Building a Regulatory Response Program for a Technology Conglomerate

3 min

Faced with a multi-decade assessment, a technology company called on Venable Blue to manage the response and implement changes that would avert future compliance orders.

When a technology conglomerate was required by the FTC to submit to a third-party assessment, Venable Blue was called in to manage the immediate assessor inquiries and operationalize accurate and timely response mechanisms. Diving deep into the client’s tech products and processes, the team developed best practices for responding to assessor inquiries, identified potential assessor concerns, determined proactive solutions to these concerns, and worked with the client to take mitigation steps. In assisting with the client’s assessor responses and product solution life cycles, Venable Blue worked to both reduce the risk of ineffective assessor management and improve the client’s ability to react to, or fully avert, future compliance orders.

The Issue – Data Breach Leads to FTC Sanctions

Following a large data privacy incident, a technology conglomerate was sanctioned by the Federal Trade Commission (FTC) with a multi-year assessment. In need of experienced professionals to operationalize and guide the assessment program, as well as implement any needed changes to products and policies, the client turned to Venable Blue for the team’s experience working with assessors.

Venable Blue Response

Given the client’s dual needs of managing immediate assessor requests and developing internal capacity for future regulatory inquiries, the Venable Blue team moved quickly to address time-sensitive questions and ensure all service-level agreements were met. Responding to queries on population and sample requests, as well as driving efforts around data validation and quality assurance, the team promptly reacted to assessor inquiries.

Through embedding itself in the client’s product teams, Venable Blue learned the intricacies of how each product worked—an in-depth approach that allowed the team to take the perspective of the assessor, identify any gaps, and proactively drive product changes. Venable Blue worked with client teams to develop holistic solutions, being mindful of reputational risk, end-user impact, alignment with industry standards, and reduction of undue burden on internal teams. As solutions were determined, Venable Blue used its project management approach to ensure their effective delivery.

The Outcome

In order to equip the client for future assessors, the Venable Blue team developed safeguards, runbooks, and playbooks (detailed processes and documentation) that mitigated the risk of future FTC orders and outlined how the client could independently engage with assessors in the future. Through our approach of proactively developing solutions and promptly implementing a comprehensive process for managing current and future assessor requests, the client saved its engineers and other internal team members time, while avoiding escalations and further sanctions.

How We Can Help You

When you have reached a settlement agreement with Congress, a federal agency, or other regulator and need a third-party assessment to meet compliance, Venable Blue can help. From creating a regulatory response program to verifying the accuracy of reports to stakeholders, we can serve as a bridge between the assessor, the regulator, and your company, helping to make sure everything runs smoothly from start to finish. Learn more here.