Rodrigo Cunha is Global Director, Legal, Ethics Compliance and Data Protection for AB InBev. There he focuses on digital ethics.
As he explains in this podcast, when it comes to data, traditional risk management, focused on making sure that what the company is doing is compliant, is only the first step an organization needs to take. They also need to incorporate risk management in the design of the program. In addition they have to focus on reputation and trust. Without a good reputation for protecting data and the trust that comes with it, a company will have an exceedingly difficult time doing business.
Digital ethics, he believes, is a business enabler. Organizations need to look beyond the compliance requirements, especially now with requirements increasing and varying so much by jurisdictions.
Instead, it is better to think about expectations of the government, consumers and other stakeholders as a guide.
At AB InBev that assessment led to the development of five principles that they stand for wherever they operate:
- Collect only the data we need
- Use the data only in a matter that we say we would
- Protect the data we have
- Keep only what we need
- Be accountable
Further thought led to the development of a sixth principle: We use data how people expect we would.
Putting these principles into practice involves a deep partnership with the business units. It includes effective training but also modifying the three lines of defense model to make sure the business unit is better able to meet the challenge. That includes the compliance team working closely with them to respond effectively whenever issues arise.
Listen in to learn more how to better embed data ethics into your organization, and hear what Rodrigo sees for the future, including a potentially dramatic shift in consumer behavior.