Corporations across every industry continue to increase focus on compliance, as evidenced by the growing number of Chief compliance officers (CCO) within large enterprise. As the architects of their company\u2019s compliance strategy, structure and processes these professionals must understand complex regulations and laws and simplify them down to required behaviors in a policy document. CCO responsibilities include education, monitoring and detection programs. The CCO serves as the primary contact to the regulators, and works closely with the GC during investigations and audits.\nDespite an unrelenting flurry of compliance and policy regulations, according to a 2015 Compliance Week survey \u201c59% of CCOs are only somewhat confident, or not confident at all,\u201d that the IT systems the compliance department uses can fulfill the CCO\u2019s reporting and responsibilities.\u201d How is this key C-Suite role evolving, and what do they need to succeed as digital investigators?\nWatchdog Role\nThe government increasingly sees the CCO as a \u201cwatchdog.\u201d Evangelizing a culture of accountability and compliance is also central to the role. Whistleblowers must feel safe to come forward to report any unethical or other misconduct.\nAfter a record-setting corporate integrity agreement and $2.3 billion settlement with a pharmaceutical giant, federal authorities commented that \u201c[t]he lawyers tell you whether you can do something, and compliance tells you whether you should. We think upper management should hear both arguments.\u201d\nLast year, a drug company raised the price of a toxoplasmosis drug by 5000 percent, with major reputation hits quickly following. Another pharma company increased a cardiac drug price by 525 percent after acquiring it. Both were within the letter of the law, with moves no doubt designed to increase shareholder value. Yet they both sparked huge ethical debates, with the cardiac drug company experiencing a 91 percent drop in share price. How strong was the CCO\u2019s voice in these companies?\u00a0 The rising importance of the ethical and culture-building role is evident in the growing use of the chief compliance and ethics officer (CECO) title, putting more emphasis on the ethical bullhorn of the role.\u00a0\nWho do CCOs Report to?\u00a0\nCCOs or CECOs reporting structures vary greatly. In some companies the compliance responsibilities reside in a General Counsel-Chief Compliance Officer dual role, reporting to the CEO. PWC reports that 62 percent of pharmaceutical companies have a separate compliance role, frequently reporting to the CEO. In some organizations the CCO reports to the Board, CFO or legal. In 2016 Bloomberg reported that a major U.S. bank shifted its compliance group from legal to risk management under pressure from regulators. The concern was the legal group was trying to minimize rules application. Other major banks\u00a0similarly took the CCO role out from under the direction of the GC following government settlements.\u00a0\nWhy CCOs\u2019 Role in Digital Investigations Matters\u00a0\nRegardless of who the CCO reports to or how much they evolve to be the ethics voice inside corporations, there is no doubt that this role will need to be champions in using technology to monitor digital data for misbehavior and regulatory compliance. CCOs must quickly gather highly accurate, forensically sound information on possible violations, assess what happened, who is responsible and determine what disclosure and remediation actions are needed.\u00a0 Financial Industry Regulatory Authority (FINRA)\u00a0has stepped up focus on a culture of compliance in recent years. \u201cThe challenge of how you deal with good people making bad decisions \u2026 is more and more important than it\u2019s ever been before,\u201d commented FINRA\u2019s CEO\u00a0in May 2016. He added that there is a direct line \u201cbetween culture and the probability or severity of an enforcement action.\u201d In the last few years,\u00a0CCOs have been held personally liable for compliance violations, making them even more motivated to excel at digital investigations to root out bad behavior. In June 2016, the\u00a0SEC fined a CCO\u00a0of a financial advisory firm $25,000 and the company $150,000 for failing to implement polices to prevent misappropriation of client assets, failing to conduct an annual review and filing misstatements.\u00a0 Chief compliance officers may lead audits to identify all protected health information (PHI) across the organization, and collaborate with IT and governance to secure it and limit access to a \u201cneed to know basis\u201d to comply with the Health Information Portability & Accountability Act (HIPAA). The government has been much\u00a0more aggressive in enforcing HIPAA regulations,\u00a0fining one healthcare provider $5.55M for lapses. CCOs in healthcare and their service partners are bolstering their digital investigative capabilities to monitor PHI safeguards and employee activities to avoid hefty fines.\u00a0 Global company CCOs must ensure their enterprise is ready to comply with the EU General Data Protection Regulations\u00a0(GDPR) by 2018. Security measures and protocols must be in place to protect European citizens\u2019 data stored on U.S. servers. The regulation applies to data gathered online on customers, users and even to the companies\u2019 EU HR data. With non-compliance fines up to 4 percent of annual global revenue or \u20ac20 Million, whichever is greater, CCOs will want to be confident in the technology they have to monitor and audit GDPR compliance.\u00a0\nAn Equal Employment Opportunity Commission (EEOC) action settlement can involve a full-scale audit of all management activity related to hiring practices, and updates to policies. Fraud investigations require finding and analyzing the content of tens of thousands of emails.\nForeign Corrupt Practices Act regulator actions are increasing. Monitoring and collecting data from mobile laptops, phones, tablets and other devices used by global employees conducting business around the world is becoming table stakes. Not having forensic mobile technology in your arsenal could mean missing out on favorable outcomes under the Department of Justice pilot disclosure program.\nConclusion\nEvolving chief compliance officers looking for fast and efficient digital investigations can benefit from a\u00a0blended suite of forensic and e-discovery technology\u00a0that is changing how compliance monitors and analyzes misconduct in large companies. Whether stopping bad actors or sloppy employee practices somewhere in your organization, having the right tool in place to ensure sound digital investigations is key to compliance success.