industry — nowhere more than in aviation safety, which is overseen by the Transportation Security Agency.  One of the TSA’s biggest challenges is the huge variety of the aviation workforce — from pilots and flight crews, to maintenance personnel, air traffic controllers and food service providers. That’s a diverse workforce, for which simple background checks and one time, one-size-fits-all screening protocols don’t measure up to strict SIDA requirements around various levels of access.

Government Contracting — Few government contractors can do their job without gaining clearance for their people to access classified information. Agencies like the FBI use specialized protocols, and the U.S. Government overall relies on 13 Adjudicative Guidelines in determining someone’s eligibility for such access. Even a cursory look at those guidelines — from criminal conduct, drug use and psychological factors, to sexual behavior, personal conduct and financial considerations — shows how only the most rigorous and ongoing visibility into someone’s activities, both inside and outside the office, will suffice.

The Right Approach to Workforce Risk and Compliance

Ultimately, there’s an overarching truth for any industry where workforce risks can derail compliance:  Ignorance is not an excuse. In other words, your responsibility for knowing about an employee, vendor or other workforce member’s activity doesn’t end after the initial background check, and it doesn’t end when someone clocks out for the day. The bigger your gap in understanding, the bigger your regulatory risk.

Endera’s solution for continuous workforce risk evaluation is a must-have to fill that gap — with comprehensive and ongoing capabilities to keep unmanaged workforce risks to a minimum.  In another post, we’ll take a closer look at some compelling use cases to show how those capabilities are being deployed in major enterprises today in order to reduce their risk and boost compliance.