Utilizing Artificial Intelligence to Manage Compliance Risks within Life Sciences

Mark Linver is Managing Director of Deloitte Life Sciences Advisory

To comply with industry regulatory requirements and manage risk when engaging with healthcare professionals (HCPs), life sciences manufacturers implement controls to review and audit ongoing activities. Since it is not feasible to audit or monitor all activities that may involve HCPs, compliance organizations utilize a risk-based approach to set priorities and monitor those activities that exhibit the highest potential for compliance risk.

As technology has evolved and capabilities in artificial intelligence (AI) have increased, life sciences manufacturers are exploring new ways to automate elements of the risk identification, auditing and monitoring process, and are finding new ways to leverage monitoring data for strategic decision making.

Increasing auditing and monitoring capabilities

Earlier this year, Deloitte and Touche surveyed life sciences manufacturers to better understand the industry’s expectations for employing advanced technologies to identify and manage compliance risk. Responding manufacturers identified the following as opportunities to apply AI and robotic process automation (RPA) technologies at their companies:

• Monitor financial transactions in real time to identify non-compliant cases or behaviors and understand trends.
• Implement automatic controls to prevent overspend on specific individuals (HCPs) or events
• Automate the manual or repetitive processes such as:
  1. Extracting information from multiple sources into one platform to provide a centralized repository of data or documents which could be accessed by the required teams and automating mundane tasks such as filling out forms.
  2. Reviewing contracts for compliance with:
• Corporate policies and procedures.
• Regulatory requirements.
• Corporate general business terms.

By employing AI technologies, manufacturers can automate several audits to monitor and review processes while simultaneously:

• Increase the amount of data that can or should be reviewed
• Increase the frequency that audit routines can be implemented
• Identify anomalies
• Prioritize compliance risks
• Manage possible resultant investigations

The process

As illustrated in the diagram below, manufacturers employ a structured process to review data, identify risk, set priorities, as well as create and execute an annual audit plan.
In this context and throughout this blog, the term “audit” means a compliance assessment and does not constitute an audit conducted in accordance with generally accepted auditing standards, an examination of internal controls, or other attestation or review services in accordance with standards established by the American Institute of Certified Public Accountants (AICPA), the Public Company Accounting Oversight Board, or other regulatory body.

While the data review and risk identification processes are complex, they present a series of opportunities to maximize productivity and become more closely integrated with other operational aspects of the business.

Utilizing knowledge-based and model-based approaches to identify risk

Predictive analytics can advance modeling techniques to assess compliance risk on a prospective basis, enabling users to make timely and informed decisions to address identified anomalies. By implementing a dynamic rules base and machine learning algorithms, manufacturers can proactively monitor potential risks such as:

• Inappropriate travel and expense spend
• Contracting/payment anomalies
• Off-label promotion
• Kick-backs
• Misbranding
• Over utilization of or non-policy payments to specific HCPs
• Speaker program attendees or anomalies
• Potential actions that as an aggregate or implementation may not be in compliance with regulations or company policies

With the insights provided from AI applications, the process of monitoring and acting on risk data can be transformed into a far more useful tool for compliance officers and others. Machine learning can be used to comb through large datasets not only to identify potential risk areas, but also to surface performance trends in provider engagements that are difficult to identify in a manual process and optimize use of resources. For example, knowledge-based solutions can:

• Identify issues or patterns in appropriateness of Physician Specialty Targeting (e.g., on-label/off-label; NSAID Rx volume)
• Optimize the use of key opinion leaders— specifically identifying the most appropriate HCP to engage based on objective parameters, thereby maximizing the use of resources, identifying appropriate venues and optimizing budgets

The human factor

An ideal compliance solution environment has a solid data infrastructure that is integrated with public information to provide needed cost benchmarks and uses cognitive intelligence to identify valuable risk and performance trends. Nevertheless, without the right interface, a proactive approach to compliance and risk management is difficult, while moving past compliance to assess business performance is all the more challenging. Data visualization software can be used to put cognitive intelligence insights into a visual context for human decision makers. Well-designed dashboards and user interfaces have the power to move insight into action.

A vision for compliance

As regulatory pressures mount and business processes grow ever more complex, the need for automation and cognitive intelligence in compliance becomes all the more pressing, as well as presents several opportunities.

Flexibility in a well-designed compliance system allows for rapid scale-up or down depending on the nature of the compliance task or business issue, while potentially freeing up existing human resources for other purposes, all while presenting several avenues for cost reduction.

Beyond flexibility and efficiency, compliance modernization is an opportunity to gain an enterprise-wide view of risk, moving from sensing to predicting, acting, and monitoring. Over time, the lines between these formerly separate operational areas and compliance functions should disappear. With the right tools in hand, compliance teams can expand from an oversight role to becoming a central part of organization operations, offering insights that can drive an organization’s competitive advantage.

Actions to Consider

Implementing compliance focused AI systems can help manufacturers proactively manage risk. To help identify opportunities to apply cognitive applications, project teams should:

• Identify processes where rules can be applied to quantify compliance risk
• Document the decision process and rules that are applied for each decision or analysis stage
• Define levels of risk and scenarios that cause identified risk
• Identify data elements and sources required

Once the candidate process, scenarios, rule sets and data have been identified, the appropriate technology can be applied.

About Deloitte

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.

This blog contains general information only and Deloitte is not, by means of this blog, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This blog is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. 

Deloitte shall not be responsible for any loss sustained by any person who relies on this blog.

Copyright © 2019 Deloitte Development LLC. All rights reserved.