The UK’s OFSI updates its sanctions guidance for non-profits and NGOs in light of the Taliban takeover. Stop by the Kitchen to get the scoop.
Day: November 9, 2021
Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning (ML) in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 2, I am joined by Andrew Robinson to discuss utilizing ML and AI into your GRC practice.
We began with the very basic proposition that many compliance professionals and others are scared by AI in the GRC space. Robinson believes it is based on the fear of the unknown, both to many inside and outside of GRC. Yet, increasingly GRC professionals see how AI and ML can be used within reg tech, technology companies, as well as in the compliance space to move forward through taking advantage of natural language processing. Robinson explained this is a component of ML that can help understand text. There is a lot of text in the world of compliance. When you can then overlay an AI component on all the standards, laws, and regulations any multi-national organization must follow, you begin to see the power of such a tool.
We next turned to dealing with compliance across multiple jurisdictions. For GRC professionals working internationally, Robinson said they must “maintain mappings or what you commonly call in the US ‘crosswalks of compliance’ frameworks.” He went on to explain these frameworks are “useful because it can allow a consultant to help a client understand how they might stack up against a particular standard. Robinson provided the example that if an organization is already complying with ISO 27,001, through these mappings, it might be able to give them an idea about what that level of compliance they have through the lens of a different framework or standard that may be relevant like the NIST cybersecurity framework.”
Yet the 6clicks approach is much more than a regulatory approach. It is a business centered approach which provides discreet business advantages. Indeed, this is one of the reasons I find the 6clicks approach so exciting as it creates a business advantage by performing quality GRC. These tools increase efficiency and profitability. Robinson went further noting, that “we come out with a public estimate of 10 times saving in using machine learning to assist with building up GRC mapping.” That is some serious productivity savings and increase.
However, this productivity increase and potential cost saving does not remove the human element. This final concept is critical in moving forward. Robinson said, “I’m of the view that humans have a very important role to play. This role is supervising the machine learning models to make sure that what they are producing and the results that they are coming out with are accurate and reliable.” If they are using spreadsheets and word documents; they should, come to terms with the fact that companies and clients no longer want spreadsheets and word documents as a deliverable. GRC professionals and consultants need to need to start using similar tools and improving the way that they service their clients. Clients, both in-house and external, are starting to demand and look for this approach. Robinson noted, “the reality is that if you are doing anything else it will be seen as subpar, and no one wants to be delivering sort of subpar products. I look for a solution that can meet your customer expectations and help you deliver your services long into the future.”
We concluded by looking at GRC tools with ML and AI at a strategic level, at the senior executive level and even at the Board of Director level. Robinson feels that management at this level “understands the benefits because they understand the problem.” Their goals are to simplify compliance while understanding risk exposure. From this point, management can move to create a risk-based solution. Robinson believes, these are the types of “business problems that executives are dealing with on a daily basis. Having awareness of the machine learning model can help them navigate that complexity.” From where I sit, when you can take a tool that improves business process efficiency and use it to increase profitability through more effectual risk management it is a win for everyone.
Join us tomorrow where we take up the topic of curating and maintaining robust GRC content. With 6clicks Head of Marketing, Stephen Walter.
For more information on 6clicks, check out their website here.
In this special podcast series sponsored by Convercent by One Trust, we celebrate Corporation Compliance and Ethics Week 2021. Over this podcast series, I will visit with Convercent by One Trust employees on why they are so passionate about driving ethics to the heart of business. In this second episode, I visit with Jennifer Jaffe, Chief Product Officer at Convercent by One Trust. Her passion is around developing software solutions to help clients solve thorny issues and ethical product development. Join the Convercent Converge community. It is the single best resource for information on all things ethics and compliance related. There are discussion threads, Q & A on specific topics and resources available to the compliance professional. Best of all, it is all free. Check out the Convercent Converge community by clicking here.
The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Wendy Badger, CCO at Tennant Company.
