Connecting the Dots between Compliance and Data for Surplus Assets and Inventory

By Jill M. Williamson, Compliance Officer, Liquidity Services

Jill M. Williamson, Compliance Officer, Liquidity Services

Companies are looking to maximize value across their global supply chain, and that includes the reverse supply chain where idle and surplus assets and inventory often take up valuable staff time, storage, and can negatively impact the bottom line. As organizations realize the potential treasure trove in this historically underserved area of their business, they are applying best practices, such as working with trusted partners who provide services for surplus asset management and disposition as their core business. Key factors for partnership should include access to buyers and marketing experience to target buyers, trusted online marketplaces that reach greater numbers of bidders and provide transparency, and metrics and reporting to support a more robust surplus program. One thing that companies may not be looking for as they head out to search for a partner is compliance capabilities.

In the information age, data is everything. The Corporate Executive Board (CEB) identified third party risk as a high priority and of the top possible risk factors; data privacy is one of the most significant. Organizations need to understand who owns data and the regulations surrounding it in order to successfully innovate across their supply chain, and then consider compliance as a primary factor for partnership in the reverse supply chain.

Data—Who Owns It and Why It Matters

In this era of Big Data, there are more and more ways to collect and use data. Information about individuals—such as their internet activity, shopping habits, and demographic information including location, family size, profession and income—can be used to target marketing activities, establish competitive prices, develop new products, and make other strategic business decisions.

This data becomes an important asset to a company; however, there is a catch. Personal data is often considered the property of the individual and in all cases, the collection and use of personal data is highly regulated.

When it comes to Big Data and the possession of personal data, it is important to understand the notice and consent that was obtained with collection and what is allowed by the relevant laws that apply when it comes to use of data. CIOs and CCOs need to work closely together to assess the types of data possessed, how it is intended to be used, what consents are required for that use, and ultimately, design a strategy and process to achieve its goals.

Regulation of Data

The proliferation of regulation around data is an upward trend around the world, and shows no sign of slowing. The laws on data privacy vary from country to country and from state to state. For instance, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada sets out protections for personal information, stating that companies can “collect, use or disclose your personal information by fair and lawful means, with your consent, and only for purposes that are stated and reasonable.” At the same time, the laws passed often address yesterday’s ideas. Managing the tension between the fast pace of imagination for how data can be utilized and the slow pace of regulators to react to changes—is a challenge for companies and governments alike. In fact, the European Union (EU) is circulating a draft of a new Privacy Directive that places more focus on use of the internet and the cloud, innovations that have been widely used for years, and contains stricter penalties for violations.

“Organizations need to understand who owns data and the regulations surrounding it in order to successfully innovate across their supply chain, and then consider compliance as a primary factor”

These changing regulations point to a blind spot when it comes to surplus asset management and sales. Compliance teams at companies are often focused on compliance specifically for their industry and the changes in laws for data privacy in areas, such as the reverse supply chain, are not accounted for in their larger planning and goal setting. The impetus then falls on the vendor managing surplus assets and inventory to provide clients with guidance, and to red flag any potential issues around data privacy. However, if the vendor does not have the expertise or resources, then compliance issues can surface. Choosing a provider with a compliance officer who can counsel clients on these matters is paramount to ensure adherence with the relevant laws.

Conclusion

Big Data has changed the way companies do business, and elevated the role of the CIO. However, dealing with this valuable asset is highly complicated and becoming more so every day. Compliance is at the forefront of executive management for leading companies, and many companies have invested significant resources to manage this issue for their respective industry. In order to achieve strategic goals across the organization, companies have to also account for the potential risk factors—including data privacy—across their total supply chain. The reverse supply chain holds value for companies who leverage the expertise of a trusted vendor to increase recovery value and benefit from sustainability, but it can also present issues if companies are not mindful about compliance in this area. How a company’s reverse supply chain partner collects and uses data can create liability. By partnering with a provider that has compliance resources to support the company through planning for its surplus, organizations can better leverage its data while enhancing value and truly innovating their reverse supply chain.