SSRN Home Search and Download Papers Browse Abstract and Paper Submission Subscribe to Networks View Briefcase Top Papers Top Authors Top Institutions

 

Abstract

  
 

Footnotes (192)

Beta

 		 


 



Technologies of Compliance: Risk and Regulation in a Digital Age

Kenneth A. Bamberger
University of California, Berkeley - School of Law


Texas Law Review, Forthcoming
UC Berkeley Public Law Research Paper No. 1463727

Abstract:     
Legal scholarship has been silent about a phenomenon with profound implications for governance: the automation of compliance with laws mandating risk management. Regulations - from bank capitalization rules, to Sarbanes-Oxley’s provisions on financial fraud and misrepresentation, to laws governing information privacy protection - frequently require regulated firms to develop internal processes to identify, assess, and mitigate risk. To comply, firms have turned wholesale to technology systems and computational analytics that measure and predict corporate risk levels, and 'force' decisions accordingly. In total, the third-party market for compliance-technology products, known generally as “governance, risk and compliance” (GRC) software, systems and services, alone grew to $60 billion last year, and this growth is poised to increase exponentially.

While these technology systems offer powerful compliance tools, they also generate risks of their own. They permit computer programmers to interpret legal requirements; they mask the uncertainty of the very hazards with which policymakers are concerned; they skew decisionmaking through an 'automation bias' that privileges personal self-interest over sound judgment; and their lack of transparency thwarts oversight and accountability. These phenomena played a critical role in the recent financial crisis.

This Article explores these developments and the failure of risk regulation to address them, and proposes specific reform measures for policymakers revisiting the governance of systemic risk. While regulators have lauded the turn to technology, they have ignored its perils. This Article argues for more activist regulator oversight backed by sanctions before disaster has occurred. But it also emphasizes collaboration in developing risk-management systems, drawing both on the granular expertise of firms and the broader vantage of administrative agencies. Most importantly, it seeks better to reflect the human decisionmaking element at both levels: to recognize the ways in which technology can hinder good judgment, to reintroduce human inputs in the decision process, and to reflect the limits of both human and computer reasoning.

Keywords: Technology, Compliance, Automation, Administrative Agencies, Regulation, New Governance, Risk Management, Accountability, Judgment, Automation Bias, Organizational Decisionmaking, Financial Services Regulation

JEL Classifications: G28, G38, K22, K23, K42, M14, O33

Accepted Paper Series

Date posted: August 29, 2009 ; Last revised: September 05, 2009

Suggested Citation

Bamberger, Kenneth A., Technologies of Compliance: Risk and Regulation in a Digital Age. Texas Law Review, Forthcoming; UC Berkeley Public Law Research Paper No. 1463727. Available at SSRN: http://ssrn.com/abstract=1463727


Export to: Export Citation What's this?

Contact Information

Kenneth A. Bamberger (Contact Author)
University of California, Berkeley - School of Law ( email )
Boalt Hall
Berkeley, CA 94720-7200
United States
(510) 643-6218 (Phone)
HOME PAGE: http://www.law.berkeley.edu/faculty/profiles/facultyProfile.php?facID=5701
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 580
Downloads: 191
Download Rank: 47,092
Footnotes: 192
People who downloaded
this paper also downloaded:
1. Information for Submitting Articles to Law Reviews & Journals
By Allen Rostron and Nancy Levit

© 2010 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright
This page was served by apollo5b in 0.297 seconds.