Wendy further elaborated on her non-traditional career path, where she found sometimes you must change your career ladder to advance your career. From the trade association, she went in-house with an accounts receivable management organization. She was the first and only lawyer on staff. The work provided both challenges and opportunities in the role. From there she decided to move into private practice, found out how it was different from in-house roles and ultimately decided to move back in-house.
Resources
Wendy Badger LinkedIn Profile
Panic in Shubert Alley
Have you ever experienced having to run around to try and find a valuable item lost in a heavily crowded place? In the tale of Panic in Shubert Alley, the narrator tells of the exasperation and outright fear as he runs around New York City’s Times Square theater district looking for his forgetful mother’s purse!
Join the fun and tune in to this new episode of F*CKING ARGENTINA with Gregg Greenberg and Tom Fox. ▶️
#PanicInShubertAlley
ABOUT THE BOOK
F*cking Argentina and 10 More Tales of Exasperation by Gregg Greenberg is a compilation of short stories that dive into the American phenomenon of being in a near-perpetual state of aggravation. Greenberg’s anthology brings together eleven original pieces of work, each with their own slice of independent and distinct plot lines but all converging on the universal theme of exasperation. They run the whole gamut of scenarios, from the titular story “F*cking Argentina” wherein the country is once again in bankruptcy and a polite game of tug o’ war plays out on a porch, to “A Journeyman Tennis Player’s Prayer” with a low ranking U.S. Open contender begging God for a comparable opponent. Both stories end with the superlative f-word, which showcases at some point in other stories, and a guaranteed chuckle from their readers. Buy the book here: http://fckingargentina.com/.
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.
Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the Compliance Podcast Network. In this episode Ronnie and Tom continue our five-part series on creative ideas you can use during the 2021 Corporate Compliance and Ethics Week.
In this Part 2, we discuss using talk shows to communicate about compliance. In this episode we consider how you can create a compliance and integrity themed Talk Show to help foster greater communications with your employee base. Tom and Ronnie both agree that Corporate Compliance and Ethics Week initiatives must be followed up throughout the year.
Some of the ideas include:
- A talk show hosted interview Ethics Officer and Leadership.
- A Letterman type talk show complete with Top-10 lists and desk bits.
- Using Improv Performance to emphasize your Core Values around integrity, compliance and ethics and corporate culture.
- You can do a show live or recorded but remember to avoid talking head.
- Finally it can be dialogues or monologues.
Resources:
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.
Jordan Domash is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. Jordan is the General Manager at Relativity, a company that makes software to help users organize their data. The platform is used by more than 180,000 people around the world to identify key issues. Jordan has been leading Relativity’s communications surveillance product for the past few years and has been in charge of the sale and development of the platform. He joins Tom in the first part of this two-part episode to talk about his role at Relativity, data cleansing, and how the Relativity Trace platform helps its customers.
The Importance of Data Cleansing
With the move to remote work, individuals have come to rely on different sources such as Slack and Microsoft Teams to communicate with one another. Jordan tells Tom that this has led to an explosion in the amount of data that needs to be actively monitored, and that there is a larger need for data cleansing. He shares how Relativity is tackling this issue. “We’ve spent a lot of energy on the past couple of years answering the problem of how can we sift through all that content, focus specifically on what’s risky, and what’s relevant to a compliance team with as little review as possible, and really focus on being efficient with our time and actually detecting risks that are important,” Jordan remarks.
Prevent Misconduct with Relativity Trace
Compliance regulators are very concerned with how companies are preventing misconduct before it occurs. Tom asks Jordan to explain how Relativity Trace can help businesses with this problem. “By having a really effective program, you are setting the expectation that this behavior is not being tolerated at your organization,” Jordan begins. Relativity gives organizations the tools necessary to take action as soon as an incident occurs instead of waiting months, or until there’s a formal investigation. Trace is implemented in a way that’s aligned to the specific organization using it. It starts with a code of conduct, and understanding the risks that are specific to that business. Trace gives compliance teams the ability to enforce that code of conduct, make sure that the risks to the organization are being monitored, and that any violations are being detected quickly.
