Technology

Uncovering Risk in What Remains Unsaid

Software dips below the surface to mine the unconscious patterns in written communications.

CCBJ: Tell us about KeenCorp.

Andrew Fastow: KeenCorp is machine learning software that identifies risks faster than the current suite of tools by measuring internal communications, like emails and text messages, among groups of employees. It’s not looking for keywords. It’s looking for changes in tension level and connectedness. This metric is extremely highly correlated to risk, so when something risky is going on, tension levels rise, and the software picks it up.

It is based on a science called psycholinguistics and works much like voice inflection and body language. If you’re married or have a very good friend, you probably know when that person is tense even if they tell you everything’s fine. It’s because our brains have trained themselves to measure patterns. For someone you are very close to, your brain knows their speech, voice inflection and body language patterns, and your brain is able to subconsciously pick up any changes in those patterns.

This software is analogous to that. People’s writing patterns unconsciously change when the tension and connectedness levels change. When people are writing in a natural language environment, if they are more tense or if they are disconnecting from the situation, the software will pick it up because their patterns change. An annual report is an example of what’s not natural language communication. That’s very scripted. Emails are natural language communication.

One of the most frequently heard comments among directors when there’s a problem is, “Why didn’t we know about this sooner?” KeenCorp solves that problem. Using KeenCorp allows legal staff, risk managers, HR, management, and directors to find out about and resolve problems before they become government enforcement actions, lawsuits, a short-seller attack, the loss of valued employees, or a social media disaster.

Earlier risk identification leads to better outcomes for companies. Examples of risks that have been uncovered by the KeenCorp software include safety risk, harassment risks, gender and diversity issues, retention issues, financial fraud, compliance, change adoption, project management or project health, and management alignment.

What drew you to KeenCorp, and what is your role?

I am a consultant working on strategy and marketing, and I have invested in the company. I spent significant time searching for tools that companies could use to help identify risks that they were not seeing. As I spoke to more and more directors, risk managers, HR people, all of them seemed to say the same thing using slightly differ-ent words: “The thing that keeps me awake at night is the thing that I don’t know about.” This was the best new tool to identify those unknown risks.

If KeenCorp software had been available and had been used by Enron from 1999 through 2001, the Enron scandal would not have happened. Unfortunately, I cannot change the legacy of Enron. I’m ashamed and embarrassed about that. I believe what I did was wrong. What I hope to do is layer a legacy on top of it that I was part of the solution to the problem, and I see KeenCorp as a linchpin to the solution.

How does the technology work? What intelligence can it offer employers?

The software goes through several steps. First, it an-onymizes all of the emails, all of the text messages, so there’s no ability to trace back to the original authors of any particular communication. All the personal informa-tion is blanked out: names, dates, etc.

Second, it groups employees into categories that the company determines. You can group employees in differ-ent ways to get different insights. For example, let’s say sexual misconduct is an issue, so you want to know if any groups, by gender or location or function or department, are sending off a signal that something is not quite right. The software can sort the information in a variety of ways and show whether those groups are behaving differently than other groups.

Third, it measures the patterns in those emails. Again, it is important to note that the software is not reading emails for content or specific words, like “fraud” or “mon-ey launder.” It’s evaluating if changes in patterns are occurring and measures those changes as differences in the level of tension and connectedness.

What I mean by “connectedness” is when a person personally involves themselves in the way they write. If a manager were to write, “At my Monday morning staff meeting, I presented this quarter’s financial statements,” that is different than if this manager wrote, “At the staff meeting, financials were reviewed.” In one case, the man-ager is taking personal ownership but not in the other. That’s one of the thousands of signals given off by the way people write.

The software combines these measurements into a metric called the KeenCorp Index. That index is then evaluated historically over time and in relation to other groups, and the software sends a daily report show-ing specifically how the index has moved for each of the data sorts that the company has requested. If the index moves dramatically in one way or another, it’s like a check engine light coming on. It doesn’t tell you what the problem is, just that there is an issue in a particular area, and where to go look. Then it’s up to the company to decide what action to take.

For example, KeenCorp is working with one of the largest engineering and project management companies in the world. That company’s biggest risk concern is safety. They have instruments to measure how machines are performing, but they also have safety teams on every project. It’s the sole responsibility of the safety teams to raise their hands if the safety risk is becoming dangerous. But people don’t like to complain. Maybe they feel that they don’t have enough information. Maybe they know that it could cost money if they’re wrong. People don’t deliver this type of bad news as quickly as they should. KeenCorp software sorted the data by safety teams, and the company was able to see the index spiking on certain teams. The teams were observing things that were making them tense, maybe subconsciously, yet they hadn’t reached the point where they felt they could raise their hands. KeenCorp software was picking up safety risks before the humans were reporting them. Now KeenCorp software is being integrated as an earlier warning system for potential safety risks.

It’s up to general counsel to decide whether they want to encounter KeenCorp software proactively to minimize risks ... or when the outside parties come calling.

Are there any barriers to implementation?

The two biggest issues that companies run into related to implementation are data security and privacy. Implementation itself takes only a day. It can be cloud-based, which is more efficient, or, for companies that are very focused on data security, an on-site installation, either installing the software on the company’s server or a dedicated second server so the data never leaves the premises.

In terms of privacy issues, after the data is anonymized and grouped so you cannot trace it back to individuals and then processed, all the data is wiped clean – it’s not retained by KeenCorp. It disappears each day after running through the software, which takes a matter of seconds. No one could ever come back to KeenCorp later, nor would we have access to any of the company information lat-er. We’ve received a legal opinion from Clifford Chance that it’s fully GDPR compliant, and those European data privacy rules are the most stringent privacy rules that I’m aware of anywhere in the world.

What is the extent of the market for this type of technology?

Until now, KeenCorp has been largely a European, Asian and Australian success story. Now it’s launching in the United States, and I think it will become a U.S. success story.

It’s a great forensic tool as well. Government regulators and enforcement agencies, plaintiffs’ attorneys, auditors and judges are all looking at KeenCorp software as a forensic tool, so this is something that general counsel should expect to encounter. It’s up to them to decide whether they want to encounter it proactively, to minimize risks from these outside parties, or if they’re just going to encounter it when the outside parties come calling.

What else should general counsel expect with regard to this software and risk management?

In the past, if you set up compliance teams and risk management teams and had a whistleblower hotline, maybe that was good enough. I’m not so sure that’s good enough anymore. There’s a new and evolving standard of care when it comes to defining negligence. Just in the past few weeks, the Delaware Supreme Court has become much more focused on a board’s responsibility for oversight. They have said that they will evaluate what types of risk management systems a company has implemented. Just having a risk management system is not good enough any-more – they’re going to look at it and evaluate how good it is.

A partner at Clifford Chance, Joachim Fleury, the Global Head of the Telecommunications, Media and Technology practice, said about KeenCorp, “Increasingly, legal outcomes will be determined by the standard of care exercised by management and directors. KeenCorp is the state-of-the-art standard when it comes to early risk identification.” He added, “You may not have wanted to be the first person to use KeenCorp last year, but you don’t want to be the last person to use it this year.”

There is increased legal risk of not using this software. If you’re a company that not only wants to identify risks so you can manage them but wants to demonstrate that you’re doing all the right things so that you are not found negligent, this is the software to use.

https://keencorp.com

Published .