New “Freeze and Seize’ Task Force set up by the European Commission against listed Russian and Belarussian oligarchs.
Day: March 29, 2022
Compliance and ethics expert Kristy Grant-Hart joins us as she discusses the importance of the compliance function, how it plays into each aspect of ESG, and how CCOs are the most well-suited to take the first step in corporate ESG efforts.
Watch ▶️ Leading Compliance Efforts as CCOs with Kristy Grant-Hart:
Key points discussed in the episode:
✔️ Kristy Grant-Hart talks about the current situation at Spark Consulting, a book she co-authored, The Compliance Entrepreneurs Handbook, and its impact.
✔️ Compliance is a driver for reputation enhancement. People not only vote with their dollars but also their employee time.
✔️ Kristy Grant-Hart says the ability to gather people and put programs into a framework is what CCOs must have to lead ESG efforts. The 7 Elements of Effective Compliance Program can guide CCOs in creating an ESG program and its monitoring and implementation.
✔️ California becomes the first state to pass a gender-diversity-centered initiative. The social element of diversity goes deeper into the working conditions in the supply chain, sustainably-sourced products, and low carbon emissions.
✔️ With ESG, companies can be part of the solution. Bigger names shouldn’t receive the brunt of the blame as businesses of all sizes should be accountable.
✔️ With the UK Modern Slavery Act, ESG has been placed at the forefront, pressuring companies to disclose the truth in what transpires in their supply chains.
✔️ Having a strong law background, Kristy Grant-Hart and Thomas Fox exchange ideas on the significance of lawyers in ESG endeavors. Learning the new jargon and talking to experts can help ease the hesitation to delve into this playing field.
✔️ CCOs are encouraged to be the frontrunners in compliance as they hold the authority to create a significant impact on a corporate scale. The ability to be relevant is a great opportunity in compliance.
Kristy Grant-Hart is a compliance and data privacy thought leader specializing in transforming compliance departments into in-demand business assets. She’s been featured in the Wall Street Journal, Financial Times, Compliance Week, Compliance and Ethics Professional Magazine, and many others. She was named a Trust Across America 2019 Top Thought Leader in Trust.
She is the CEO of Spark Compliance Consulting, a London, Los Angeles, New York, and Chicago-based consultancy providing pragmatic, pro-business, proportionate compliance ethics solutions. She is the creator of Compliance Competitor, an facilitated online training game built on business simulation software.
She’s the author of the best-selling book, “How to Be a Wildly Effective Compliance Officer.”
LinkedIn: https://www.linkedin.com/in/kristygranthart/
—————————————————————————-
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.
Mac Bartine is the CEO of SmartRIA, a market-leading compliance software platform. Tom Fox welcomes him to this week’s show to talk about his company’s services and contributions to the compliance sector, what SmartRIA offers clients in terms of cybersecurity, and the future of technology solutions.
The Minimum Viable Product
The Minimum Viable Product (MVP) is the first part of the startup process for platforms. It is recognizing the problems within your platforms and also believing that you can solve them. Mac explains to Tom that the problem SmartRIA solution identified in terms of the MVP is the compliance obligations. So many individuals are not experienced in managing compliance in their given industries, and so need a source of structure that understands where they are. SmartRIA offers them that, as well as the tools and frameworks needed.
Vendor Due Diligence & Data Governance
Vendor due diligence and vendor management are key to managing cybersecurity risk. “You have to understand who you’re working with and what precautions they’re taking as a business to protect you from cyber risk,” Mac tells Tom. Having access to the proper documentation that reflects this is also important. SmartRIA has a plethora of different policies and procedures to protect clients’ data and takes the lists of vendors their clients have and itemizes each risk. Data governance falls under the same bracket as due diligence, that is, who has access to the vendors and what devices they use to access the data from those vendors.
SmartRIA as an SEC Solution
The solutions that you use for compliance obligations have to be done in a way that documents everything as it happens. “If it isn’t documented, it didn’t happen,” Mac says. Internal auditors aren’t in the position of giving the benefit of the doubt because they have no evidence of due diligence. SmartRIA has the tools to help its clients through this by way of PDF files, workflows, and documents.
To The Future
Tom asks Mac what the future will be like for technology solutions. Regulations in every industry are going to increase. “Across every industry, there is an increasing need for cybersecurity-related evidence, and tracking of what’s happening in that space,” Mac says. Data governance and vendor due diligence are big parts of that, but compliance management is going to also become more important.
Resources
Mac Bartine | LinkedIn | Twitter
SmartRIA
In today’s edition of Daily Compliance News:
- Disney employees apparently speak for company. (NYT)
- Corruption once again hamstringing Russian army. (Jerusalem Post)
- Trump more likely than not guilty of felony. (WSJ)
- Barclay’s in regulatory hot water again. (Reuters)