Artificial Intelligence to Prevent Misconduct
Artificial Intelligence is used in three ways by Relativity Trace: to remove irrelevant content and junk, to pinpoint risk and misconduct and to add context to alerts that have been generated. Relativity has technology that removes spam, industry search reports and content that isn’t generated by a person. It strips out all non-human generated text from the monitoring process so that compliance individuals can only focus on the content that is potentially risky. “We bring the three or four or five most relevant communications to that alert to the forefront so the compliance officer can really focus on what the system is saying is the most relevant,” Jordan tells Tom.
The Risk of Unstructured Data
Unstructured data is the majority of data that lives in a company that has no hierarchy associated with it. Unstructured data comes in many forms and poses a problem for professionals because it makes it hard to search across an entire system. This type of data requires a different set of technology. A lot of suspicious items may be hiding in unstructured data, and this poses a challenge to compliance officers. It will be hard for them to search for information on specific individuals if the majority of that information is hiding in the unstructured data. Organizations should be conscious of where unstructured data lives, and should have processes that can look for hidden risks and remediate them.
Resources
Jordan Domash | LinkedIn
Relativity
I recently had the chance to visit with Andrew Robinson to discuss utilizing ML and AI into your GRC practice for a sponsored podcast. Robinson is the co-founder and Chief Information Security Officer at 6clicks. You can check out Robinson’s podcast episode here.
We began with the very basic proposition that many compliance professionals and others are scared by AI in the GRC space. Robinson believes it is based on the fear of the unknown, both to many inside and outside of GRC. Yet, increasingly GRC professionals see how AI and ML can be used within reg tech, technology companies, as well as in the compliance space to move forward through taking advantage of natural language processing. Robinson explained this is a component of ML that can help understand text. There is a lot of text in the world of compliance. When you can then overlay an AI component on all the standards, laws, and regulations any multi-national organization must follow, you begin to see the power of such a tool.
We next turned to dealing with compliance across multiple jurisdictions. For GRC professionals working internationally, Robinson said they must “maintain mappings or what you commonly call in the US ‘crosswalks of compliance’ frameworks.” He went on to explain these frameworks are “useful because it can allow a consultant to help a client understand how they might stack up against a particular standard. Robinson provided the example that if an organization is already complying with ISO 27,001, through these mappings, it might be able to give them an idea about what that level of compliance they have through the lens of a different framework or standard that may be relevant like the NIST cybersecurity framework.”
Yet the 6clicks approach is much more than a regulatory approach. It is a business centered approach which provides discreet business advantages. Indeed, this is one of the reasons I find the 6clicks approach so exciting as it creates a business advantage by performing quality GRC. These tools increase efficiency and profitability. Robinson went further noting, that “we come out with a public estimate of 10 times saving in using machine learning to assist with building up GRC mapping.” That is some serious productivity savings and increase.
However, this productivity increase and potential cost saving does not remove the human element. This final concept is critical in moving forward. Robinson said, “I’m of the view that humans have a very important role to play. This role is supervising the machine learning models to make sure that what they are producing and the results that they are coming out with are accurate and reliable.” If they are using spreadsheets and word documents; they should, come to terms with the fact that companies and clients no longer want spreadsheets and word documents as a deliverable. GRC professionals and consultants need to need to start using similar tools and improving the way that they service their clients. Clients, both in-house and external, are starting to demand and look for this approach. Robinson noted, “the reality is that if you are doing anything else it will be seen as subpar, and no one wants to be delivering sort of subpar products. I look for a solution that can meet your customer expectations and help you deliver your services long into the future.”
We concluded by looking at GRC tools with ML and AI at a strategic level, at the senior executive level and even at the Board of Director level. Robinson feels that management at this level “understands the benefits because they understand the problem.” Their goals are to simplify compliance while understanding risk exposure. From this point, management can move to create a risk-based solution. Robinson believes, these are the types of “business problems that executives are dealing with on a daily basis. Having awareness of the machine learning model can help them navigate that complexity.” From where I sit, when you can take a tool that improves business process efficiency and use it to increase profitability through more effectual risk management it is a win for everyone.
For more information on 6clicks, check out their website here.